Hallo,
Avira hat bei mir den Trojaner TR/Mediyes.gen gefunden, habe ihn zwar gelöscht, aber er taucht immer wieder auf habe ihn zurzeit 2mal in quarantäne, was kann ich tun?
Danke für die Mühe ;-)
Mfg Mike
Avira Bericht:
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Donnerstag, 9. Januar 2014 12:48
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 8.1
Windowsversion : (plain) [6.2.9200]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : MIKE-T100
Versionsinformationen:
BUILD.DAT : 14.0.2.286 55547 Bytes 09.12.2013 11:37:00
AVSCAN.EXE : 14.0.2.254 1032760 Bytes 09.12.2013 10:37:19
AVSCANRC.DLL : 14.0.2.180 62008 Bytes 09.12.2013 10:37:19
LUKE.DLL : 14.0.2.234 65592 Bytes 09.12.2013 10:37:20
AVSCPLR.DLL : 14.0.2.254 124472 Bytes 09.12.2013 10:37:19
AVREG.DLL : 14.0.2.212 250424 Bytes 09.12.2013 10:37:19
avlode.dll : 14.0.2.254 540216 Bytes 09.12.2013 10:37:19
avlode.rdf : 13.0.1.62 56973 Bytes 09.12.2013 10:37:19
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 10:37:22
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 10:37:22
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 10:37:22
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 10:37:22
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 10:37:22
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 10:37:22
VBASE006.VDF : 7.11.103.230 2293248 Bytes 24.09.2013 10:37:22
VBASE007.VDF : 7.11.116.38 5485568 Bytes 28.11.2013 10:37:22
VBASE008.VDF : 7.11.120.140 1154560 Bytes 19.12.2013 16:12:07
VBASE009.VDF : 7.11.120.141 2048 Bytes 19.12.2013 16:12:07
VBASE010.VDF : 7.11.120.142 2048 Bytes 19.12.2013 16:12:08
VBASE011.VDF : 7.11.120.143 2048 Bytes 19.12.2013 16:12:08
VBASE012.VDF : 7.11.120.144 2048 Bytes 19.12.2013 16:12:08
VBASE013.VDF : 7.11.120.145 2048 Bytes 19.12.2013 16:12:08
VBASE014.VDF : 7.11.121.19 126976 Bytes 21.12.2013 16:12:08
VBASE015.VDF : 7.11.121.147 122880 Bytes 24.12.2013 08:52:45
VBASE016.VDF : 7.11.121.233 115712 Bytes 25.12.2013 13:24:20
VBASE017.VDF : 7.11.122.57 325120 Bytes 27.12.2013 10:48:51
VBASE018.VDF : 7.11.122.123 199680 Bytes 28.12.2013 10:20:12
VBASE019.VDF : 7.11.122.219 368640 Bytes 01.01.2014 09:42:57
VBASE020.VDF : 7.11.123.39 182272 Bytes 03.01.2014 15:49:02
VBASE021.VDF : 7.11.123.141 124416 Bytes 05.01.2014 11:08:34
VBASE022.VDF : 7.11.124.11 172032 Bytes 08.01.2014 09:00:43
VBASE023.VDF : 7.11.124.12 2048 Bytes 08.01.2014 09:00:43
VBASE024.VDF : 7.11.124.13 2048 Bytes 08.01.2014 09:00:43
VBASE025.VDF : 7.11.124.14 2048 Bytes 08.01.2014 09:00:43
VBASE026.VDF : 7.11.124.15 2048 Bytes 08.01.2014 09:00:43
VBASE027.VDF : 7.11.124.16 2048 Bytes 08.01.2014 09:00:43
VBASE028.VDF : 7.11.124.17 2048 Bytes 08.01.2014 09:00:43
VBASE029.VDF : 7.11.124.18 2048 Bytes 08.01.2014 09:00:43
VBASE030.VDF : 7.11.124.19 2048 Bytes 08.01.2014 09:00:44
VBASE031.VDF : 7.11.124.76 229376 Bytes 09.01.2014 09:00:45
Engineversion : 8.2.12.166
AEVDF.DLL : 8.1.3.4 102774 Bytes 09.12.2013 10:37:18
AESCRIPT.DLL : 8.1.4.176 520574 Bytes 23.12.2013 16:12:31
AESCN.DLL : 8.1.10.6 131447 Bytes 23.12.2013 16:12:30
AESBX.DLL : 8.2.16.26 1245560 Bytes 09.12.2013 10:37:18
AERDL.DLL : 8.2.0.138 704888 Bytes 09.12.2013 10:37:18
AEPACK.DLL : 8.3.3.8 762232 Bytes 23.12.2013 16:12:29
AEOFFICE.DLL : 8.1.2.76 205181 Bytes 09.12.2013 10:37:18
AEHEUR.DLL : 8.1.4.830 6386042 Bytes 23.12.2013 16:12:28
AEHELP.DLL : 8.1.27.10 266618 Bytes 09.12.2013 10:37:18
AEGEN.DLL : 8.1.7.20 446839 Bytes 09.12.2013 10:37:18
AEEXP.DLL : 8.4.1.138 418168 Bytes 23.12.2013 16:12:32
AEEMU.DLL : 8.1.3.2 393587 Bytes 09.12.2013 10:37:18
AECORE.DLL : 8.1.33.0 225657 Bytes 23.12.2013 16:12:15
AEBB.DLL : 8.1.1.4 53619 Bytes 09.12.2013 10:37:18
AVWINLL.DLL : 14.0.2.180 23608 Bytes 09.12.2013 10:37:19
AVPREF.DLL : 14.0.2.180 48696 Bytes 09.12.2013 10:37:19
AVREP.DLL : 14.0.2.180 175672 Bytes 09.12.2013 10:37:19
AVARKT.DLL : 14.0.2.254 256056 Bytes 09.12.2013 10:37:18
AVEVTLOG.DLL : 14.0.2.180 165944 Bytes 09.12.2013 10:37:18
SQLITE3.DLL : 3.7.0.1 394808 Bytes 09.12.2013 10:37:21
AVSMTP.DLL : 14.0.2.180 60472 Bytes 09.12.2013 10:37:19
NETNT.DLL : 14.0.2.180 13368 Bytes 09.12.2013 10:37:20
RCIMAGE.DLL : 14.0.2.180 4786744 Bytes 09.12.2013 10:37:21
RCTEXT.DLL : 14.0.2.270 73272 Bytes 09.12.2013 10:37:21
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Donnerstag, 9. Januar 2014 12:48
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:)'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'HDD2(D:)'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Fehler in der ARK Library
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxext.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dropbox.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtkNGUI.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxpers.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'hkcmd.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxsrvc.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'DptfPolicyLpmServiceHelper.exe' - '13' Modul(e) wurden durchsucht
Durchsuche Prozess 'aprp.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'MsoSync.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'RuntimeBroker.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'CSISYNCCLIENT.EXE' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'AsusTPHelper.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'AsusTPCenter.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'skydrive.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'TabTip.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'QuickGesture.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'LiveComm.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'AsusTPLoader.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'ATKOSD2.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'DMedia.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '206' Modul(e) wurden durchsucht
Durchsuche Prozess 'AsPatchTouchPanel.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'ACReminderSrv.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhostex.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'ReadingModeWatchDogx86.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'HControl.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'integratedoffice.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'DptfPolicyLpmService.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'DptfPolicyCriticalService.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'dashost.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'DptfParticipantProcessorService.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'AsusWSWinService.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'AsHidSrv.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '95' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'GFNEXSrv.exe' - '8' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '12' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLANExt.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'ASLDRSrv.exe' - '19' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '123' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '161' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '96' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '15' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '2106' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\' <OS>
C:\swapfile.sys
[WARNUNG] Die Datei konnte nicht geöffnet werden!
C:\Windows\WinSxS\Temp\PendingRenames\c18ccdbb2e0dcf017a040000c41f340b.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
[FUND] Ist das Trojanische Pferd TR/Mediyes.Gen
C:\Windows\WinSxS\Temp\PendingRenames\c270d3b72e0dcf016b040000c41f340b.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
[FUND] Ist das Trojanische Pferd TR/Mediyes.Gen
Beginne mit der Suche in 'D:\' <Data1>
Beginne mit der Desinfektion:
C:\Windows\WinSxS\Temp\PendingRenames\c270d3b72e0dcf016b040000c41f340b.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
[FUND] Ist das Trojanische Pferd TR/Mediyes.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5c273791.qua' verschoben!
C:\Windows\WinSxS\Temp\PendingRenames\c18ccdbb2e0dcf017a040000c41f340b.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
[FUND] Ist das Trojanische Pferd TR/Mediyes.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '44b31835.qua' verschoben!
Ende des Suchlaufs: Donnerstag, 9. Januar 2014 13:29
Benötigte Zeit: 38:56 Minute(n)
Der Suchlauf wurde vollständig durchgeführt.
29124 Verzeichnisse wurden überprüft
248863 Dateien wurden geprüft
2 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
2 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
1 Dateien konnten nicht durchsucht werden
248860 Dateien ohne Befall
2853 Archive wurden durchsucht
1 Warnungen
2 Hinweise
75 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
Farbar Recovery Scan Tool sagt folgendes:
FRST:
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-01-2014 01
Ran by Mike (administrator) on MIKE-T100 on 09-01-2014 13:49:37
Running from C:\Users\Mike\Downloads
Microsoft Windows 8.1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
(ASUS Cloud Corporation) C:\Program Files\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
() C:\Program Files\ASUS\ASUS Reading Mode\ReadingModeWatchDogx86.exe
(ASUSTek Computer INC.) C:\Program Files\ASUS\ASUS AC Reminder\ACReminderSrv.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPCenter.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Dropbox, Inc.) C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
() C:\Program Files\WindowsApps\Microsoft.BingMaps_2.0.2210.2401_x86__8wekyb3d8bbwe\Map.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ASUSPRP] - C:\Program Files\ASUS\APRP\aprp.exe [3216032 2013-09-05] (ASUSTek Computer Inc.)
HKLM\...\Run: [WebStorage] - C:\Program Files\ASUS\WebStorage\2.0.3.226\ASUSWSLoader.exe [63296 2013-08-16] ()
HKLM\...\Run: [DptfPolicyLpmServiceHelper] - C:\Windows\System32\DptfPolicyLpmServiceHelper.exe [73216 2013-08-24] (Intel Corporation)
HKLM\...\Run: [RtkNGUI] - C:\Program Files\Realtek\Audio\AP\RtkNGUI.exe [2653912 2013-07-16] (Realtek Semiconductor)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-09] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Mike\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\snlv6pij.default
FF Homepage: https://de-de.facebook.com/
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\Root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 AsHidService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [103224 2013-05-16] (ASUSTek Computer Inc.)
R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [107320 2013-01-15] (ASUSTek Computer Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2011-11-21] (ASUS)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [1678040 2013-12-10] (Broadcom Corporation.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279000 2013-08-28] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [75264 2013-08-24] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [89088 2013-08-24] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [82432 2013-08-24] (Intel Corporation)
S3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe [1280600 2012-12-07] (Microsoft Corporation)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [278264 2013-08-22] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22240 2013-08-22] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1210368 2013-10-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
R3 AsusHID; C:\Windows\System32\drivers\AsusHID.sys [64312 2013-09-04] (ASUS Corporation)
R1 ATKWMIACPIIO; C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [14464 2011-09-07] (ASUS)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [135648 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [37352 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [68728 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [25600 2013-08-22] (Microsoft Corporation)
R3 BCMSDH43XX; C:\Windows\system32\DRIVERS\bcmdhd63.sys [304344 2013-10-16] (Broadcom Corp)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [185856 2013-08-22] (Microsoft Corporation)
R3 BthMini; C:\Windows\System32\Drivers\BTHMINI.sys [24064 2013-08-22] (Microsoft Corporation)
S3 btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [144600 2013-12-10] (Broadcom Corporation.)
R3 BtwSerialBus; C:\Windows\system32\DRIVERS\BtwSerialBus.sys [130776 2013-12-10] (Broadcom Corporation.)
R3 camera; C:\Windows\system32\DRIVERS\camera.sys [334848 2013-08-23] (Intel Corporation)
R3 CM3218x; C:\Windows\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
R3 CPLMACPI; C:\Windows\system32\DRIVERS\CPLMACPI.sys [16488 2013-12-09] (Capella Microsystems, Inc.)
R3 DptfDevDBPT; C:\Windows\system32\DRIVERS\DptfDevPower.sys [17408 2013-08-24] (Intel Corporation)
R3 DptfDevDisplay; C:\Windows\system32\DRIVERS\DptfDevDisplay.sys [20480 2013-08-24] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [28160 2013-08-24] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [72192 2013-08-24] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [176640 2013-08-24] (Intel Corporation)
R3 GPIO; C:\Windows\System32\drivers\iaiogpio.sys [23040 2013-08-23] (Intel Corporation)
R3 GpioVirtual; C:\Windows\System32\drivers\iaiogpiovirtual.sys [17408 2013-08-21] (Intel Corporation)
R3 HIDSwitch; C:\Windows\System32\drivers\AsHIDSwitch.sys [17720 2013-11-04] (ASUS)
R3 iaiouart; C:\Windows\System32\drivers\iaiouart.sys [88064 2013-08-21] (Intel Corporation)
S0 iaStorA; C:\Windows\System32\drivers\iaStorA.sys [505192 2013-08-09] (Intel Corporation)
S3 intaud_WaveExtensible; C:\Windows\system32\drivers\intelaud.sys [33176 2013-08-22] (Intel Corporation)
R3 IntelSST; C:\Windows\system32\drivers\isstrtc.sys [242176 2013-08-26] (Intel(R) Corporation)
R3 INVN_MotionApps; C:\Windows\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
R3 iwdbus; C:\Windows\System32\drivers\iwdbus.sys [22936 2013-08-22] (Intel Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [21456 2013-08-21] (Intel Corporation)
R3 MT9M114; C:\Windows\System32\drivers\MT9M114.sys [38400 2013-08-23] (Intel Corporation)
S3 NETwNs32; C:\Windows\system32\DRIVERS\Netwsn00.sys [10372096 2013-06-18] (Intel Corporation)
R3 PMIC; C:\Windows\System32\drivers\PMIC.sys [46592 2013-08-21] (Intel Corporation)
R3 rtii2sac; C:\Windows\system32\DRIVERS\rtii2sac.sys [129752 2013-09-13] (Realtek Semiconductor Corp.)
S3 RTLU3E8023-W8-32; C:\Windows\system32\DRIVERS\rtu30x86w8.sys [57856 2013-06-18] (Realtek )
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
S1 ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [28520 2013-12-09] (Avira GmbH)
R3 TXEI; C:\Windows\System32\drivers\TXEI.sys [76304 2013-08-03] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [93024 2013-08-22] (Microsoft Corporation)
R3 WUDFSensorLP; C:\Windows\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)
U0 msahci;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-09 13:49 - 2014-01-09 13:49 - 00012940 _____ C:\Users\Mike\Downloads\FRST.txt
2014-01-09 13:49 - 2014-01-09 13:49 - 00000000 ____D C:\FRST
2014-01-09 13:47 - 2014-01-09 13:48 - 01065947 _____ (Farbar) C:\Users\Mike\Downloads\FRST.exe
2014-01-09 13:35 - 2014-01-09 13:35 - 01931770 _____ (Farbar) C:\Users\Mike\Downloads\FRST64.exe
2014-01-09 12:52 - 2014-01-09 12:52 - 00000000 ____D C:\Windows\LastGood
2014-01-07 13:19 - 2014-01-07 13:19 - 00007680 ___SH C:\Users\Mike\Documents\Thumbs.db
2014-01-07 12:11 - 2014-01-08 09:33 - 00041472 ___SH C:\Users\Mike\Desktop\Thumbs.db
2014-01-06 16:17 - 2011-06-21 11:24 - 00032768 _____ C:\Windows\system32\Drivers\sp_rsdrv2.sys
2014-01-06 16:15 - 2014-01-06 16:17 - 05049344 _____ (Crawler.com ) C:\Users\Mike\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2014-01-06 10:10 - 2014-01-06 10:10 - 00009707 _____ C:\Users\Mike\Documents\Kopie von Bedarfsplan_Kleidung_E-Abt(1).xlsx
2013-12-30 13:00 - 2013-12-30 13:02 - 00000000 ____D C:\Windows\system32\MRT
2013-12-30 13:00 - 2013-12-01 14:42 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-29 12:58 - 2011-05-30 10:56 - 00014492 _____ C:\Users\Mike\Documents\272187510.txt
2013-12-29 12:57 - 2014-01-07 13:19 - 00000000 ____D C:\Users\Mike\Documents\Studium
2013-12-29 12:57 - 2014-01-07 13:19 - 00000000 ____D C:\Users\Mike\Documents\Feuerwehr
2013-12-29 12:57 - 2013-12-29 13:00 - 00000000 ____D C:\Users\Mike\Documents\Jugendfeuerwehr
2013-12-29 12:57 - 2013-12-29 12:57 - 00000000 ____D C:\Users\Mike\Documents\Schule
2013-12-29 12:57 - 2013-12-29 12:57 - 00000000 ____D C:\Users\Mike\Documents\ICQ
2013-12-29 12:57 - 2013-12-29 12:57 - 00000000 ____D C:\Users\Mike\Documents\Gothic3ForsakenGods
2013-12-29 12:57 - 2013-12-29 12:57 - 00000000 ____D C:\Users\Mike\Documents\gothic3
2013-12-29 12:51 - 2014-01-09 12:48 - 00000000 ___RD C:\Users\Mike\Dropbox
2013-12-29 12:51 - 2013-12-29 12:51 - 00001093 _____ C:\Users\Mike\Desktop\Dropbox.lnk
2013-12-29 12:49 - 2013-12-29 12:49 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-12-29 12:48 - 2014-01-09 13:25 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Dropbox
2013-12-27 17:47 - 2013-09-26 07:44 - 00552448 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2013-12-27 17:47 - 2013-09-26 07:34 - 00515072 _____ (Microsoft Corporation) C:\Windows\system32\MrmIndexer.dll
2013-12-27 14:29 - 2013-12-27 16:57 - 00000000 ___RD C:\Windows\BrowserChoice
2013-12-26 19:19 - 2013-10-10 15:52 - 02872688 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2013-12-26 19:18 - 2013-10-23 10:44 - 00104280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-26 19:18 - 2013-10-23 10:24 - 00142680 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_8086.dll
2013-12-26 19:18 - 2013-10-23 10:21 - 00044904 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2013-12-26 19:18 - 2013-10-22 07:14 - 01033368 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-12-26 19:18 - 2013-10-22 07:03 - 02065448 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-12-26 19:18 - 2013-10-22 05:04 - 00618496 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2013-12-26 19:18 - 2013-10-22 04:02 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2013-12-26 19:18 - 2013-10-22 03:52 - 00667136 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2013-12-26 19:18 - 2013-10-22 02:59 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-12-26 19:18 - 2013-10-22 02:51 - 01634304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-12-26 19:18 - 2013-10-22 02:47 - 02295808 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-26 19:18 - 2013-10-22 02:40 - 01210368 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2013-12-26 19:18 - 2013-10-19 08:12 - 00380656 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2013-12-26 19:18 - 2013-10-19 05:43 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-26 19:18 - 2013-10-19 05:03 - 00531968 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2013-12-26 19:18 - 2013-10-19 04:14 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2013-12-26 19:18 - 2013-10-17 15:04 - 01204968 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2013-12-26 19:18 - 2013-10-17 15:04 - 01155384 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2013-12-26 19:18 - 2013-10-16 10:34 - 00518656 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2013-12-26 19:18 - 2013-10-13 01:49 - 00207192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2013-12-26 19:18 - 2013-10-13 01:29 - 00706536 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2013-12-26 19:18 - 2013-10-11 14:03 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2013-12-26 19:18 - 2013-10-10 15:53 - 00235960 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-12-26 19:18 - 2013-10-10 15:53 - 00088272 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2013-12-26 19:18 - 2013-10-10 15:53 - 00029528 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2013-12-26 19:18 - 2013-10-10 12:21 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2013-12-26 19:18 - 2013-10-10 12:12 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2013-12-26 19:18 - 2013-10-09 06:40 - 00385528 _____ C:\Windows\system32\ApnDatabase.xml
2013-12-26 19:18 - 2013-10-08 09:49 - 00415576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2013-12-26 19:18 - 2013-10-08 09:26 - 01888088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-12-26 19:18 - 2013-10-08 06:58 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2013-12-26 19:18 - 2013-10-08 06:15 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2013-12-26 19:18 - 2013-10-08 06:14 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2013-12-26 19:18 - 2013-10-08 05:50 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2013-12-26 19:18 - 2013-10-08 05:40 - 00795648 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2013-12-26 19:18 - 2013-10-07 07:07 - 00049544 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-12-26 19:18 - 2013-10-07 03:03 - 02833408 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-12-26 19:18 - 2013-10-05 13:30 - 00321368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-12-26 19:18 - 2013-10-05 13:30 - 00047960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2013-12-26 19:18 - 2013-10-05 13:05 - 00578952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-12-26 19:18 - 2013-10-05 10:59 - 00336896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2013-12-26 19:18 - 2013-10-05 10:58 - 01015808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2013-12-26 19:18 - 2013-10-05 09:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2013-12-26 19:18 - 2013-10-05 09:40 - 00795648 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2013-12-26 19:18 - 2013-10-05 09:29 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-12-26 19:18 - 2013-10-05 09:24 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\miutils.dll
2013-12-26 19:18 - 2013-10-05 09:21 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2013-12-26 19:18 - 2013-10-05 09:00 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2013-12-26 19:18 - 2013-10-05 08:35 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-12-26 19:18 - 2013-10-05 08:32 - 05769728 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-12-26 19:18 - 2013-10-04 09:00 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2013-12-26 19:18 - 2013-09-26 09:24 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-26 19:18 - 2013-09-19 07:23 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersRes.dll
2013-12-26 19:18 - 2013-09-19 06:38 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe
2013-12-26 19:18 - 2013-09-19 05:34 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2013-12-26 19:18 - 2013-09-17 07:34 - 00870232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-12-26 19:18 - 2013-09-17 07:31 - 00883184 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-12-26 19:18 - 2013-09-17 07:31 - 00326024 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2013-12-26 19:18 - 2013-09-17 04:47 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2013-12-26 19:18 - 2013-09-14 13:39 - 01799944 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2013-12-26 19:18 - 2013-09-14 13:33 - 00345552 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2013-12-26 19:18 - 2013-09-14 10:29 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2013-12-26 19:18 - 2013-09-14 09:54 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2013-12-26 19:18 - 2013-09-13 08:47 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2013-12-26 19:18 - 2013-09-12 09:02 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2013-12-26 19:18 - 2013-09-12 08:37 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2013-12-26 19:18 - 2013-09-12 08:37 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2013-12-26 19:18 - 2013-09-12 08:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2013-12-26 19:18 - 2013-09-12 08:17 - 00370176 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2013-12-26 19:18 - 2013-09-12 08:17 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2013-12-26 19:18 - 2013-09-12 08:01 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2013-12-26 19:18 - 2013-09-10 05:34 - 03934208 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-12-26 19:18 - 2013-09-10 05:28 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\msched.dll
2013-12-26 19:13 - 2013-11-12 00:41 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-26 19:13 - 2013-11-12 00:27 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-12-26 19:13 - 2013-11-11 01:50 - 00036696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2013-12-26 19:13 - 2013-11-09 11:54 - 00261464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-12-26 19:13 - 2013-11-09 06:56 - 01391104 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2013-12-26 19:13 - 2013-11-08 09:40 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2013-12-26 19:13 - 2013-11-08 05:26 - 11674624 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-12-26 19:13 - 2013-11-08 05:15 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2013-12-26 19:13 - 2013-11-08 04:51 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2013-12-26 19:13 - 2013-11-08 04:30 - 01128448 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2013-12-26 19:13 - 2013-11-08 04:05 - 00734208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2013-12-26 19:13 - 2013-11-05 15:08 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2013-12-26 19:13 - 2013-11-05 14:57 - 00479744 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2013-12-26 19:13 - 2013-11-05 14:33 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2013-12-26 19:13 - 2013-11-04 06:52 - 01307480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-12-26 19:13 - 2013-11-04 06:52 - 00320856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-12-26 19:13 - 2013-11-04 03:28 - 01816576 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2013-12-26 19:13 - 2013-11-04 02:30 - 01765376 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-12-26 19:13 - 2013-11-04 01:45 - 02038784 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2013-12-26 19:13 - 2013-11-01 11:17 - 00077144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2013-12-26 19:13 - 2013-11-01 06:57 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2013-12-26 19:13 - 2013-10-31 00:50 - 05753688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-12-26 19:13 - 2013-10-31 00:39 - 01381184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-12-26 19:13 - 2013-10-31 00:39 - 01270640 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-12-26 19:13 - 2013-10-31 00:39 - 01261320 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-12-26 19:13 - 2013-10-31 00:39 - 01159080 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-12-26 19:13 - 2013-10-26 21:28 - 00120152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SerCx2.sys
2013-12-26 19:13 - 2013-10-24 10:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2013-12-26 19:13 - 2013-10-17 11:36 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-12-26 19:13 - 2013-10-05 13:05 - 01765384 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-12-26 19:13 - 2013-10-05 13:05 - 00406400 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-12-26 19:13 - 2013-09-21 07:28 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2013-12-26 19:08 - 2013-11-05 19:51 - 18642504 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-12-26 19:08 - 2013-11-05 17:20 - 13925888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-12-26 19:07 - 2013-10-10 12:05 - 01019392 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2013-12-26 19:07 - 2013-10-10 11:27 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2013-12-26 18:58 - 2013-11-08 07:19 - 03494400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-26 18:58 - 2013-10-16 14:54 - 01581968 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-12-26 18:57 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-26 18:57 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-26 18:57 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-26 18:57 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-26 18:57 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-26 18:57 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-26 18:57 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-26 18:57 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-26 18:57 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-26 18:54 - 2013-11-23 05:13 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-26 18:54 - 2013-10-23 09:59 - 00698232 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2013-12-26 18:54 - 2013-10-19 08:14 - 00070680 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-26 18:53 - 2013-11-23 04:30 - 03423232 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2013-12-26 18:53 - 2013-11-23 04:11 - 00463360 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2013-12-26 18:53 - 2013-11-09 06:52 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2013-12-26 18:53 - 2013-11-09 06:52 - 00240128 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2013-12-26 18:53 - 2013-10-15 09:03 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-26 18:53 - 2013-10-05 13:05 - 01090808 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-12-26 18:53 - 2013-10-02 10:47 - 01018960 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2013-12-26 18:53 - 2013-10-01 04:36 - 00977408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2013-12-26 18:48 - 2013-10-13 01:45 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-12-26 18:48 - 2013-10-12 22:14 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-12-26 18:48 - 2013-10-12 22:02 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-12-26 14:03 - 2013-12-26 14:03 - 00002011 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-12-26 14:03 - 2013-12-26 14:03 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-12-26 14:03 - 2013-12-26 14:03 - 00000000 ____D C:\Program Files\Adobe
2013-12-26 14:02 - 2013-12-31 11:22 - 00000000 ____D C:\ProgramData\Adobe
2013-12-26 13:58 - 2013-12-26 14:16 - 00000000 ____D C:\Users\Mike\AppData\Local\Adobe
2013-12-24 13:46 - 2013-12-24 13:46 - 00000000 ____D C:\Users\Mike\AppData\Local\Intel_Corporation
2013-12-24 12:28 - 2013-12-24 12:28 - 00000750 _____ C:\Windows\bdestate.Log
2013-12-24 11:39 - 2013-12-24 11:39 - 00002883 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel 2013.lnk
2013-12-24 11:39 - 2013-12-24 11:39 - 00002867 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word 2013.lnk
2013-12-24 11:39 - 2013-12-24 11:39 - 00002818 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint 2013.lnk
2013-12-23 18:33 - 2013-12-23 18:33 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2013-12-23 17:24 - 2013-12-23 17:24 - 00000000 ____D C:\Users\Mike\Documents\OneNote-Notizbücher
2013-12-23 17:11 - 2013-12-23 17:11 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Avira
2013-12-23 17:08 - 2013-12-23 17:08 - 00002034 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-12-23 17:08 - 2013-12-23 17:08 - 00000000 ____D C:\ProgramData\Avira
2013-12-23 17:08 - 2013-12-23 17:08 - 00000000 ____D C:\Program Files\Avira
2013-12-23 17:08 - 2013-12-09 11:37 - 00135648 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-23 17:08 - 2013-12-09 11:37 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-23 17:08 - 2013-12-09 11:37 - 00068728 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-23 17:08 - 2013-12-09 11:37 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-12-23 17:08 - 2013-12-09 11:37 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-12-23 17:06 - 2013-12-23 17:06 - 00002096 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-12-23 17:06 - 2013-12-23 17:06 - 00002096 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-12-23 17:06 - 2013-12-23 17:06 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2013-12-23 17:06 - 2013-12-23 17:06 - 00000000 ____D C:\Program Files\Microsoft SkyDrive
2013-12-23 17:01 - 2013-12-23 17:01 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-12-23 16:56 - 2013-12-23 16:58 - 00002513 _____ C:\Users\Mike\Desktop\Word 2013.lnk
2013-12-23 16:56 - 2013-12-23 16:58 - 00002509 _____ C:\Users\Mike\Desktop\Excel 2013.lnk
2013-12-23 16:56 - 2013-12-23 16:58 - 00002499 _____ C:\Users\Mike\Desktop\An OneNote 2013 senden.lnk
2013-12-23 16:56 - 2013-12-23 16:58 - 00002488 _____ C:\Users\Mike\Desktop\PowerPoint 2013.lnk
2013-12-23 16:56 - 2013-12-23 16:58 - 00002427 _____ C:\Users\Mike\Desktop\OneNote 2013.lnk
2013-12-23 16:55 - 2013-12-23 16:55 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-12-23 16:53 - 2013-12-23 16:53 - 00001123 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-23 16:53 - 2013-12-23 16:53 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Mozilla
2013-12-23 16:53 - 2013-12-23 16:53 - 00000000 ____D C:\Users\Mike\AppData\Local\Mozilla
2013-12-23 16:53 - 2013-12-23 16:53 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-23 16:53 - 2013-12-23 16:53 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-23 16:52 - 2013-12-27 16:58 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-23 16:39 - 2013-12-23 16:39 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Macromedia
2013-12-23 16:37 - 2013-12-23 16:37 - 00000000 ____D C:\Users\Mike\AppData\Roaming\WebStorage
2013-12-23 16:36 - 2014-01-09 12:47 - 00000000 __RDO C:\Users\Mike\SkyDrive
2013-12-23 16:34 - 2014-01-09 12:48 - 00001283 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ReadingModeWatchDogShortcut.lnk
2013-12-23 16:34 - 2013-12-23 16:35 - 00000000 ____D C:\Users\Mike\AppData\Local\PackageStaging
2013-12-23 16:34 - 2013-12-23 16:34 - 00001233 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ACReminderSrv.lnk
2013-12-23 16:34 - 2013-12-23 16:34 - 00000000 ____D C:\Users\Mike\AppData\Roaming\ReadingModeUISetting
2013-12-23 16:33 - 2013-12-26 14:16 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Adobe
2013-12-23 16:33 - 2013-12-23 16:33 - 00001456 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-23 16:33 - 2013-12-23 16:33 - 00000200 _____ C:\Windows\FixPatch.log
2013-12-23 16:33 - 2013-12-23 16:33 - 00000000 ____D C:\Users\Mike\AppData\Local\VirtualStore
2013-12-23 16:32 - 2013-12-29 12:51 - 00000000 ____D C:\Users\Mike
2013-12-23 16:32 - 2013-12-23 16:32 - 00000020 ___SH C:\Users\Mike\ntuser.ini
2013-12-23 16:32 - 2013-12-23 16:32 - 00000000 _SHDL C:\Users\Mike\Startmenü
2013-12-23 16:32 - 2013-12-23 16:32 - 00000000 _SHDL C:\Users\Mike\Netzwerkumgebung
2013-12-23 16:32 - 2013-12-23 16:32 - 00000000 _SHDL C:\Users\Mike\Druckumgebung
2013-12-23 16:32 - 2013-12-23 16:32 - 00000000 _SHDL C:\Users\Mike\Documents\Eigene Musik
2013-12-23 16:32 - 2013-12-23 16:32 - 00000000 _SHDL C:\Users\Mike\Documents\Eigene Bilder
2013-12-23 16:32 - 2013-12-23 16:32 - 00000000 _SHDL C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-23 16:32 - 2013-12-23 16:32 - 00000000 _SHDL C:\Users\Mike\AppData\Local\Verlauf
2013-12-23 16:32 - 2013-08-22 09:17 - 00000000 ___RD C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-23 16:32 - 2013-08-22 09:17 - 00000000 ___RD C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-23 16:32 - 2013-08-22 09:17 - 00000000 ___RD C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-23 16:32 - 2013-08-22 09:17 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-23 16:29 - 2013-10-03 10:02 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2013-12-10 14:03 - 2013-12-10 13:41 - 00000000 ____D C:\eSupport
2013-12-10 14:03 - 2013-12-10 05:40 - 01702598 _____ C:\Windows\AsDebug.log
2013-12-10 14:03 - 2013-12-10 05:40 - 00241476 _____ C:\Windows\AsCDProc.log
2013-12-10 14:02 - 2013-10-23 10:33 - 00000054 _____ C:\Windows\AsToolCDVer.txt
2013-12-10 05:39 - 2013-12-10 05:39 - 00031304 _____ C:\Windows\AsChkDev.txt
2013-12-10 05:39 - 2013-12-10 05:39 - 00000000 _____ C:\Windows\system32\Drivers\1043_ASUSTEK_T100TA_T100TAF_V60_WIN8.MRK
2013-12-10 05:37 - 2013-12-10 05:37 - 00000000 ____D C:\ProgramData\AsTouchPanel
2013-12-10 05:31 - 2013-12-10 05:31 - 00000004 _____ C:\Windows\GetCalibration.log
2013-12-10 05:31 - 2013-12-10 05:31 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsServiceDriver_01_11_00.Wdf
2013-12-10 05:31 - 2013-12-10 05:31 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_INVN_MotionApps_01_11_00.Wdf
2013-12-10 05:30 - 2013-05-14 15:53 - 00022016 _____ C:\Windows\system32\ASUS.scr
2013-12-10 05:23 - 2013-12-10 05:23 - 00000000 ____D C:\Program Files\DIFX
2013-12-10 05:21 - 2013-12-10 05:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_CM3218x_01_11_00.Wdf
2013-12-10 05:19 - 2013-12-10 05:23 - 00008800 _____ C:\Windows\DPINST.LOG
2013-12-10 05:19 - 2013-12-10 05:19 - 01678040 _____ (Broadcom Corporation.) C:\Windows\system32\BtwRSupportService.exe
2013-12-10 05:19 - 2013-12-10 05:19 - 00144600 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwampfl.sys
2013-12-10 05:19 - 2013-12-10 05:19 - 00130776 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\BtwSerialBus.sys
2013-12-10 05:19 - 2013-12-10 05:19 - 00060120 _____ (Broadcom Corporation.) C:\Windows\system32\btwdi.dll
2013-12-10 05:19 - 2013-12-10 05:19 - 00015010 _____ C:\Windows\system32\Drivers\BCM4324B3_002.004.006.0096.0099.hcd
2013-12-10 05:15 - 2013-08-23 03:54 - 01783296 _____ (Intel Corporation) C:\Windows\system32\IntelCameraPlugin.dll
2013-12-10 05:15 - 2013-08-23 03:54 - 00128000 _____ (Intel Corporation) C:\Windows\system32\IntelSocYuvCopy.dll
2013-12-10 05:13 - 2013-12-10 05:13 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-10 05:13 - 2013-12-10 05:13 - 00000000 ____D C:\Program Files\Realtek
2013-12-10 05:13 - 2013-12-10 05:13 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-12-10 05:13 - 2013-09-13 10:42 - 00129752 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtii2sac.sys
2013-12-10 05:13 - 2013-07-16 14:26 - 01519320 ____N (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2013-12-10 05:12 - 2013-12-10 05:12 - 00018370 _____ C:\Windows\system32\results.xml
2013-12-10 05:11 - 2013-12-10 05:11 - 00000000 ___HD C:\Intel
2013-12-10 05:11 - 2013-12-10 05:11 - 00000000 ____D C:\Program Files\Intel
2013-12-10 05:11 - 2013-12-10 05:11 - 00000000 ____D C:\Program Files\Common Files\Intel
2013-12-10 05:11 - 2013-08-01 14:46 - 00060416 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2013-12-10 05:09 - 2013-12-10 05:21 - 00000050 _____ C:\Windows\proc.log
2013-12-10 05:07 - 2014-01-09 13:36 - 01965653 _____ C:\Windows\WindowsUpdate.log
2013-12-10 05:07 - 2013-09-14 13:42 - 00142168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VerifierExt.sys
2013-12-10 05:04 - 2013-12-10 05:04 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
==================== One Month Modified Files and Folders =======
2014-01-09 13:49 - 2014-01-09 13:49 - 00012940 _____ C:\Users\Mike\Downloads\FRST.txt
2014-01-09 13:49 - 2014-01-09 13:49 - 00000000 ____D C:\FRST
2014-01-09 13:48 - 2014-01-09 13:47 - 01065947 _____ (Farbar) C:\Users\Mike\Downloads\FRST.exe
2014-01-09 13:36 - 2013-12-10 05:07 - 01965653 _____ C:\Windows\WindowsUpdate.log
2014-01-09 13:35 - 2014-01-09 13:35 - 01931770 _____ (Farbar) C:\Users\Mike\Downloads\FRST64.exe
2014-01-09 13:25 - 2013-12-29 12:48 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Dropbox
2014-01-09 13:00 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\system32\sru
2014-01-09 13:00 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\Microsoft.NET
2014-01-09 12:52 - 2014-01-09 12:52 - 00000000 ____D C:\Windows\LastGood
2014-01-09 12:52 - 2013-08-22 08:23 - 00016600 _____ C:\Windows\setupact.log
2014-01-09 12:51 - 2013-09-05 19:59 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-09 12:48 - 2013-12-29 12:51 - 00000000 ___RD C:\Users\Mike\Dropbox
2014-01-09 12:48 - 2013-12-23 16:34 - 00001283 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ReadingModeWatchDogShortcut.lnk
2014-01-09 12:47 - 2013-12-23 16:36 - 00000000 __RDO C:\Users\Mike\SkyDrive
2014-01-09 12:45 - 2013-08-22 08:23 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-09 12:34 - 2013-08-22 07:13 - 00524288 ___SH C:\Windows\system32\config\BBI
2014-01-09 12:23 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\AppReadiness
2014-01-08 09:33 - 2014-01-07 12:11 - 00041472 ___SH C:\Users\Mike\Desktop\Thumbs.db
2014-01-07 13:19 - 2014-01-07 13:19 - 00007680 ___SH C:\Users\Mike\Documents\Thumbs.db
2014-01-07 13:19 - 2013-12-29 12:57 - 00000000 ____D C:\Users\Mike\Documents\Studium
2014-01-07 13:19 - 2013-12-29 12:57 - 00000000 ____D C:\Users\Mike\Documents\Feuerwehr
2014-01-06 16:17 - 2014-01-06 16:15 - 05049344 _____ (Crawler.com ) C:\Users\Mike\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2014-01-06 10:10 - 2014-01-06 10:10 - 00009707 _____ C:\Users\Mike\Documents\Kopie von Bedarfsplan_Kleidung_E-Abt(1).xlsx
2013-12-31 11:22 - 2013-12-26 14:02 - 00000000 ____D C:\ProgramData\Adobe
2013-12-30 13:02 - 2013-12-30 13:00 - 00000000 ____D C:\Windows\system32\MRT
2013-12-29 13:00 - 2013-12-29 12:57 - 00000000 ____D C:\Users\Mike\Documents\Jugendfeuerwehr
2013-12-29 12:57 - 2013-12-29 12:57 - 00000000 ____D C:\Users\Mike\Documents\Schule
2013-12-29 12:57 - 2013-12-29 12:57 - 00000000 ____D C:\Users\Mike\Documents\ICQ
2013-12-29 12:57 - 2013-12-29 12:57 - 00000000 ____D C:\Users\Mike\Documents\Gothic3ForsakenGods
2013-12-29 12:57 - 2013-12-29 12:57 - 00000000 ____D C:\Users\Mike\Documents\gothic3
2013-12-29 12:51 - 2013-12-29 12:51 - 00001093 _____ C:\Users\Mike\Desktop\Dropbox.lnk
2013-12-29 12:51 - 2013-12-23 16:32 - 00000000 ____D C:\Users\Mike
2013-12-29 12:49 - 2013-12-29 12:49 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-12-29 12:16 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\rescache
2013-12-27 16:58 - 2013-12-23 16:52 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-27 16:57 - 2013-12-27 14:29 - 00000000 ___RD C:\Windows\BrowserChoice
2013-12-27 14:31 - 2013-08-22 08:22 - 00367560 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-27 14:29 - 2013-08-22 09:17 - 00000000 ___RD C:\Windows\ToastData
2013-12-27 14:29 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\WinStore
2013-12-27 14:29 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\system32\de-DE
2013-12-27 14:29 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\MediaViewer
2013-12-27 14:29 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\FileManager
2013-12-27 14:29 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\Camera
2013-12-27 14:29 - 2013-08-22 09:17 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-26 14:16 - 2013-12-26 13:58 - 00000000 ____D C:\Users\Mike\AppData\Local\Adobe
2013-12-26 14:16 - 2013-12-23 16:33 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Adobe
2013-12-26 14:11 - 2013-08-22 14:08 - 00000000 ____D C:\Program Files\Windows Journal
2013-12-26 14:11 - 2013-08-22 14:06 - 00000000 ____D C:\Windows\system32\winrm
2013-12-26 14:11 - 2013-08-22 09:17 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-12-26 14:11 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\system32\it-IT
2013-12-26 14:11 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\IME
2013-12-26 14:11 - 2013-08-22 09:17 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-12-26 14:11 - 2013-08-22 09:17 - 00000000 ____D C:\Program Files\Windows Defender
2013-12-26 14:11 - 2013-08-22 09:17 - 00000000 ____D C:\Program Files\Common Files\System
2013-12-26 14:10 - 2013-09-06 04:19 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-12-26 14:10 - 2013-08-22 14:06 - 00000000 ____D C:\Windows\system32\WCN
2013-12-26 14:10 - 2013-08-22 14:06 - 00000000 ____D C:\Windows\system32\slmgr
2013-12-26 14:10 - 2013-08-22 14:06 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-12-26 14:10 - 2013-08-22 09:17 - 00000000 ___SD C:\Windows\system32\dsc
2013-12-26 14:10 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2013-12-26 14:10 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\system32\nl-NL
2013-12-26 14:10 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\system32\MUI
2013-12-26 14:10 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\system32\Com
2013-12-26 14:10 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\Help
2013-12-26 14:09 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\system32\fr-FR
2013-12-26 14:08 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\system32\en-GB
2013-12-26 14:03 - 2013-12-26 14:03 - 00002011 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-12-26 14:03 - 2013-12-26 14:03 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-12-26 14:03 - 2013-12-26 14:03 - 00000000 ____D C:\Program Files\Adobe
2013-12-24 13:46 - 2013-12-24 13:46 - 00000000 ____D C:\Users\Mike\AppData\Local\Intel_Corporation
2013-12-24 12:28 - 2013-12-24 12:28 - 00000750 _____ C:\Windows\bdestate.Log
2013-12-24 11:39 - 2013-12-24 11:39 - 00002883 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel 2013.lnk
2013-12-24 11:39 - 2013-12-24 11:39 - 00002867 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word 2013.lnk
2013-12-24 11:39 - 2013-12-24 11:39 - 00002818 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint 2013.lnk
2013-12-23 23:27 - 2013-08-22 07:21 - 00000000 ___RD C:\Users\Public
2013-12-23 18:33 - 2013-12-23 18:33 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2013-12-23 17:24 - 2013-12-23 17:24 - 00000000 ____D C:\Users\Mike\Documents\OneNote-Notizbücher
2013-12-23 17:19 - 2013-09-05 19:43 - 00113622 _____ C:\Windows\PFRO.log
2013-12-23 17:11 - 2013-12-23 17:11 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Avira
2013-12-23 17:08 - 2013-12-23 17:08 - 00002034 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-12-23 17:08 - 2013-12-23 17:08 - 00000000 ____D C:\ProgramData\Avira
2013-12-23 17:08 - 2013-12-23 17:08 - 00000000 ____D C:\Program Files\Avira
2013-12-23 17:06 - 2013-12-23 17:06 - 00002096 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-12-23 17:06 - 2013-12-23 17:06 - 00002096 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-12-23 17:06 - 2013-12-23 17:06 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2013-12-23 17:06 - 2013-12-23 17:06 - 00000000 ____D C:\Program Files\Microsoft SkyDrive
2013-12-23 17:01 - 2013-12-23 17:01 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-12-23 17:01 - 2013-08-22 09:17 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-12-23 16:58 - 2013-12-23 16:56 - 00002513 _____ C:\Users\Mike\Desktop\Word 2013.lnk
2013-12-23 16:58 - 2013-12-23 16:56 - 00002509 _____ C:\Users\Mike\Desktop\Excel 2013.lnk
2013-12-23 16:58 - 2013-12-23 16:56 - 00002499 _____ C:\Users\Mike\Desktop\An OneNote 2013 senden.lnk
2013-12-23 16:58 - 2013-12-23 16:56 - 00002488 _____ C:\Users\Mike\Desktop\PowerPoint 2013.lnk
2013-12-23 16:58 - 2013-12-23 16:56 - 00002427 _____ C:\Users\Mike\Desktop\OneNote 2013.lnk
2013-12-23 16:55 - 2013-12-23 16:55 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-12-23 16:53 - 2013-12-23 16:53 - 00001123 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-23 16:53 - 2013-12-23 16:53 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Mozilla
2013-12-23 16:53 - 2013-12-23 16:53 - 00000000 ____D C:\Users\Mike\AppData\Local\Mozilla
2013-12-23 16:53 - 2013-12-23 16:53 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-23 16:53 - 2013-12-23 16:53 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-23 16:39 - 2013-12-23 16:39 - 00000000 ____D C:\Users\Mike\AppData\Roaming\Macromedia
2013-12-23 16:37 - 2013-12-23 16:37 - 00000000 ____D C:\Users\Mike\AppData\Roaming\WebStorage
2013-12-23 16:35 - 2013-12-23 16:34 - 00000000 ____D C:\Users\Mike\AppData\Local\PackageStaging
2013-12-23 16:34 - 2013-12-23 16:34 - 00001233 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ACReminderSrv.lnk
2013-12-23 16:34 - 2013-12-23 16:34 - 00000000 ____D C:\Users\Mike\AppData\Roaming\ReadingModeUISetting
2013-12-23 16:33 - 2013-12-23 16:33 - 00001456 _____ C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-23 16:33 - 2013-12-23 16:33 - 00000200 _____ C:\Windows\FixPatch.log
2013-12-23 16:33 - 2013-12-23 16:33 - 00000000 ____D C:\Users\Mike\AppData\Local\VirtualStore
2013-12-23 16:33 - 2013-09-06 03:57 - 00000000 ____D C:\Windows\Log
2013-12-23 16:32 - 2013-12-23 16:32 - 00000020 ___SH C:\Users\Mike\ntuser.ini
2013-12-23 16:32 - 2013-12-23 16:32 - 00000000 _SHDL C:\Users\Mike\Startmenü
2013-12-23 16:32 - 2013-12-23 16:32 - 00000000 _SHDL C:\Users\Mike\Netzwerkumgebung
2013-12-23 16:32 - 2013-12-23 16:32 - 00000000 _SHDL C:\Users\Mike\Druckumgebung
2013-12-23 16:32 - 2013-12-23 16:32 - 00000000 _SHDL C:\Users\Mike\Documents\Eigene Musik
2013-12-23 16:32 - 2013-12-23 16:32 - 00000000 _SHDL C:\Users\Mike\Documents\Eigene Bilder
2013-12-23 16:32 - 2013-12-23 16:32 - 00000000 _SHDL C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-23 16:32 - 2013-12-23 16:32 - 00000000 _SHDL C:\Users\Mike\AppData\Local\Verlauf
2013-12-23 16:29 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\system32\restore
2013-12-10 14:03 - 2013-09-06 04:06 - 00000000 ____D C:\Windows\ASUS
2013-12-10 14:02 - 2013-08-22 09:17 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2013-12-10 13:41 - 2013-12-10 14:03 - 00000000 ____D C:\eSupport
2013-12-10 05:40 - 2013-12-10 14:03 - 01702598 _____ C:\Windows\AsDebug.log
2013-12-10 05:40 - 2013-12-10 14:03 - 00241476 _____ C:\Windows\AsCDProc.log
2013-12-10 05:40 - 2013-09-06 04:42 - 00000000 ____D C:\Windows\Panther
2013-12-10 05:40 - 2013-08-22 09:18 - 00002899 _____ C:\Windows\DtcInstall.log
2013-12-10 05:39 - 2013-12-10 05:39 - 00031304 _____ C:\Windows\AsChkDev.txt
2013-12-10 05:39 - 2013-12-10 05:39 - 00000000 _____ C:\Windows\system32\Drivers\1043_ASUSTEK_T100TA_T100TAF_V60_WIN8.MRK
2013-12-10 05:37 - 2013-12-10 05:37 - 00000000 ____D C:\ProgramData\AsTouchPanel
2013-12-10 05:31 - 2013-12-10 05:31 - 00000004 _____ C:\Windows\GetCalibration.log
2013-12-10 05:31 - 2013-12-10 05:31 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_SensorsServiceDriver_01_11_00.Wdf
2013-12-10 05:31 - 2013-12-10 05:31 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_INVN_MotionApps_01_11_00.Wdf
2013-12-10 05:30 - 2013-09-05 19:51 - 00000000 ____D C:\Program Files\ASUS
2013-12-10 05:23 - 2013-12-10 05:23 - 00000000 ____D C:\Program Files\DIFX
2013-12-10 05:23 - 2013-12-10 05:19 - 00008800 _____ C:\Windows\DPINST.LOG
2013-12-10 05:21 - 2013-12-10 05:21 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_CM3218x_01_11_00.Wdf
2013-12-10 05:21 - 2013-12-10 05:09 - 00000050 _____ C:\Windows\proc.log
2013-12-10 05:19 - 2013-12-10 05:19 - 01678040 _____ (Broadcom Corporation.) C:\Windows\system32\BtwRSupportService.exe
2013-12-10 05:19 - 2013-12-10 05:19 - 00144600 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwampfl.sys
2013-12-10 05:19 - 2013-12-10 05:19 - 00130776 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\BtwSerialBus.sys
2013-12-10 05:19 - 2013-12-10 05:19 - 00060120 _____ (Broadcom Corporation.) C:\Windows\system32\btwdi.dll
2013-12-10 05:19 - 2013-12-10 05:19 - 00015010 _____ C:\Windows\system32\Drivers\BCM4324B3_002.004.006.0096.0099.hcd
2013-12-10 05:13 - 2013-12-10 05:13 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-12-10 05:13 - 2013-12-10 05:13 - 00000000 ____D C:\Program Files\Realtek
2013-12-10 05:13 - 2013-12-10 05:13 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2013-12-10 05:12 - 2013-12-10 05:12 - 00018370 _____ C:\Windows\system32\results.xml
2013-12-10 05:11 - 2013-12-10 05:11 - 00000000 ___HD C:\Intel
2013-12-10 05:11 - 2013-12-10 05:11 - 00000000 ____D C:\Program Files\Intel
2013-12-10 05:11 - 2013-12-10 05:11 - 00000000 ____D C:\Program Files\Common Files\Intel
2013-12-10 05:04 - 2013-12-10 05:04 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-12-10 05:04 - 2013-08-22 09:17 - 00000000 ____D C:\Windows\system32\Recovery
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
Some content of TEMP:
====================
C:\Users\Mike\AppData\Local\Temp\avgnt.exe
C:\Users\Mike\AppData\Local\Temp\install_reader11_de_chrd_awa_aih.exe
C:\Users\Mike\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Mike\AppData\Local\Temp\SetupHomeStudentRetail.x86.de-DE_HomeStudentRetail_N7D3K-3JT6P-29GY3-G6JW7-T28DD_act_1_.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe
[2013-12-26 19:18] - [2013-10-22 07:03] - 2065448 ____A (Microsoft Corporation) 1A0BC9598E4A58FC84570FFF5A108E58
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-09 12:59
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
--- --- ---
_________________________________________________________________
________
Addition:FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-01-2014 01
Ran by Mike at 2014-01-09 13:50:24
Running from C:\Users\Mike\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Reader XI (11.0.05) - Deutsch (Version: 11.0.05 - Adobe Systems Incorporated)
ASUS AC Reminder (Version: 1.0.2 - ASUS)
ASUS Live Update (Version: 3.2.6 - ASUS)
ASUS Reading Mode (Version: 1.0.1 - ASUS)
ASUS Screen Saver (Version: 1.0.2 - ASUS)
ASUS Smart Gesture (Version: 2.2.4 - ASUS)
ATK Package (Version: 1.0.0030 - ASUS)
Avira Free Antivirus (Version: 14.0.2.286 - Avira)
Dropbox (Version: 2.4.10 - Dropbox, Inc.)
Intel(R) Processor Graphics (Version: 10.18.10.3286 - Intel Corporation)
Microsoft Office Home and Student 2013 - de-de (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SkyDrive (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Realtek I2S Audio (Version: 6.2.9400.4035 - Realtek Semiconductor Corp.)
WebStorage (Version: 2.0.3.226 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (AsusHID) Mouse (08/31/2013 3.0.0.13) (Version: 08/31/2013 3.0.0.13 - ASUS)
WinFlash (Version: 2.42.0 - ASUS)
==================== Restore Points =========================
==================== Hosts content: ==========================
2013-08-22 07:13 - 2013-08-22 07:13 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {00BC77BF-3352-4FE8-9617-4F1B27BEC19A} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {17233BE9-87E9-40B0-B003-AE9D2B92CBBE} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {1A951B15-379B-4281-8E6B-4D822D8620B3} - System32\Tasks\ASUS AC Reminder => C:\Program Files\ASUS\ASUS AC Reminder\ACReminderSrv.exe [2013-10-14] (ASUSTek Computer INC.)
Task: {1DA01F71-0E11-4ED1-9201-CFF419A82792} - System32\Tasks\ASUS Live Update1 => C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe [2013-08-28] (ASUSTeK Computer Inc.)
Task: {247BD142-0549-4E91-84B0-172C25563718} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {2BE65564-89D1-4396-A5CC-D7D9283FC4A1} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {2EA84B84-5010-4233-9154-23D004266052} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe [2012-12-07] (Microsoft Corporation)
Task: {344DC405-5047-49C8-9AA6-EC6BEA080F8C} - System32\Tasks\Asus Reading Mode => C:\Program Files\ASUS\ASUS Reading Mode\ReadingModeWatchDogx86.exe [2013-08-26] ()
Task: {363F62DD-4380-49D9-A995-089FD2D4E1BB} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLauncher.exe [2013-09-04] (AsusTek)
Task: {392EB017-207C-42BF-A061-F3BE721F456C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {3E0F62D7-6590-4A1B-BB08-37DFEB5CD82C} - System32\Tasks\Microsoft SkyDrive Auto Update Task-S-1-5-21-2804776985-3952458509-2160609318-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {4B7EF56A-8A42-4BD2-BB5C-7C389AC54A37} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {5700ACE8-D0AF-4BA7-98B6-1033521A877A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {680F45F1-838B-4FBB-96CA-D293D74809E2} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {6E84A59B-1863-4B21-8BD8-C9B20FD15484} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {7C7CF1DA-F461-4850-96B2-ADCA8A67E59C} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {8B5819AE-7B44-478B-A3D3-8846AF160A8F} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {92ED6570-4654-4BFA-9A6C-1084C6939C16} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {997C8BBD-710B-4E66-B5BC-CC09575A58D2} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {A5D45ED3-F524-4574-8F39-527F3729D1E2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {BF86EE21-9392-4ACE-8D1F-E3222F6DE6BF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\System32\MRT.exe [2013-12-01] (Microsoft Corporation)
Task: {C0D0F7C4-419F-41B3-90A2-FE79270B828A} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {CF5A1DDC-D14D-4D59-AD49-A19A645B087B} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DCF55BED-B1DF-4ABF-8D85-6542C7007799} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E4C8774A-2818-45A4-8A6D-11DDF6348886} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {EF5FD035-CD8E-4CD9-9524-548060DAB3F7} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MIKE-T100-Mike Mike-T100 => C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE [2013-12-23] (Microsoft Corporation)
Task: {FAB49829-3EE7-4234-BE84-277862F2A57C} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {FC6D6C6D-C925-4B22-BB23-45B26D333BAE} - System32\Tasks\ASUS Live Update2 => C:\Program Files\ASUS\ASUS Live Update\LiveUpdate.exe [2013-08-28] (ASUSTeK Computer Inc.)
==================== Loaded Modules (whitelisted) =============
2013-08-26 11:53 - 2013-08-26 11:53 - 00394752 _____ () C:\Program Files\ASUS\ASUS Reading Mode\CCTReaderMode.dll
2013-08-26 11:53 - 2013-08-26 11:53 - 00113152 _____ () C:\Program Files\ASUS\ASUS Reading Mode\AppVisibilityNotifyLib_x86.dll
2013-12-23 16:55 - 2013-12-23 16:58 - 00312896 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2013-12-23 16:55 - 2013-12-23 16:58 - 00354368 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\c2r32.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Mike\AppData\Roaming\Dropbox\bin\libcef.dll
2013-12-29 12:20 - 2013-12-29 12:20 - 05441536 _____ () C:\Users\Mike\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Map\5cd40812e4ab9d97685efb72c8ea4897\Map.ni.exe
2013-12-29 12:18 - 2013-12-29 12:18 - 03536384 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.UI.Xaml\e32d3ed8f85d9a5db7bf9023b353cb58\Windows.UI.Xaml.ni.dll
2013-12-29 12:18 - 2013-12-29 12:18 - 01131008 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.App640a3541#\dabe5219784ac934a265a7f25310dad1\Windows.ApplicationModel.ni.dll
2013-12-29 12:20 - 2013-12-29 12:20 - 00140288 _____ () C:\Users\Mike\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Utils\b39659c95c979b9824e7a86f5dbf4d2a\Utils.ni.dll
2013-12-29 12:20 - 2013-12-29 12:20 - 00672768 _____ () C:\Users\Mike\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\DataTypes\f9ccc5967885b41e93572b2544f495be\DataTypes.ni.dll
2013-12-29 12:20 - 2013-12-29 12:20 - 00967680 _____ () C:\Users\Mike\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Bing.Maps\f1858be5fa790b771e6b09832d40b063\Bing.Maps.ni.dll
2013-12-29 12:18 - 2013-12-29 12:18 - 00228864 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Foundation\b8528312633377ac7bb4676a625c71c8\Windows.Foundation.ni.dll
2013-12-29 12:18 - 2013-12-29 12:18 - 00960000 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.UI\7784492f208faf56f366aeee52cb2ff8\Windows.UI.ni.dll
2013-12-29 12:18 - 2013-12-29 12:18 - 00133120 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.System\790a2adcc1f3a2e1ceade0fc87f27ac1\Windows.System.ni.dll
2013-12-29 12:18 - 2013-12-29 12:18 - 00808448 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Storage\d931a194d4e7c798a1b5ac77a50d1a18\Windows.Storage.ni.dll
2013-12-29 12:20 - 2013-12-29 12:20 - 00203264 _____ () C:\Users\Mike\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Requests\c113dcaf2e162607e0b6a1ada26034c8\Requests.ni.dll
2013-12-29 12:18 - 2013-12-29 12:18 - 00238080 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Gloaae92e31#\f1fb39833651929289b8a88d5549434d\Windows.Globalization.ni.dll
2013-12-29 12:18 - 2013-12-29 12:18 - 01282048 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Devices\3dbfc73853edc0b96eda97047c76e849\Windows.Devices.ni.dll
2013-12-29 12:18 - 2013-12-29 12:18 - 00797696 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Networking\b37a928b831950ed1dec489f63be0bea\Windows.Networking.ni.dll
2013-12-29 12:18 - 2013-12-29 12:18 - 00337920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Data\bd618ab4e74280cc52ef7b72fd5b51a8\Windows.Data.ni.dll
2013-12-29 12:20 - 2013-12-29 12:20 - 00780288 _____ () C:\Users\Mike\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Microsoft.Bc95a2f00#\570dd26042a3ba0e414951bef7435337\Microsoft.Bing.Platform.Logging.ClientWinRT.ni.dll
2013-12-29 12:18 - 2013-12-29 12:18 - 00304128 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Graphics\b650c40f5ba744cda000968ffd7a5323\Windows.Graphics.ni.dll
2013-12-29 12:18 - 2013-12-29 12:18 - 00402432 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Windows.Security\9aad465391afe0501b636358b5cae7e1\Windows.Security.ni.dll
2013-12-29 12:20 - 2013-12-29 12:20 - 00216576 _____ () C:\Users\Mike\AppData\Local\Packages\Microsoft.BingMaps_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Authentication\8f888ac4b484b3ea5210826dd56455f8\Authentication.ni.dll
2013-12-23 16:52 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Mike\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/09/2014 01:00:03 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/09/2014 00:59:59 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/09/2014 00:59:58 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/09/2014 00:47:58 PM) (Source: DptfPolicyLpmService) (User: )
Description: DptfPolicyLpmServiceServiceMainThread: App specific mode was turned off, but timer was not running.
Error: (01/08/2014 09:26:50 AM) (Source: DptfPolicyLpmService) (User: )
Description: DptfPolicyLpmServiceServiceMainThread: App specific mode was turned off, but timer was not running.
Error: (01/07/2014 06:42:46 PM) (Source: DptfPolicyLpmService) (User: )
Description: DptfPolicyLpmServiceServiceMainThread: App specific mode was turned off, but timer was not running.
Error: (01/07/2014 01:27:09 PM) (Source: DptfPolicyLpmService) (User: )
Description: DptfPolicyLpmServiceServiceMainThread: App specific mode was turned off, but timer was not running.
Error: (01/07/2014 08:30:52 AM) (Source: DptfPolicyLpmService) (User: )
Description: DptfPolicyLpmServiceServiceMainThread: App specific mode was turned off, but timer was not running.
Error: (01/07/2014 08:27:29 AM) (Source: DptfPolicyLpmService) (User: )
Description: DptfPolicyLpmServiceServiceMainThread: App specific mode was turned off, but timer was not running.
Error: (01/04/2014 00:33:36 PM) (Source: DptfPolicyLpmService) (User: )
Description: DptfPolicyLpmServiceServiceMainThread: App specific mode was turned off, but timer was not running.
System errors:
=============
Error: (01/09/2014 00:49:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070005 fehlgeschlagen: Update für Windows 8.1 (KB2883200)
Error: (01/09/2014 10:08:13 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (01/09/2014 10:08:13 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (01/09/2014 10:05:49 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (01/08/2014 05:15:04 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "BETTYNA-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{BF6ABABA-40E7-433F-92F7-87193E3-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (01/08/2014 04:49:11 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ASLDRService erreicht.
Error: (01/08/2014 03:39:01 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ASLDRService erreicht.
Error: (01/08/2014 03:19:56 PM) (Source: DCOM) (User: MIKE-T100)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Mike-T100MikeS-1-5-21-2804776985-3952458509-2160609318-1001LocalHost (unter Verwendung von LRPC)Microsoft.BingNews_3.0.1.321_x86__8wekyb3d8bbweS-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257
Error: (01/08/2014 10:01:22 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ASLDRService erreicht.
Error: (01/07/2014 06:42:41 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Microsoft Office Sessions:
=========================
Error: (01/09/2014 01:00:03 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ASUS\ASUS Smart Gesture\win7\AsusTPDrv\x64\dpinst.exe
Error: (01/09/2014 00:59:59 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ASUS\ASUS Smart Gesture\win8\AsusTPDrv\x64\dpinst.exe
Error: (01/09/2014 00:59:58 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\ASUS\ASUS Smart Gesture\win81\AsusTPDrv\x64\dpinst.exe
Error: (01/09/2014 00:47:58 PM) (Source: DptfPolicyLpmService)(User: )
Description: DptfPolicyLpmServiceServiceMainThread: App specific mode was turned off, but timer was not running.
Error: (01/08/2014 09:26:50 AM) (Source: DptfPolicyLpmService)(User: )
Description: DptfPolicyLpmServiceServiceMainThread: App specific mode was turned off, but timer was not running.
Error: (01/07/2014 06:42:46 PM) (Source: DptfPolicyLpmService)(User: )
Description: DptfPolicyLpmServiceServiceMainThread: App specific mode was turned off, but timer was not running.
Error: (01/07/2014 01:27:09 PM) (Source: DptfPolicyLpmService)(User: )
Description: DptfPolicyLpmServiceServiceMainThread: App specific mode was turned off, but timer was not running.
Error: (01/07/2014 08:30:52 AM) (Source: DptfPolicyLpmService)(User: )
Description: DptfPolicyLpmServiceServiceMainThread: App specific mode was turned off, but timer was not running.
Error: (01/07/2014 08:27:29 AM) (Source: DptfPolicyLpmService)(User: )
Description: DptfPolicyLpmServiceServiceMainThread: App specific mode was turned off, but timer was not running.
Error: (01/04/2014 00:33:36 PM) (Source: DptfPolicyLpmService)(User: )
Description: DptfPolicyLpmServiceServiceMainThread: App specific mode was turned off, but timer was not running.
CodeIntegrity Errors:
===================================
Date: 2014-01-09 12:44:57.836
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-08 09:25:28.742
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-07 18:41:22.881
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-07 13:25:46.006
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-07 08:29:29.959
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-07 08:27:05.962
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\sp_rsdrv2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-07 08:27:05.837
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\sp_rsdrv2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-07 08:26:05.258
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\sp_rsdrv2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-07 08:25:56.836
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\ssmdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-06 16:18:01.287
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\sp_rsdrv2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 58%
Total physical RAM: 1933.23 MB
Available physical RAM: 800.11 MB
Total Pagefile: 3341.23 MB
Available Pagefile: 1640.91 MB
Total Virtual: 2047.88 MB
Available Virtual: 1871.72 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:28.21 GB) (Free:8.56 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data1) (Fixed) (Total:465.76 GB) (Free:437.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 29 GB) (Disk ID: F431A8A4)
Partition: GPT Partition Type
========================================================
Disk: 2 (Size: 466 GB) (Disk ID: ED1AB4AE)
Partition: GPT Partition Type
==================== End Of Log ============================
--- --- ---
