Hallo Juergen,
vielen Dank fuer deine schnelle Antwort.
Hier die logs
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Lennart J (administrator) on LENNART on 16-09-2014 01:53:59
Running from C:\Users\Lennart J\Desktop
Platform: Windows 8.1 (X64) OS Language: Japanisch (Japan)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Connectify) C:\Program Files (x86)\Connectify\DispatchUI.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_6.3.9600.20278_x64__8wekyb3d8bbwe\numbers.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Program Files (x86)\GMATPrep2012\GMATPrep.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\IME\SHARED\ImeBroker.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [Connectify Dispatch] => C:\Program Files (x86)\Connectify\DispatchUI.exe [1685280 2013-12-24] (Connectify)
HKLM\...\Run: [Connectify Hotspot] => C:\Program Files (x86)\Connectify\Connectify.exe [3755296 2013-12-24] (Connectify)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [kssetup] => [X]
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2013-02-05] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [13936 2013-08-27] (ASUS)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
HKU\S-1-5-21-25646073-1747131351-1955705847-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-25646073-1747131351-1955705847-1002\...\Run: [GoogleChromeAutoLaunch_DCB3BC9A426922C0A83CB8FE94746CF2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-04] (Google Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-10] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-12-10] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: !AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: !AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Lennart J\AppData\Roaming\Mozilla\Firefox\Profiles\op7qkd32.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/ig
CHR StartupUrls: Default -> "hxxp://www.google.de/ig"
CHR DefaultSearchKeyword: Default -> google.co.jp
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Lennart J\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Lennart J\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-18]
CHR Extension: (Google Drive) - C:\Users\Lennart J\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-18]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Lennart J\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-09]
CHR Extension: (YouTube) - C:\Users\Lennart J\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-18]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Lennart J\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-09]
CHR Extension: (Google-Suche) - C:\Users\Lennart J\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-18]
CHR Extension: (Nyan Cat - Lost In Space) - C:\Users\Lennart J\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjcljdnphebefedbabblhmcoldpoofjg [2014-01-18]
CHR Extension: (AdBlock) - C:\Users\Lennart J\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-07]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Lennart J\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-01-18]
CHR Extension: (Stealthy) - C:\Users\Lennart J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2014-01-18]
CHR Extension: (Start Text Free Browsing) - C:\Users\Lennart J\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioglfbphilinnhdmfbmfljmhemegfcdg [2014-01-18]
CHR Extension: (Vine Video Download) - C:\Users\Lennart J\AppData\Local\Google\Chrome\User Data\Default\Extensions\jebahcljabjndemkadpdnablhinojkil [2014-01-18]
CHR Extension: (rikaikun) - C:\Users\Lennart J\AppData\Local\Google\Chrome\User Data\Default\Extensions\jipdnfibhldikgcjhfnomkfpcebammhp [2014-09-09]
CHR Extension: (Little Alchemy) - C:\Users\Lennart J\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2014-01-18]
CHR Extension: (Google Wallet) - C:\Users\Lennart J\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-18]
CHR Extension: (Google Mail) - C:\Users\Lennart J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-18]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1021520 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [487936 2013-12-24] (Connectify) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-06-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-06-23] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-03-25] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70416 2013-09-23] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-05] (Microsoft Corporation)
R1 cnnctfy3; C:\Windows\system32\DRIVERS\cnnctfy3.sys [35352 2014-01-28] (Connectify)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-16] (Malwarebytes Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows (R) Win 7 DDK provider)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-16 01:53 - 2014-09-16 01:54 - 00022304 _____ () C:\Users\Lennart J\Desktop\FRST.txt
2014-09-16 01:53 - 2014-09-16 01:54 - 00000000 ____D () C:\FRST
2014-09-16 01:53 - 2014-09-16 01:53 - 02105856 _____ (Farbar) C:\Users\Lennart J\Desktop\FRST64.exe
2014-09-15 03:10 - 2014-09-15 03:10 - 13087456 _____ (Microsoft Corporation) C:\Users\Lennart J\Desktop\Silverlight_x64.exe
2014-09-15 03:10 - 2014-09-15 03:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-15 03:10 - 2014-09-15 03:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-15 03:10 - 2014-09-15 03:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-13 22:59 - 2014-09-13 23:00 - 00000000 ____D () C:\Users\Lennart J\Desktop\TODAI
2014-09-13 21:11 - 2014-09-13 21:12 - 00000000 ____D () C:\Program Files (x86)\GMATPrep2012
2014-09-13 21:11 - 2014-09-13 21:11 - 00000000 ____D () C:\Users\Lennart J\AppData\Roaming\GMATPrep
2014-09-13 21:11 - 2014-09-13 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMATPrep
2014-09-13 21:11 - 2013-10-22 01:55 - 00071280 _____ (Nalpeiron Ltd.) C:\WINDOWS\SysWOW64\nlssrv32.exe
2014-09-13 21:09 - 2014-09-13 21:10 - 54662896 _____ (Graduate Management Admission Council (GMAC)) C:\Users\Lennart J\Desktop\GMATPrep-2.2.317-Windows.exe
2014-09-10 00:08 - 2014-09-10 00:08 - 00002751 _____ () C:\Users\Lennart J\AppData\Local\recently-used.xbel
2014-09-09 20:22 - 2014-09-09 20:22 - 00000000 ____D () C:\Users\Lennart J\AppData\Roaming\OpenOffice
2014-09-09 20:18 - 2014-09-09 20:18 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-09-09 20:18 - 2014-09-09 20:18 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-09 20:18 - 2014-09-09 20:18 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-09-09 20:08 - 2014-09-09 20:08 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-09-09 20:07 - 2014-09-09 20:07 - 00000000 ____D () C:\ProgramData\HP
2014-09-09 20:07 - 2010-10-13 12:02 - 00176640 _____ (Hewlett-Packard Corporation) C:\WINDOWS\system32\hpcpn103.dll
2014-09-09 20:07 - 2010-10-13 11:57 - 00305664 _____ (Hewlett Packard Corporation) C:\WINDOWS\SysWOW64\hpcc3103.dll
2014-09-09 20:07 - 2010-09-19 15:51 - 00193592 _____ (Hewlett-Packard) C:\WINDOWS\system32\hppdcompio.dll
2014-09-09 20:07 - 2010-09-19 15:51 - 00167480 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\hppccompio.dll
2014-09-09 20:07 - 2010-02-11 10:19 - 00491008 _____ (HP) C:\WINDOWS\SysWOW64\hpcdmc32.dll
2014-09-09 08:27 - 2014-09-09 08:28 - 00000000 ___HD () C:\Users\Lennart J\Desktop\C
2014-09-09 03:34 - 2014-09-09 03:34 - 00000644 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-09-09 03:34 - 2014-09-09 03:34 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-09-09 03:31 - 2014-09-09 03:32 - 05965584 _____ (Wargaming.net ) C:\Users\Lennart J\Desktop\WoT_internet_install_eu.exe
2014-09-09 00:30 - 2014-09-09 00:32 - 263415282 _____ () C:\Users\Lennart J\Desktop\Us_-_Everywhere-2014-09-08.zip
2014-09-07 22:58 - 2014-09-07 22:58 - 00002118 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\PDFill PDF Editor.lnk
2014-09-07 22:58 - 2014-09-07 22:58 - 00002112 _____ () C:\Users\Public\Desktop\PDFill PDF Editor.lnk
2014-09-07 22:58 - 2014-09-07 22:58 - 00001110 _____ () C:\Users\Public\Desktop\PDFill PDF Tools (Free).lnk
2014-09-07 22:58 - 2014-09-07 22:58 - 00001080 _____ () C:\Users\Public\Desktop\PDFill PDF Writer (Free).lnk
2014-09-07 22:57 - 2014-09-07 22:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill
2014-09-07 22:57 - 2014-09-07 22:57 - 00000000 ____D () C:\ProgramData\PlotSoft
2014-09-07 22:57 - 2014-09-07 22:57 - 00000000 ____D () C:\Program Files (x86)\PlotSoft
2014-09-07 22:45 - 2014-09-08 04:26 - 00000000 ____D () C:\Users\Lennart J\Desktop\Bewerbung
2014-09-07 03:22 - 2014-09-09 22:57 - 00000000 ____D () C:\Users\Lennart J\Desktop\Sophie
2014-09-06 22:46 - 2014-09-06 22:46 - 00000000 ____D () C:\ProgramData\Riot Games
2014-09-05 17:51 - 2014-09-05 17:51 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-09-05 17:34 - 2014-08-23 09:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-19 18:02 - 2014-08-19 18:02 - 01176088 _____ () C:\WINDOWS\Minidump\081914-18078-01.dmp
2014-08-19 17:43 - 2014-08-19 17:44 - 01326592 _____ () C:\WINDOWS\Minidump\081914-34234-01.dmp
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-16 01:54 - 2014-09-16 01:53 - 00022304 _____ () C:\Users\Lennart J\Desktop\FRST.txt
2014-09-16 01:54 - 2014-09-16 01:53 - 00000000 ____D () C:\FRST
2014-09-16 01:53 - 2014-09-16 01:53 - 02105856 _____ (Farbar) C:\Users\Lennart J\Desktop\FRST64.exe
2014-09-16 01:31 - 2014-01-19 13:31 - 00000398 _____ () C:\WINDOWS\Tasks\WpsUpdateTask_Lennart J.job
2014-09-16 01:30 - 2013-04-25 17:41 - 00000422 _____ () C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job
2014-09-16 01:25 - 2014-01-28 01:08 - 01197148 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-16 01:23 - 2014-01-28 19:15 - 01296896 ___SH () C:\Users\Lennart J\Desktop\Thumbs.db
2014-09-16 01:13 - 2014-07-23 21:04 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-16 01:11 - 2014-01-18 17:39 - 00000712 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-16 01:02 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-16 00:05 - 2014-01-18 17:03 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-25646073-1747131351-1955705847-1002
2014-09-15 08:42 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-09-15 06:07 - 2012-07-26 16:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-15 06:00 - 2014-01-19 21:47 - 00000000 ____D () C:\Users\Lennart J\AppData\Roaming\Skype
2014-09-15 04:11 - 2014-01-18 17:40 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-15 04:11 - 2014-01-18 17:39 - 00000708 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-15 03:10 - 2014-09-15 03:10 - 13087456 _____ (Microsoft Corporation) C:\Users\Lennart J\Desktop\Silverlight_x64.exe
2014-09-15 03:10 - 2014-09-15 03:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-15 03:10 - 2014-09-15 03:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-15 03:10 - 2014-09-15 03:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-14 23:09 - 2014-01-19 21:47 - 00000000 ____D () C:\ProgramData\Skype
2014-09-14 21:32 - 2013-04-25 17:40 - 07834702 _____ () C:\WINDOWS\AsDebug.log
2014-09-13 23:00 - 2014-09-13 22:59 - 00000000 ____D () C:\Users\Lennart J\Desktop\TODAI
2014-09-13 21:12 - 2014-09-13 21:11 - 00000000 ____D () C:\Program Files (x86)\GMATPrep2012
2014-09-13 21:11 - 2014-09-13 21:11 - 00000000 ____D () C:\Users\Lennart J\AppData\Roaming\GMATPrep
2014-09-13 21:11 - 2014-09-13 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMATPrep
2014-09-13 21:10 - 2014-09-13 21:09 - 54662896 _____ (Graduate Management Admission Council (GMAC)) C:\Users\Lennart J\Desktop\GMATPrep-2.2.317-Windows.exe
2014-09-13 07:32 - 2014-01-18 17:23 - 00901986 _____ () C:\WINDOWS\system32\perfh007.dat
2014-09-13 07:32 - 2014-01-18 17:23 - 00195718 _____ () C:\WINDOWS\system32\perfc007.dat
2014-09-13 07:32 - 2013-11-14 16:27 - 02596290 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-13 07:32 - 2013-11-14 16:13 - 00500892 _____ () C:\WINDOWS\system32\perfh011.dat
2014-09-13 07:32 - 2013-11-14 16:13 - 00135664 _____ () C:\WINDOWS\system32\perfc011.dat
2014-09-13 07:25 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-09-12 03:28 - 2014-01-18 18:25 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-12 03:24 - 2014-01-18 18:25 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-10 00:13 - 2014-04-07 23:12 - 00000000 ____D () C:\Users\Lennart J\.gimp-2.8
2014-09-10 00:08 - 2014-09-10 00:08 - 00002751 _____ () C:\Users\Lennart J\AppData\Local\recently-used.xbel
2014-09-10 00:08 - 2014-04-07 23:37 - 00000000 ____D () C:\Users\Lennart J\AppData\Local\gtk-2.0
2014-09-09 22:57 - 2014-09-07 03:22 - 00000000 ____D () C:\Users\Lennart J\Desktop\Sophie
2014-09-09 20:22 - 2014-09-09 20:22 - 00000000 ____D () C:\Users\Lennart J\AppData\Roaming\OpenOffice
2014-09-09 20:18 - 2014-09-09 20:18 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-09-09 20:18 - 2014-09-09 20:18 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-09-09 20:18 - 2014-09-09 20:18 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-09-09 20:08 - 2014-09-09 20:08 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-09-09 20:08 - 2014-01-18 14:48 - 00000000 ____D () C:\Users\Lennart J\AppData\Local\Packages
2014-09-09 20:07 - 2014-09-09 20:07 - 00000000 ____D () C:\ProgramData\HP
2014-09-09 18:09 - 2013-12-25 14:58 - 00003474 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update1
2014-09-09 18:09 - 2013-12-25 14:58 - 00003464 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update2
2014-09-09 08:28 - 2014-09-09 08:27 - 00000000 ___HD () C:\Users\Lennart J\Desktop\C
2014-09-09 08:11 - 2014-05-16 11:58 - 00000000 ___HD () C:\Users\Lennart J\Desktop\smthng
2014-09-09 05:47 - 2013-08-23 00:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-09 03:34 - 2014-09-09 03:34 - 00000644 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-09-09 03:34 - 2014-09-09 03:34 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-09-09 03:32 - 2014-09-09 03:31 - 05965584 _____ (Wargaming.net ) C:\Users\Lennart J\Desktop\WoT_internet_install_eu.exe
2014-09-09 00:32 - 2014-09-09 00:30 - 263415282 _____ () C:\Users\Lennart J\Desktop\Us_-_Everywhere-2014-09-08.zip
2014-09-08 21:28 - 2014-01-28 01:40 - 00000000 ___DO () C:\Users\Lennart J\SkyDrive
2014-09-08 20:35 - 2014-01-18 14:49 - 00000074 _____ () C:\Users\Lennart J\AppData\Roaming\sp_data.sys
2014-09-08 20:31 - 2013-08-22 23:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-08 20:30 - 2013-08-22 23:44 - 00359776 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-08 20:28 - 2013-08-22 22:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-08 05:35 - 2014-01-18 17:56 - 00000000 ____D () C:\Users\Lennart J\AppData\Local\PMB Files
2014-09-08 05:04 - 2014-01-18 17:56 - 00000000 ____D () C:\ProgramData\PMB Files
2014-09-08 04:26 - 2014-09-07 22:45 - 00000000 ____D () C:\Users\Lennart J\Desktop\Bewerbung
2014-09-07 22:58 - 2014-09-07 22:58 - 00002118 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\PDFill PDF Editor.lnk
2014-09-07 22:58 - 2014-09-07 22:58 - 00002112 _____ () C:\Users\Public\Desktop\PDFill PDF Editor.lnk
2014-09-07 22:58 - 2014-09-07 22:58 - 00001110 _____ () C:\Users\Public\Desktop\PDFill PDF Tools (Free).lnk
2014-09-07 22:58 - 2014-09-07 22:58 - 00001080 _____ () C:\Users\Public\Desktop\PDFill PDF Writer (Free).lnk
2014-09-07 22:58 - 2014-09-07 22:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill
2014-09-07 22:57 - 2014-09-07 22:57 - 00000000 ____D () C:\ProgramData\PlotSoft
2014-09-07 22:57 - 2014-09-07 22:57 - 00000000 ____D () C:\Program Files (x86)\PlotSoft
2014-09-07 22:50 - 2014-01-25 23:51 - 00000000 ____D () C:\Users\Lennart J\Desktop\Verträge
2014-09-07 03:32 - 2014-02-23 20:43 - 00000000 ____D () C:\Users\Lennart J\Desktop\Fotos
2014-09-06 22:46 - 2014-09-06 22:46 - 00000000 ____D () C:\ProgramData\Riot Games
2014-09-05 20:33 - 2013-08-22 23:46 - 00342043 _____ () C:\WINDOWS\setupact.log
2014-09-05 17:51 - 2014-09-05 17:51 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-08-23 09:42 - 2014-09-05 17:34 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-19 18:02 - 2014-08-19 18:02 - 01176088 _____ () C:\WINDOWS\Minidump\081914-18078-01.dmp
2014-08-19 18:02 - 2014-01-28 01:22 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-19 18:02 - 2014-01-28 01:21 - 495504838 _____ () C:\WINDOWS\MEMORY.DMP
2014-08-19 17:44 - 2014-08-19 17:43 - 01326592 _____ () C:\WINDOWS\Minidump\081914-34234-01.dmp
2014-08-19 17:43 - 2013-11-13 23:18 - 00007164 _____ () C:\WINDOWS\PFRO.log
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
Some content of TEMP:
====================
C:\Users\Lennart J\AppData\Local\Temp\avgnt.exe
C:\Users\Lennart J\AppData\Local\Temp\COMAP.EXE
C:\Users\Lennart J\AppData\Local\Temp\nls-checker-xp.exe
C:\Users\Lennart J\AppData\Local\Temp\nls-smart-installer-xp.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-13 02:02
==================== End Of Log ============================ --- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Lennart J at 2014-09-16 01:54:42
Running from C:\Users\Lennart J\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
ASUS Console (HKLM\...\{6D989E08-8143-4AB8-B0A8-5B836235CAA4}) (Version: 1.0.3 - ASUS)
ASUS Instant Key (HKLM-x32\...\{D97A1B80-131F-4692-9543-E652956D8B99}) (Version: 1.1.3 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.6 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.6 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0018 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.7 - ASUS)
ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.5005 - CyberLink Corp.)
ASUS Video Magic (x32 Version: 6.0.5005 - CyberLink Corp.) Hidden
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4924.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4924.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.310 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0030 - ASUS)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 536871201.4759644.48.2147344384 - Audible, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Combined Community Codec Pack 2014-04-20 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.04.20.0 - CCCP Project)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
Connectify (HKLM\...\Connectify) (Version: 7.2.1.29658 - Connectify)
Creeper World 3: Arc Eternal (HKLM-x32\...\Steam App 280220) (Version: - Knuckle Cracker)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.5817a - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.5817a - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GMATPrep (HKLM-x32\...\GMATPrep 2.2.317) (Version: 2.2.317 - Graduate Management Admission Council (GMAC))
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
i-フィルター 6.0 (HKLM\...\{FDC60158-F92E-41DA-8515-1A5EAEF89EAC}) (Version: 6.00.21.0100 - デジタルアーツ株式会社)
Kingsoft Office 2012 (8.1.0.3185) (HKLM-x32\...\Kingsoft Office) (Version: 8.1.0.3185 - Kingsoft Corp.)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
LINE (HKLM-x32\...\LINE) (Version: 3.7.3.82 - LINE Corporation)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.15.2 (Version: 1.15.2 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX システム ソフトウェア 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
NVIDIA グラフィックス ドライバー 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA コントロール パネル 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
OMC ModPack Version 0.8.11.0 (HKLM-x32\...\{CF9086F7-0490-42CE-8029-09CCB8FB942A}_is1) (Version: 0.8.11.0 - Odem Mortis)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 11.0 - PlotSoft LLC)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.11.201.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7032 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version: - Tripwire Interactive)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Silent Hunter: Wolves of the Pacific (HKLM-x32\...\Steam App 15200) (Version: - Ubisoft Romania)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version: - Galactic Cafe)
Tom Clancy's Ghost Recon Phantoms - NA (HKLM-x32\...\Steam App 243870) (Version: - Ubisoft Singapore)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM\...\{8E59415B-ECAC-43F7-B496-7BCD636C63E1}) (Version: 16.0.805.1 - Microsoft Corporation)
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{121C874E-5797-40B2-86CE-CE6624F2711A}) (Version: 15.0.1376 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM\...\{EC9F4C53-7258-4A37-B555-5A438FA8B4FF}) (Version: 16.0.668.1 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Trending Words Dictionary (HKLM\...\{B939BFEB-824F-4456-A4EE-2B86ED04033D}) (Version: 16.0.1016.1 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
War Thunder Launcher 1.0.1.335 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows ドライバ パッケージ - ASUS (ATP) Mouse (09/17/2013 1.0.0.186) (HKLM\...\D9E691DCEE7D3B9B7C62A7F5C2EAABBB9335DC9A) (Version: 09/17/2013 1.0.0.186 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812SEA}_is1) (Version: - Wargaming.net)
フォト ギャラリー (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
20-08-2014 07:48:01 Windows Update
05-09-2014 08:50:20 Windows Update
07-09-2014 13:57:05 Installed PDFill PDF Editor with FREE Writer and FREE Tools
09-09-2014 11:15:19 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 22:25 - 2013-08-22 22:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0623A21A-3757-4BA7-A453-FA8142B70724} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-08-29] (ASUS)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C277E9D-C9EC-4E54-9245-099AFC06D50E} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-08-28] (ASUSTeK Computer Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {33E0D0EF-93CA-4B81-AC68-5C93DEACB525} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {375E78BD-6DBF-4E4D-BBBF-29772D429002} - System32\Tasks\ASUS Console => C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe [2013-08-16] (ASUSTek Computer Inc.)
Task: {38386AF9-B5A2-4B19-BF6D-C5F47189D02A} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {481C5488-0DD1-4A55-B6CB-6D079FBAB79E} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {7281C7E8-DFD9-4889-A410-A0344CD63A65} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {738A5BB8-0CEB-4D5D-A537-9C3FE4414DBD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-18] (Google Inc.)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7E93E4EF-E3A0-4335-B43F-909C72C3229B} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-08-28] (ASUSTeK Computer Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8FC19905-5715-4689-A0DF-704102C446A6} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-09-23] (AsusTek)
Task: {9B6EB6C5-7EA3-440A-A143-13301578A9EC} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-08-19] (ASUS)
Task: {9CDA686F-A471-4FC7-9323-B39BF5616FDE} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-07-09] ()
Task: {9D2B6225-6BAB-479E-8E73-9A082198CB97} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-12] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C7BF44DA-6081-4CD9-BD20-DF44366659FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-18] (Google Inc.)
Task: {CD094DD6-C04F-434A-A018-16E98BA73F27} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DBFDF7FB-2E27-4DDD-A112-7C694289C2C5} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {E0FD221D-196D-49E2-B09D-37A41FD39226} - System32\Tasks\WpsUpdateTask_Lennart J => C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2012-03-27] (Zhuhai Kingsoft Office-software Co.,Ltd)
Task: {E6CA4248-029D-4DB2-A54A-E1C593178A14} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-08-16] (ASUSTeK Computer Inc.)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F3E55189-EB24-4ED2-ACF5-10C314C038C8} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-29] (ASUSTek Computer Inc.)
Task: {F56B85C6-C25B-47EC-AE97-162ADCF47E3E} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {FEAA435E-1582-4440-916E-8127E9385921} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe [2012-03-27] (Zhuhai Kingsoft Office-software Co.,Ltd)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Lennart J.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wpsupdate.exe
==================== Loaded Modules (whitelisted) =============
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-01-28 01:08 - 2013-10-23 17:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-12-19 15:10 - 2012-12-19 15:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2014-03-25 22:00 - 2014-03-25 22:04 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-12-25 15:02 - 2009-04-17 19:01 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-08-29 16:01 - 2013-08-29 16:01 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-09-07 01:48 - 2013-09-07 01:48 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 01:45 - 2013-09-07 01:45 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 01:52 - 2013-09-07 01:52 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-11-15 09:48 - 2013-11-15 09:48 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-09-13 21:11 - 2013-10-22 01:46 - 00142336 _____ () C:\Program Files (x86)\GMATPrep2012\GMATPrep.exe
2014-01-20 02:18 - 2013-12-24 03:59 - 00376608 _____ () C:\Program Files (x86)\Connectify\NativeLibrary.dll
2014-01-20 02:18 - 2013-12-24 03:59 - 03170080 _____ () C:\Program Files (x86)\Connectify\ConnectifyNAT.dll
2014-01-20 02:18 - 2013-12-24 03:59 - 00714016 _____ () C:\Program Files (x86)\Connectify\log4cplus.dll
2014-01-20 02:18 - 2013-12-24 03:59 - 00354080 _____ () C:\Program Files (x86)\Connectify\LibDispatch.dll
2013-08-16 10:03 - 2013-08-16 10:03 - 00023040 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2013-08-19 17:16 - 2013-08-19 17:16 - 00015440 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2013-11-15 09:49 - 2013-11-15 09:49 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-12-25 14:40 - 2013-06-23 20:05 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
2013-12-10 08:13 - 2013-12-10 08:13 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-09-13 05:17 - 2014-09-04 12:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-13 05:17 - 2014-09-04 12:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-13 05:17 - 2014-09-04 12:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-13 05:17 - 2014-09-04 12:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-13 05:17 - 2014-09-04 12:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
2014-09-13 21:11 - 2013-10-22 01:56 - 04773736 _____ () C:\Program Files (x86)\GMATPrep2012\Adobe AIR\Versions\1.0\Resources\WebKit.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Lennart J\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "Connectify Hotspot"
==================== Faulty Device Manager Devices =============
Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (09/15/2014 05:59:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RAVCpl64.exe, Version: 1.0.0.897, Zeitstempel: 0x5225bf27
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17055, Zeitstempel: 0x532954fb
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000000000005bf8
ID des fehlerhaften Prozesses: 0x101c
Startzeit der fehlerhaften Anwendung: 0xRAVCpl64.exe0
Pfad der fehlerhaften Anwendung: RAVCpl64.exe1
Pfad des fehlerhaften Moduls: RAVCpl64.exe2
Berichtskennung: RAVCpl64.exe3
Vollständiger Name des fehlerhaften Pakets: RAVCpl64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: RAVCpl64.exe5
Error: (09/15/2014 05:59:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RAVCpl64.exe, Version: 1.0.0.897, Zeitstempel: 0x5225bf27
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17055, Zeitstempel: 0x532954fb
Ausnahmecode: 0xc0000002
Fehleroffset: 0x0000000000005bf8
ID des fehlerhaften Prozesses: 0x101c
Startzeit der fehlerhaften Anwendung: 0xRAVCpl64.exe0
Pfad der fehlerhaften Anwendung: RAVCpl64.exe1
Pfad des fehlerhaften Moduls: RAVCpl64.exe2
Berichtskennung: RAVCpl64.exe3
Vollständiger Name des fehlerhaften Pakets: RAVCpl64.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: RAVCpl64.exe5
Error: (09/15/2014 03:10:41 AM) (Source: MsiInstaller) (EventID: 1002) (User: LENNART)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".
Error: (09/14/2014 11:09:15 PM) (Source: MsiInstaller) (EventID: 1002) (User: LENNART)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".
Error: (09/09/2014 08:17:53 PM) (Source: MsiInstaller) (EventID: 1002) (User: LENNART)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".
Error: (09/09/2014 08:17:07 PM) (Source: MsiInstaller) (EventID: 1002) (User: LENNART)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".
Error: (09/09/2014 08:16:47 PM) (Source: MsiInstaller) (EventID: 1002) (User: LENNART)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".
Error: (09/09/2014 08:15:18 PM) (Source: MsiInstaller) (EventID: 1002) (User: LENNART)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".
Error: (09/09/2014 08:08:29 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT AUTHORITY)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".
Error: (09/09/2014 03:18:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20573 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1b8c
Startzeit: 01cfcb9080ab29c6
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 7617c776-3784-11e4-bf01-bcee7b17afe7
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
System errors:
=============
Error: (09/15/2014 04:53:46 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 70. Der Windows-SChannel-Fehlerstatus lautet: 105.
Error: (09/15/2014 02:58:41 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 70. Der Windows-SChannel-Fehlerstatus lautet: 105.
Error: (09/10/2014 11:24:17 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{5B02CACF-806D-44CF-9122-ACBDA8248DD4} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (09/09/2014 05:35:08 AM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{5B02CACF-806D-44CF-9122-ACBDA8248DD4} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (09/08/2014 08:45:07 AM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 0.0.0.0 mit dem Computer mit der
Netzwerkhardwareadresse 0E-96-D7-AD-4C-5A ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.
Error: (09/08/2014 07:16:00 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "H:" können nicht gelesen werden.
Error: (09/08/2014 02:50:44 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR31 gefunden.
Error: (09/08/2014 02:46:30 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR31 gefunden.
Error: (09/08/2014 02:46:30 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR31 gefunden.
Error: (09/08/2014 02:46:30 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR31 gefunden.
Microsoft Office Sessions:
=========================
Error: (09/15/2014 05:59:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: RAVCpl64.exe1.0.0.8975225bf27KERNELBASE.dll6.3.9600.17055532954fbc000041d0000000000005bf8101c01cfcb58b4475e6bC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\WINDOWS\system32\KERNELBASE.dll02fe202a-3c52-11e4-bf01-bcee7b17afe7
Error: (09/15/2014 05:59:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: RAVCpl64.exe1.0.0.8975225bf27KERNELBASE.dll6.3.9600.17055532954fbc00000020000000000005bf8101c01cfcb58b4475e6bC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\WINDOWS\system32\KERNELBASE.dll01f7cb0d-3c52-11e4-bf01-bcee7b17afe7
Error: (09/15/2014 03:10:41 AM) (Source: MsiInstaller) (EventID: 1002) (User: LENNART)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
Error: (09/14/2014 11:09:15 PM) (Source: MsiInstaller) (EventID: 1002) (User: LENNART)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
Error: (09/09/2014 08:17:53 PM) (Source: MsiInstaller) (EventID: 1002) (User: LENNART)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
Error: (09/09/2014 08:17:07 PM) (Source: MsiInstaller) (EventID: 1002) (User: LENNART)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
Error: (09/09/2014 08:16:47 PM) (Source: MsiInstaller) (EventID: 1002) (User: LENNART)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
Error: (09/09/2014 08:15:18 PM) (Source: MsiInstaller) (EventID: 1002) (User: LENNART)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
Error: (09/09/2014 08:08:29 PM) (Source: MsiInstaller) (EventID: 1002) (User: NT AUTHORITY)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
Error: (09/09/2014 03:18:40 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.205731b8c01cfcb9080ab29c64294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\LiveComm.exe7617c776-3784-11e4-bf01-bcee7b17afe7microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
CodeIntegrity Errors:
===================================
Date: 2014-01-18 16:44:34.195
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\autochk.exe that did not meet the Windows signing level requirements.
Date: 2014-01-18 15:41:09.180
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\autochk.exe that did not meet the Windows signing level requirements.
Date: 2014-01-18 15:37:18.171
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\autochk.exe that did not meet the Windows signing level requirements.
Date: 2014-01-18 15:00:43.407
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\autochk.exe that did not meet the Windows signing level requirements.
Date: 2014-01-18 14:42:06.223
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\autochk.exe that did not meet the Windows signing level requirements.
Date: 2013-12-25 15:09:41.911
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\autochk.exe that did not meet the Windows signing level requirements.
Date: 2013-12-25 14:56:44.522
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\autochk.exe that did not meet the Windows signing level requirements.
Date: 2013-12-25 14:51:03.894
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\autochk.exe that did not meet the Windows signing level requirements.
Date: 2013-12-25 14:48:12.818
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\autochk.exe that did not meet the Windows signing level requirements.
Date: 2013-12-25 14:46:09.631
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\smss.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\autochk.exe that did not meet the Windows signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz
Percentage of memory in use: 56%
Total physical RAM: 6027.18 MB
Available physical RAM: 2644.93 MB
Total Pagefile: 12171.18 MB
Available Pagefile: 6315.55 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:279.1 GB) (Free:219.65 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:398.07 GB) (Free:271.47 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: EA37FB89)
Partition: GPT Partition Type.
==================== End Of Log ============================ |