| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows System immer bei 20% Systemauslastung, Virus vermutetWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.06.2013, 17:10
| #1 |
 |  Windows System immer bei 20% Systemauslastung, Virus vermutet Hallo, ich habe ein Problem mit meinem PC. Undzwar ist dieser vom System (auch wenn ich nichts mache) immer 15-20% ausgelastet.  Ich habe schon ein Virenprogramm (avast! in der Freeware Version) laufen lassen und einen Full-Scan mit MalewareBytes, welcher auch zu keinerlei verdächtigen Dateien führte. Code:
ATTFilter Process CPU Private Bytes Working Set PID Description Company Name
System Idle Process 73.81 0 K 20 K 0
System 12.44 124 K 324 K 4
Interrupts 1.18 0 K 0 K n/a Hardware Interrupts and DPCs
smss.exe 296 K 1.044 K 392
csrss.exe < 0.01 2.256 K 6.772 K 624
wininit.exe 1.184 K 3.968 K 708
services.exe 5.192 K 9.100 K 824
svchost.exe 0.01 3.732 K 9.872 K 948 Host Process for Windows Services Microsoft Corporation
WmiPrvSE.exe 3.020 K 7.452 K 3332
unsecapp.exe 1.704 K 5.152 K 4108
dllhost.exe 2.240 K 7.164 K 6744
LiveComm.exe Suspended 4.472 K 4.908 K 7472 Communications Service Microsoft Corporation
RuntimeBroker.exe 2.168 K 5.632 K 6800 Runtime Broker Microsoft Corporation
NotiMan.exe 1.448 K 5.276 K 5664 Notification Manager Creative Technology Ltd.
svchost.exe 5.244 K 8.872 K 140 Host Process for Windows Services Microsoft Corporation
atiesrxx.exe 912 K 2.928 K 336 AMD External Events Service Module AMD
atieclxx.exe 2.304 K 7.164 K 3952
svchost.exe < 0.01 20.188 K 29.020 K 404 Host Process for Windows Services Microsoft Corporation
svchost.exe 24.976 K 41.656 K 424 Host Process for Windows Services Microsoft Corporation
svchost.exe < 0.01 12.036 K 20.808 K 316 Host Process for Windows Services Microsoft Corporation
svchost.exe 13.620 K 31.572 K 1112 Host Process for Windows Services Microsoft Corporation
dasHost.exe 5.232 K 14.072 K 2996
CTAudSvc.exe 1.236 K 4.124 K 1304 Creative Audio Service Creative Technology Ltd
ClassicShellService.exe 812 K 3.284 K 1352 Classic Shell Service IvoSoft
ClassicStartMenu.exe 4.140 K 7.996 K 3324 Classic Start Menu IvoSoft
RTKAUDIOSERVICE64.EXE 1.492 K 4.872 K 1376 Realtek Audio Service Realtek Semiconductor
RAVBg64.exe 4.692 K 9.864 K 4496
svchost.exe 14.200 K 18.312 K 1432 Host Process for Windows Services Microsoft Corporation
AvastSvc.exe 0.24 101.416 K 5.596 K 1500 avast! Service AVAST Software
GFNEXSrv.exe < 0.01 1.860 K 5.952 K 1592 GFNEXSrv
spoolsv.exe 5.156 K 13.596 K 1728 Spooler SubSystem App Microsoft Corporation
svchost.exe 23.356 K 25.744 K 1896 Host Process for Windows Services Microsoft Corporation
armsvc.exe 1.120 K 3.868 K 2388 Adobe Acrobat Update Service Adobe Systems Incorporated
HeciServer.exe 1.340 K 5.116 K 2508 Intel(R) Capability Licensing Service Interface Intel(R) Corporation
Jhi_service.exe 1.108 K 4.316 K 2560 Intel(R) Dynamic Application Loader Host Interface Intel Corporation
svchost.exe 2.896 K 9.016 K 2720 Host Process for Windows Services Microsoft Corporation
TODDSrv.exe < 0.01 1.484 K 4.632 K 2848 TDCSrv Application TOSHIBA Corporation
Y2Desktop.Updater.exe < 0.01 13.888 K 13.368 K 2964 Y2Desktop.Updater Microsoft
TecoService.exe 0.03 2.856 K 8.564 K 3184 TOSHIBA eco Utility Service TOSHIBA Corporation
svchost.exe < 0.01 6.064 K 12.868 K 3704 Host Process for Windows Services Microsoft Corporation
SearchIndexer.exe 30.524 K 32.736 K 4532 Microsoft Windows Search Indexer Microsoft Corporation
svchost.exe < 0.01 10.356 K 15.464 K 4140 Host Process for Windows Services Microsoft Corporation
IntelMeFWService.exe 1.204 K 3.960 K 4468 Intel(R) ME Service Intel Corporation
LMS.exe 0.01 1.752 K 5.028 K 7024 Local Manageability Service Intel Corporation
NASvc.exe 2.092 K 6.564 K 6980 NeroUpdate Nero AG
UNS.exe 3.876 K 11.432 K 7164 User Notification Service Intel Corporation
TPCHSrv.exe 2.860 K 7.652 K 7120 TOSHIBA PC Health Monitor TOSHIBA Corporation
TMachInfo.exe < 0.01 25.652 K 33.696 K 2784 TSS TMachInfo Service TOSHIBA Corporation
TemproSvc.exe 16.276 K 20.328 K 3744 Toshiba TEMPRO Toshiba Europe GmbH
SynTPEnh.exe < 0.01 3.820 K 816 K 5612 Synaptics TouchPad Enhancements Synaptics Incorporated
taskhostex.exe 7.896 K 12.928 K 5548 Host Process for Windows Tasks Microsoft Corporation
ToshibaServiceStation.exe 33.264 K 4.112 K 7264 TOSHIBA Service Station TOSHIBA Corporation
lsass.exe < 0.01 6.636 K 14.228 K 836 Local Security Authority Process Microsoft Corporation
GoogleCrashHandler.exe 1.476 K 1.148 K 2568
GoogleCrashHandler64.exe 1.308 K 152 K 2628
csrss.exe 0.21 3.724 K 9.444 K 4900
winlogon.exe 1.768 K 5.620 K 7812
dwm.exe 0.09 22.308 K 30.356 K 7468
explorer.exe 0.09 53.716 K 99.224 K 5892 Windows Explorer Microsoft Corporation
RAVCpl64.exe 4.108 K 10.560 K 2812 Realtek HD Audio Manager Realtek Semiconductor
TCrdMain_Win8.exe 3.764 K 13.200 K 7640 TCrdMain Application
TecoResident.exe 1.924 K 6.188 K 972 Resident module of eco Utility TOSHIBA Corporation
SRSPanel_64.exe 0.01 9.632 K 19.688 K 6028 SRS Control Panel SRS Labs, Inc.
rundll32.exe 5.172 K 8.300 K 4908 Windows host process (Rundll32) Microsoft Corporation
googledrivesync.exe 1.108 K 3.616 K 7540 Google Drive Google
googledrivesync.exe 0.01 47.200 K 61.896 K 7152 Google Drive Google
MusicManager.exe 0.01 12.392 K 23.868 K 4692 Music Manager Google Inc.
RemoteServer.exe 0.05 24.708 K 34.660 K 7320 Unified Remote Server Unified Intents AB
procexp.exe 2.544 K 7.944 K 4684 Sysinternals Process Explorer Sysinternals - www.sysinternals.com
procexp64.exe 0.34 22.404 K 45.648 K 6756 Sysinternals Process Explorer Sysinternals - www.sysinternals.com
SynTPHelper.exe 1.236 K 340 K 7032
TPCHWMsg.exe 2.048 K 7.028 K 6544 TOSHIBA PC Health Monitor TOSHIBA Corporation
AvastUI.exe 0.01 15.564 K 7.524 K 6404 avast! Antivirus AVAST Software
VolPanlu.exe < 0.01 7.652 K 14.184 K 5932 VolPanlu.exe Creative Technology Ltd
DLLML.exe 10.720 K 15.488 K 3032 DLL Module Loader Creative Technology Ltd.
MOM.exe 0.01 27.188 K 3.688 K 7524 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.
CCC.exe 0.01 75.684 K 3.360 K 3448 Catalyst Control Center: Host application ATI Technologies Inc.
chrome.exe 0.15 133.316 K 192.112 K 5668 Google Chrome Google Inc.
chrome.exe < 0.01 57.936 K 78.376 K 1540 Google Chrome Google Inc.
chrome.exe 0.12 70.912 K 99.740 K 6832 Google Chrome Google Inc.
chrome.exe 22.664 K 49.956 K 8140 Google Chrome Google Inc.
chrome.exe 90.956 K 118.996 K 68 Google Chrome Google Inc.
chrome.exe 0.03 108.288 K 139.712 K 8156 Google Chrome Google Inc.
mbam.exe 11.13 216.960 K 227.532 K 4876
zu meinem System: Core i7 3630QM, ATI 7670M, 8GB Ram Mfg Thomas T. |
|
07.06.2013, 17:16
| #2 |
| /// the machine /// TB-Ausbilder    | Windows System immer bei 20% Systemauslastung, Virus vermutet Hi,
__________________Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden ).
__________________ |
|
07.06.2013, 17:27
| #3 |
| | Windows System immer bei 20% Systemauslastung, Virus vermutet Okay. schonmal danke für die schnelle raktion
__________________ https://docs.google.com/file/d/0B0T-2P7o0EFsOUhCZ0dzZ0xNTnM/edit?usp=sharing https://docs.google.com/file/d/0B0T-2P7o0EFsaHNCODhqMzR5MkU/edit?usp=sharing wusste nicht wie man dinge als archiv anhängt :P |
|
07.06.2013, 18:05
| #4 |
| /// the machine /// TB-Ausbilder | Windows System immer bei 20% Systemauslastung, Virus vermutet So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.06.2013, 18:29
| #5 |
| | Windows System immer bei 20% Systemauslastung, Virus vermutet So gibt er mir die error meldung aus, das der text zu lang sei  |
|
07.06.2013, 18:30
| #6 |
| /// the machine /// TB-Ausbilder | Windows System immer bei 20% Systemauslastung, Virus vermutet Dann splitte ihn auf oder poste die Logs einzeln je Post
__________________ --> Windows System immer bei 20% Systemauslastung, Virus vermutet |
|
07.06.2013, 18:38
| #7 |
| | Windows System immer bei 20% Systemauslastung, Virus vermutetCode:
ATTFilter OTL Extras logfile created on: 07.06.2013 18:21:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = E:\Thomas\Downloads\Setups
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16580)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
7,95 Gb Total Physical Memory | 5,21 Gb Available Physical Memory | 65,46% Memory free
15,95 Gb Paging File | 13,06 Gb Available in Paging File | 81,85% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 124,24 Gb Total Space | 80,10 Gb Free Space | 64,47% Space Free | Partition Type: NTFS
Drive E: | 89,61 Gb Total Space | 35,43 Gb Free Space | 39,54% Space Free | Partition Type: NTFS
Computer Name: TRANCEGOTT-PC | User Name: Thomas Terpelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{18DD28A0-953A-494F-9A92-60A619BF6914}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1AAAE116-A8F7-48CF-8E04-7655E3F49669}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{225238CC-5005-4436-A01E-8C8D714D39F7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{27385EDD-1861-4D67-BF31-24706B78C987}" = rport=445 | protocol=6 | dir=out | app=system |
"{66676DC6-07FF-4F7E-91C5-23FC01C50F17}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7DE29ED9-32B3-4BDD-82C9-EC3DBE05CDD7}" = lport=139 | protocol=6 | dir=in | app=system |
"{81B86CE1-42B3-4653-9719-C2B15381F811}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8C757942-1743-4FF9-AF48-2182FBF1F30E}" = lport=137 | protocol=17 | dir=in | app=system |
"{8D3FFA7A-F8D2-4ADF-BFE7-2B7E7553BDB5}" = rport=139 | protocol=6 | dir=out | app=system |
"{91336B76-2D08-4958-AC72-8EF77BE8CB96}" = rport=138 | protocol=17 | dir=out | app=system |
"{9F3573A1-DAD6-4D99-A2D2-75523386516F}" = lport=445 | protocol=6 | dir=in | app=system |
"{A2259A23-07BC-4439-9357-C23CCB69408D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BE0DDB2F-83F8-433D-B272-EEF590DBEE95}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C74DFF48-8A48-4111-81E0-B4E5D8FB5F5B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CD0F3A82-E9AC-44F8-B655-460C0025B7E2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CE15CFC3-99FC-4A62-BC3E-2498A2141E1F}" = rport=137 | protocol=17 | dir=out | app=system |
"{D55F70F7-3388-4320-AD18-EB02F7657C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{E7EC72D3-715C-407E-9E51-2187878B8D23}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E83EBFE3-394C-4FE9-B6B0-877EF493D595}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EC90D772-6C2F-4F11-8952-4CE256D190A9}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F1186F68-CA24-4C7F-A412-8026C62B690A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{133902FF-3168-426D-AE2D-C71445B03C65}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{13F6A01A-E6C5-4A09-B393-AF4D669386CE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{15F0D0D9-F0BA-4B66-8F15-1E73495D97AE}" = dir=out | name=evernote |
"{1CE9E11F-4DCE-42D9-8F23-38EAD8A75C74}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{2117DB62-53A5-40D0-9AD4-212161FAFACE}" = dir=in | name=ebay |
"{2924068E-97D1-49C1-A5AD-7567C948C5D8}" = dir=out | name=microsoft solitaire collection |
"{2D975BB1-5020-471E-8866-70DC87E13770}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{30CEE3AE-D1A1-4DC5-B9C7-32C1952D756A}" = dir=out | name=- games app - |
"{3E5E9498-7002-4F25-8AC8-3BEA2B0AA038}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4CFC1D16-C447-4B02-9DB0-1C50470DA803}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{539577CA-6015-4647-98E6-AF4B9A400D99}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{5B097F75-AD01-4B98-A9B5-5916104E4E61}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{5CC74C17-8645-4531-8D06-E4853653B2C1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{5F5D174F-B751-4002-A3FB-4FB6037A727F}" = dir=out | name=mcafee security advisor for toshiba |
"{6088DD84-F2F3-47FC-A646-224EB99AE8CD}" = dir=out | name=windows_ie_ac_001 |
"{657F8C2A-0153-4CFF-9AA7-3D094D8B5C17}" = dir=out | name=skype |
"{6888DF2D-3E4C-4648-A739-CDEBD4B6BC1F}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{69A2E103-3129-4F3C-A069-6D118D40D109}" = dir=in | name=toshiba media player by smedio truelink+ |
"{6F51106F-229D-418A-8F8B-30FFC305BE89}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{6F7E3DD5-D392-4287-9D4C-99B9DB978DE2}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{74726519-19FE-459D-A047-BF9ACB9110E9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{77F5AC52-D30A-4026-8879-D3B7D303EFB7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{79EACC43-FC85-4220-ADC3-C13EEBB1328C}" = dir=out | name=skitch |
"{7A3C3F1E-8676-434A-8A24-1FB9834351E5}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{7CF6FF05-C9F8-45E8-8851-FE53E06E795F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7F9A3819-F1CC-474C-8A20-0A21E860F250}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{7FA3F2AE-E4F2-479B-99A3-49A18D86FDAA}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8580411F-0168-47ED-913A-858793A13966}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{88F970A8-7923-4057-B9FE-BCF67DE2FC57}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8D152937-C386-4A1D-B13A-D121F794054F}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{8E08C0C3-CD04-46B7-BE7E-AB803212A1CC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{90A4DC8E-6621-463B-8F5F-6EC8E894CA47}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{94E6441C-E5D4-4457-8A66-5CC0DDA2471D}" = dir=out | name=ebay |
"{9C3DFE08-8144-4D0B-A797-B62A15A71032}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A1AF53BC-8B3C-4F66-A9A6-301876A25673}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{A1EA0DCA-DB6A-4B49-BA94-578C04F5A10F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A3884018-AB3F-4FB0-9B38-9BEB4E6F1990}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{A7964C94-2561-4E1B-9053-12575AEC288B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{ACACED64-5F1A-4457-BD16-CBFEDEFE9C06}" = dir=in | name=skype |
"{B103F159-B8A3-4A31-B8A8-E5FBBB71735F}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{B63C5B8D-B7C3-437B-B98A-31759796736E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B91C5C5B-2468-471A-BAA3-8C5BEA1680FD}" = dir=out | name=fresh paint |
"{B935D4EB-16A5-4FE5-B935-2097F52A96E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BF6B9575-1D05-4029-99EB-A7F08AB2E0F8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C2F42A4D-0D33-464A-B08D-DCEB0299CF35}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{C41EE77E-2C6A-4539-A696-D5E1DE02AD8F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C4746A2D-491C-41BF-BF50-E88A61AF0A4C}" = dir=out | name=toshiba places |
"{C51F1F57-262F-49AE-9A08-55B5F0973D54}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{C5BAF9B3-3A6A-4426-BFBA-EBC98F78DE50}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{C7E7DDA6-6D0E-46FC-857C-460F1CC05E6A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CA3B74E6-3501-433F-B8E8-F01655130780}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{CB1A8287-5B67-4C22-A9BC-1B3FCEC91075}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{CE6A0CEE-A550-48AD-9F01-C7985CF8157D}" = protocol=6 | dir=out | app=system |
"{CFC7E02D-0842-4B65-93AF-F1BE3EA158E7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D0045B30-DF68-415C-8C81-2BECE75179CD}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{D55379D6-D6FA-4F7D-9F10-D5F4999D31E2}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{D6D97615-01D9-4C5D-8C76-3D3F51D5CA1F}" = dir=in | name=evernote |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E83EAF2A-B2D6-4808-910E-69A2AD435B33}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E8C46BE6-F40E-4BCB-ABCD-38E90BF9C0FC}" = dir=out | name=toshiba media player by smedio truelink+ |
"{ED4F60E5-1FA8-4AB1-BC1C-7F5E52959EEF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F205F459-662B-48CF-A855-067BC47DAD07}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{FCDA8922-ADF4-4AD7-846F-B728BCECF8BA}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"TCP Query User{1EB12DF0-8992-4CED-805D-0D7872FD9F10}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{578A0777-2429-4BDE-8EE3-80D1A68130EA}C:\program files (x86)\unified remote\remoteserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe |
"TCP Query User{72E27BF3-956A-4129-85DC-9A9733D0B6CC}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"UDP Query User{04810E35-CC39-437D-A7D8-B8021C4D8F9F}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe |
"UDP Query User{40D2EAAD-8711-4495-B7EA-3BDD6F33204D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{62AE6851-4F0A-4FF3-8F75-6E5FD59D1203}C:\program files (x86)\unified remote\remoteserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{026B819B-4D60-4C8B-892D-33A0D8666F60}" = Atheros Bluetooth Filter Driver Package
"{16562A90-71BC-41A0-B890-D91B0C267120}" = TOSHIBA Function Key
"{16A4E6F1-B22E-E53E-10C2-E6EF0B893797}" = ccc-utility64
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5944B9D4-3C2A-48DE-931E-26B31714A2F7}" = TOSHIBA eco Utility
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7F34ADBE-77C0-47A0-BBC6-B3DA16CE8E68}" = Classic Shell
"{80D83D9D-A83A-27DC-C9F6-B451FFBFAD06}" = AMD Accelerated Video Transcoding
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 2.053
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0407-1000-0000000FF1CE}" = Microsoft Access MUI (German) 2013
"{90150000-0016-0407-1000-0000000FF1CE}" = Microsoft Excel MUI (German) 2013
"{90150000-0018-0407-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (German) 2013
"{90150000-0019-0407-1000-0000000FF1CE}" = Microsoft Publisher MUI (German) 2013
"{90150000-001A-0407-1000-0000000FF1CE}" = Microsoft Outlook MUI (German) 2013
"{90150000-001B-0407-1000-0000000FF1CE}" = Microsoft Word MUI (German) 2013
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office*- Français
"{90150000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Italiano
"{90150000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2013
"{90150000-0044-0407-1000-0000000FF1CE}" = Microsoft InfoPath MUI (German) 2013
"{90150000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2013
"{90150000-0090-0407-1000-0000000FF1CE}" = Microsoft DCF MUI (German) 2013
"{90150000-00A1-0407-1000-0000000FF1CE}" = Microsoft OneNote MUI (German) 2013
"{90150000-00BA-0407-1000-0000000FF1CE}" = Microsoft Groove MUI (German) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2013
"{90150000-00E1-0407-1000-0000000FF1CE}" = Microsoft Office OSM MUI (German) 2013
"{90150000-00E2-0407-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (German) 2013
"{90150000-012B-0407-1000-0000000FF1CE}" = Microsoft Lync MUI (German) 2013
"{94F03B8E-CB73-4653-AFE9-79112C01FED2}" = Premium Sound HD
"{95CCACF0-010D-45F0-82BF-858643D8BC02}" = TOSHIBA Desktop Assist
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{B8C8422F-01F1-4791-B084-047AAFF9BFCC}" = TOSHIBA Service Station
"{C23F43A3-327E-2969-52F2-89ED83D99F48}" = AMD Catalyst Install Manager
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{FF07604E-C860-40E9-A230-E37FA41F103A}" = TOSHIBA VIDEO PLAYER
"78E642E5D6B0C34475621BAA7507EE5BEE614E56" = Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net (03/11/2013 10.0.0.234)
"CCleaner" = CCleaner
"E1372496057C172077BF73361B176A2D63F397C6" = Windows Driver Package - Qualcomm Atheros Communications Inc. Net (03/11/2013 10.0.0.234)
"KLiteCodecPack64_is1" = K-Lite Codec Pack 9.9.0 (64-bit)
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0071820F-09B0-4998-8320-F89629DCBC99}" = Nero BackItUp
"{052A1E34-A54B-458C-A4E3-24C3E054754A}" = Nero Kwik Media
"{05A55927-DB9B-4E26-BA44-828EBFF829F0}" = TOSHIBA System Settings
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{0A9DA353-D0CD-4922-A54B-2F5F4EC90986}" = Sound Blaster X-Fi Surround 5.1 Pro
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0E04AD66-9C5A-46DF-836B-29BD26194820}" = Unified Remote
"{0E33FCE0-4AA4-63FE-AB3F-C4AD57522BE1}" = CCC Help Norwegian
"{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}" = Nero Launcher
"{0F37A1A4-8B97-A488-9C83-703B54833180}" = Catalyst Control Center InstallProxy
"{1001266B-D4BB-46D9-B023-2612A8CE3A31}" = Nero BurnRights
"{156CA35F-4BC4-5E65-13AA-F1405833EBD7}" = CCC Help Greek
"{17C430DC-C629-D9F8-B2B7-18DFFA748571}" = CCC Help Spanish
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1C3DA126-D523-4089-BCCA-FA46FE34D6F8}" = Google Drive
"{1E6A96A1-2BAB-43EF-8087-30437593C66C}" = TOSHIBA System Driver
"{1F16820E-D0E7-4636-939E-45CBFEFB06E1}" = Nero Kwik Media Help (CHM)
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{24A088D6-705C-74B0-25DC-39762568C587}" = Catalyst Control Center
"{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1" = Samsung Magician
"{2D67CF11-66B2-38B0-5995-E3BF0CACEC39}" = CCC Help English
"{2EF76291-8647-46F0-89D8-0AA8B72A5420}" = Nero 12 Essentials Toshiba
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3398C858-451D-7B1B-DDAA-2C4D6F1E69A1}" = CCC Help Hungarian
"{38CE4C4B-21FE-E59C-2DCA-5659704AEC64}" = CCC Help Czech
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{5A5261FB-8366-AD7B-FFDF-02A63B2397B3}" = CCC Help Danish
"{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}" = Nero Blu-ray Player Help (CHM)
"{5B99CFC0-AA5D-6F95-8C4F-BCA01A014A99}" = CCC Help Finnish
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6591BFD7-DC89-4480-EF58-F8F765540D9E}" = CCC Help Chinese Traditional
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}" = TOSHIBA Resolution+ Plug-in for Windows Media Player
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba" = WildTangent Games App (Toshiba Games)
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{78931270-BC9E-441A-A52B-73ECD4ACFAB5}" = Toshiba Password Utility
"{80712216-D34B-085D-0952-7BE3215A4D3D}" = CCC Help Dutch
"{828175FA-7307-4DBF-95AD-9CEE086B6F45}" = Welcome App (Start-up experience)
"{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}" = Nero Express
"{86C23BA9-B797-B10F-FFF6-1AC494647DDE}" = CCC Help Italian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A74D395-1F88-4EA1-99DD-5D3F4CEC0D59}" = CCC Help Russian
"{8E7EABFA-BF37-4824-B792-4220C9E04233}" = Nero BurnRights Help (CHM)
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = TOSHIBA Manuals
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D2C8DC3-0FED-6B69-5AA1-1FA22FA76599}" = CCC Help Chinese Standard
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A6377BCB-10C1-6ED7-C635-54A6F758187C}" = Catalyst Control Center Localization All
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B953732D-B623-4E84-B369-CFFF7B1AE06F}" = Nero RescueAgent
"{BE0889B8-807C-9B09-1AE8-5F6ACF7D8317}" = CCC Help Swedish
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C3AB6747-75BD-5966-5C06-5CBE875A9E79}" = CCC Help Portuguese
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{CBFC9C1A-45B4-C0BE-8C7A-39502F17EBE7}" = CCC Help French
"{CD77DB4A-00A4-050D-64C1-746DDE10DD65}" = Catalyst Control Center Graphics Previews Common
"{CF1F9079-DCB5-4AA3-9015-CAA18A2CFF35}" = Catalyst Control Center - Branding
"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode version 3.1.6.0
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E078242F-4E82-5FF5-5ACD-2B06D7DBA3C6}" = CCC Help Turkish
"{E1E3876E-4D40-00C9-4097-64A023F95C83}" = CCC Help Polish
"{EE82F528-A1CF-B46B-A91A-A093288B6E55}" = CCC Help Thai
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F76F5214-83A8-4030-80C9-1EF57391D72A}" = Toshiba TEMPRO
"{F8FF3D85-5A7B-F64A-71EF-D581C0A780CC}" = CCC Help Japanese
"{FB755609-9F0E-B5D4-8091-155AAB543309}" = CCC Help Korean
"{FFF1A0B4-844A-FE20-FBEF-D8A7A698C7CD}" = CCC Help German
"5513-1208-7298-9440" = JDownloader 0.9
"avast" = avast! Free Antivirus
"Dolby Digital Live Pack" = Dolby Digital Live Pack
"Google Chrome" = Google Chrome
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}" = Toshiba Password Utility
"Intel AppUp(SM) center 33268" = Intel AppUp(SM) center
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.9.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"SysInfo" = Creative System Information
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WTA-2a08834a-b847-4339-a949-7e56e5061f70" = Island Tribe
"WTA-2f91ae9a-abd6-4dfd-a710-3ffff9f09971" = Polar Bowler
"WTA-3a17f458-7129-4482-9c56-d7ecee8005e2" = Bejeweled 3
"WTA-4a8396bc-76ca-4a89-8b2f-f43bc86f2973" = Peggle Nights
"WTA-5cafbdec-4163-4dac-bbcb-53dd6ed10b1d" = Jewel Quest Solitaire 2
"WTA-6c4c8d1f-cb08-41ab-af0c-b07e25bdd3f8" = Plants vs. Zombies - Game of the Year
"WTA-8a2256f1-a25d-4106-935b-7a2b4037a79f" = Empress of the Deep - The Darkest Secret
"WTA-94a58f11-7f29-42d5-8b50-01b596e2fff6" = Virtual Villagers 4 - The Tree of Life
"WTA-9ca4eda1-b0d0-436c-8434-b5f37b27b0cf" = Chuzzle Deluxe
"WTA-c6b4506f-da5a-49fa-85e8-31463949d497" = Aloha TriPeaks
"WTA-e07a82d1-24a9-412b-a23c-1da6e645147f" = Magic Academy
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MusicManager" = Music Manager
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.05.2013 06:18:20 | Computer Name = Trancegott-PC | Source = .NET Runtime | ID = 1022
Description =
Error - 30.05.2013 06:20:22 | Computer Name = Trancegott-PC | Source = .NET Runtime | ID = 1022
Description =
Error - 30.05.2013 06:21:54 | Computer Name = Trancegott-PC | Source = .NET Runtime | ID = 1022
Description =
Error - 30.05.2013 06:23:16 | Computer Name = Trancegott-PC | Source = .NET Runtime | ID = 1022
Description =
Error - 30.05.2013 06:26:59 | Computer Name = Trancegott-PC | Source = .NET Runtime | ID = 1022
Description =
Error - 30.05.2013 06:30:27 | Computer Name = Trancegott-PC | Source = .NET Runtime | ID = 1022
Description =
Error - 30.05.2013 06:33:15 | Computer Name = Trancegott-PC | Source = .NET Runtime | ID = 1022
Description =
Error - 30.05.2013 06:54:47 | Computer Name = Trancegott-PC | Source = .NET Runtime | ID = 1022
Description =
Error - 01.06.2013 10:56:28 | Computer Name = Trancegott-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.2.9200.16433,
time stamp: 0x50763312 Faulting module name: ntdll.dll, version: 6.2.9200.16579,
time stamp: 0x51637f77 Exception code: 0xc0000374 Fault offset: 0x00000000000ebd59
Faulting
process id: 0x150c Faulting application start time: 0x01ce5d44dcfe84bf Faulting application
path: C:\windows\Explorer.EXE Faulting module path: C:\windows\SYSTEM32\ntdll.dll
Report
Id: 6ff3434b-cacb-11e2-be7f-2016d88a82cf Faulting package full name: Faulting package-relative
application ID:
Error - 03.06.2013 16:47:24 | Computer Name = Trancegott-PC | Source = Application Hang | ID = 1002
Description = The program mpc-hc.exe version 1.6.8.7123 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1b40 Start
Time: 01ce60993cffd48c Termination Time: 14 Application Path: C:\Program Files (x86)\K-Lite
Codec Pack\Media Player Classic\mpc-hc.exe Report Id: c4014dcd-cc8e-11e2-be7f-2016d88a82cf
Faulting
package full name: Faulting package-relative application ID:
[ System Events ]
Error - 26.05.2013 10:02:50 | Computer Name = Trancegott-PC | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR13.
Error - 26.05.2013 10:06:59 | Computer Name = Trancegott-PC | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =
Error - 26.05.2013 10:07:21 | Computer Name = Trancegott-PC | Source = Service Control Manager | ID = 7000
Description = The McAfee Boot Delay Start Service service failed to start due to
the following error: %%2
Error - 27.05.2013 14:08:12 | Computer Name = Trancegott-PC | Source = Service Control Manager | ID = 7031
Description = The avast! Antivirus service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 5000 milliseconds:
Restart the service.
Error - 28.05.2013 08:28:06 | Computer Name = Trancegott-PC | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR14.
Error - 28.05.2013 08:28:07 | Computer Name = Trancegott-PC | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR14.
Error - 02.06.2013 07:26:54 | Computer Name = Trancegott-PC | Source = DCOM | ID = 10010
Description =
Error - 03.06.2013 04:57:30 | Computer Name = Trancegott-PC | Source = DCOM | ID = 10010
Description =
Error - 04.06.2013 10:25:26 | Computer Name = Trancegott-PC | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =
Error - 04.06.2013 10:26:05 | Computer Name = Trancegott-PC | Source = Service Control Manager | ID = 7000
Description = The McAfee Boot Delay Start Service service failed to start due to
the following error: %%2
< End of report >
Geändert von Trancegott (07.06.2013 um 18:44 Uhr) |
|
07.06.2013, 18:40
| #8 |
| | Windows System immer bei 20% Systemauslastung, Virus vermutet edit |
|
07.06.2013, 18:41
| #9 |
| | Windows System immer bei 20% Systemauslastung, Virus vermutetCode:
ATTFilter OTL logfile created on: 07.06.2013 18:21:46 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = E:\Thomas\Downloads\Setups 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16580) Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 7,95 Gb Total Physical Memory | 5,21 Gb Available Physical Memory | 65,46% Memory free 15,95 Gb Paging File | 13,06 Gb Available in Paging File | 81,85% Paging File free Paging file location(s): c:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 124,24 Gb Total Space | 80,10 Gb Free Space | 64,47% Space Free | Partition Type: NTFS Drive E: | 89,61 Gb Total Space | 35,43 Gb Free Space | 39,54% Space Free | Partition Type: NTFS Computer Name: TRANCEGOTT-PC | User Name: Thomas Terpelle | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - E:\Thomas\Downloads\Setups\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe (Microsoft) PRC - C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.) PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) PRC - c:\Program Files\Classic Shell\ClassicShellService.exe (IvoSoft) PRC - C:\Program Files (x86)\Unified Remote\RemoteServer.exe (Unified Intents AB) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) PRC - C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe (Creative Technology Ltd) PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) PRC - C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.) PRC - C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe (Creative Technology Ltd.) ========== Modules (No Company Name) ========== MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\wx._core_.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\_ssl.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\wx._controls_.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\windows._cacheinvalidation.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\wx._windows_.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\wx._gdi_.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\wx._misc_.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\_hashlib.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\unicodedata.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\pysqlite2._sqlite.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\pythoncom27.dll () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32com.shell.shell.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\_elementtree.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\pyexpat.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\wx._wizard.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32file.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\pywintypes27.dll () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32security.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32api.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\_ctypes.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\wx._html2.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\_socket.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32inet.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32process.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\_multiprocessing.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32pdh.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32ts.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32event.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32profile.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32crypt.pyd () MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\select.pyd () MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppgooglenaclpluginchrome.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libglesv2.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libegl.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll () MOD - C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll () MOD - C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll () MOD - C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\libid3tag.dll () MOD - C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\libaacdec.dll () MOD - C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll () MOD - C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll () MOD - C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll () MOD - C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\QtGui4.dll () MOD - C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\QtCore4.dll () MOD - C:\Windows\SysWOW64\APOMngr.DLL () MOD - C:\Windows\SysWOW64\CmdRtr.DLL () ========== Services (SafeList) ========== SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV:64bit: - (ClassicShellService) -- c:\Program Files\Classic Shell\ClassicShellService.exe (IvoSoft) SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation) SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation) SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation) SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation) SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation) SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation) SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation) SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation) SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Realtek Semiconductor) SRV:64bit: - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\Teco\TecoService.exe (TOSHIBA Corporation) SRV:64bit: - (TPCHSrv) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation) SRV:64bit: - (TMachInfo) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation) SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation) SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation) SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation) SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation) SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation) SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation) SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation) SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation) SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation) SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation) SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation) SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation) SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation) SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation) SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs) SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (TemproMonitoringService) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH) SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation) SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) SRV - (GFNEXSrv) -- C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe () SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.) SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd) ========== Driver Services (SafeList) ========== DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\Drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\Drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (aswSnx) -- C:\windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswVmm) -- C:\windows\SysNative\drivers\aswVmm.sys () DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\Drivers\aswRdr2.sys (AVAST Software) DRV:64bit: - (aswRvrt) -- C:\windows\SysNative\drivers\aswRvrt.sys () DRV:64bit: - (aswTdi) -- C:\windows\SysNative\drivers\aswTdi.sys (AVAST Software) DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\Drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswFsBlk) -- C:\windows\SysNative\drivers\aswFsBlk.sys (AVAST Software) DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation) DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation) DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation) DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation) DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\Drivers\usb8023x.sys (Microsoft Corporation) DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation) DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation) DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation) DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation) DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation) DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation) DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation) DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation) DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation) DRV:64bit: - (tosrfec) -- C:\Windows\SysNative\Drivers\tosrfec.sys (TOSHIBA Corporation) DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation) DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\Drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\Drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys (Synaptics Incorporated) DRV:64bit: - (Thotkey) -- C:\Windows\SysNative\Drivers\Thotkey.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation) DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek ) DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation) DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation) DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation) DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation) DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation) DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation) DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation) DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation) DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation) DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation) DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation) DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation) DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation) DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation) DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation) DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation) DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation) DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation) DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation) DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation) DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation) DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation) DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation) DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation) DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation) DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\Drivers\TVALZ_O.SYS (TOSHIBA Corporation) DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\Drivers\tdcmdpst.sys (TOSHIBA Corporation.) DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.) DRV:64bit: - (TVALZFL) -- C:\Windows\SysNative\Drivers\TVALZFL.sys (TOSHIBA Corporation) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\Drivers\AtihdW86.sys (Advanced Micro Devices) DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\Drivers\btfilter.sys (Atheros) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (RTL8192Ce) -- C:\Windows\SysNative\Drivers\rtwlane.sys (Realtek Semiconductor Corporation ) DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (tos_sps64) -- C:\Windows\SysNative\Drivers\tos_sps64.sys (TOSHIBA Corporation) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (ksaud) -- C:\Windows\SysNative\Drivers\ksaud.sys (Creative Technology Ltd.) DRV - (PEGAGFN) -- C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys (PEGATRON) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {65AAC44C-F137-491E-B2E0-08FBBC6459A2} IE:64bit: - HKLM\..\SearchScopes\{65AAC44C-F137-491E-B2E0-08FBBC6459A2}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {65AAC44C-F137-491E-B2E0-08FBBC6459A2} IE - HKLM\..\SearchScopes\{65AAC44C-F137-491E-B2E0-08FBBC6459A2}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com IE - HKCU\..\SearchScopes,DefaultScope = {65AAC44C-F137-491E-B2E0-08FBBC6459A2} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\windows\system32\npDeployJava1.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Heinz\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Heinz\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013.02.13 21:08:22 | 000,033,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: hxxp://www.Twitter.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL CHR - plugin: Microsoft Office 2013 (Enabled) = C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll CHR - Extension: Easy Auto Refresh = C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc\2.8_0\ CHR - Extension: Angry Birds = C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\ CHR - Extension: Google Docs = C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Adblock Plus = C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\ CHR - Extension: Google Search = C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Google+ = C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm\1.2.0.418_0\ CHR - Extension: Gmail = C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - c:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2:64bit: - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - c:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft) O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - c:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - c:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft) O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC) O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - c:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - c:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [] File not found O4:64bit: - HKLM..\Run: [Creative SB Monitoring Utility] C:\windows\SysNative\SBAVMon.dll (Creative Technology Ltd.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [SRS Premium Sound HD] C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (SRS Labs, Inc.) O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe () O4:64bit: - HKLM..\Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe () O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation) O4:64bit: - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe (TOSHIBA Corporation) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TPUReg] C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe (Pegatron Corporation) O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe (Creative Technology Ltd) O4 - HKCU..\Run: [GoogleDriveSync] c:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) O4 - HKCU..\Run: [MusicManager] C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.) O4 - HKCU..\Run: [Unified Remote v2] C:\Program Files (x86)\Unified Remote\RemoteServer.exe (Unified Intents AB) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk = C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (Samsung Electronics.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O9:64bit: - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - c:\Program Files\Classic Shell\ClassicIE9_32.exe (IvoSoft) O9 - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - c:\Program Files\Classic Shell\ClassicIE9_32.exe (IvoSoft) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10855E85-1343-40AB-9780-645ED416C1FC}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3315C66-6776-4CD2-AA76-61DEFDA552DF}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E3450568-4A96-4A14-85BA-FC35541EAACD}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\ms-help - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.07 18:01:54 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Malwarebytes [2013.06.07 18:01:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.06.07 18:01:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.06.07 18:01:45 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys [2013.06.07 18:01:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.06.07 13:08:05 | 000,000,000 | ---D | C] -- E:\Thomas\My Documents\Schule [2013.06.07 13:08:04 | 000,000,000 | ---D | C] -- E:\Thomas\My Documents\pc zeugs [2013.06.07 13:08:04 | 000,000,000 | ---D | C] -- E:\Thomas\My Documents\Benutzerdefinierte Office-Vorlagen [2013.06.07 13:02:41 | 000,000,000 | ---D | C] -- C:\windows\Minidump [2013.06.06 11:09:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician [2013.06.06 11:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung Magician [2013.06.06 11:07:10 | 000,000,000 | ---D | C] -- C:\Temp [2013.06.05 11:10:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Synaptics [2013.06.04 09:15:02 | 000,103,448 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\windows\SysNative\drivers\ssudbus.sys [2013.06.04 09:15:00 | 000,203,672 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\windows\SysNative\drivers\ssudmdm.sys [2013.06.04 08:27:11 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Unified Remote [2013.06.04 08:27:06 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unified Remote [2013.06.04 08:27:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unified Remote [2013.05.31 13:57:23 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager [2013.05.26 16:14:40 | 000,000,000 | ---D | C] -- C:\ProgramData\TOSHIBA Tempro [2013.05.26 16:14:40 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage [2013.05.26 12:48:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode [2013.05.26 12:48:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XMedia Recode [2013.05.25 22:10:24 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2013.05.24 13:45:58 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Adobe [2013.05.23 16:08:18 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Identities [2013.05.23 16:02:59 | 000,000,000 | ---D | C] -- C:\windows\AutoKMS [2013.05.23 16:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Toolkit [2013.05.23 15:53:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.05.23 15:52:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 [2013.05.23 15:51:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2013.05.23 15:51:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2013.05.23 15:51:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server [2013.05.23 15:50:50 | 000,000,000 | ---D | C] -- C:\windows\PCHEALTH [2013.05.23 15:50:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server [2013.05.23 15:48:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services [2013.05.23 15:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2013.05.23 15:48:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2013.05.23 15:48:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2013.05.23 15:48:02 | 000,000,000 | RH-D | C] -- C:\MSOCache [2013.05.23 15:36:33 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\WinRAR [2013.05.23 14:39:19 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\ElevatedDiagnostics [2013.05.23 14:22:19 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Auslogics [2013.05.23 14:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics [2013.05.23 14:22:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auslogics [2013.05.23 13:42:13 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dskquota.dll [2013.05.23 13:42:11 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dskquota.dll [2013.05.23 13:41:58 | 000,396,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hal.dll [2013.05.23 13:41:53 | 001,172,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfnetsrc.dll [2013.05.23 13:41:53 | 000,929,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfnetsrc.dll [2013.05.23 13:41:53 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfnetcore.dll [2013.05.23 13:41:53 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfnetcore.dll [2013.05.23 13:41:52 | 000,673,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfmpeg2srcsnk.dll [2013.05.23 13:41:52 | 000,513,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfmpeg2srcsnk.dll [2013.05.23 13:41:09 | 002,380,944 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe [2013.05.23 13:41:09 | 002,206,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmcore.dll [2013.05.23 13:41:08 | 002,115,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\explorer.exe [2013.05.23 13:41:08 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.UI.Immersive.dll [2013.05.23 13:41:06 | 001,265,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll [2013.05.23 13:41:06 | 001,226,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.UI.Immersive.dll [2013.05.23 13:41:05 | 000,793,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfplat.dll [2013.05.23 13:41:05 | 000,579,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\StructuredQuery.dll [2013.05.23 13:41:04 | 001,841,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dwmcore.dll [2013.05.23 13:41:03 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SHCore.dll [2013.05.23 13:41:00 | 000,612,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfplat.dll [2013.05.23 13:40:59 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe [2013.05.23 13:40:58 | 000,561,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfmp4srcsnk.dll [2013.05.23 13:40:58 | 000,441,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys [2013.05.23 13:40:57 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\portcls.sys [2013.05.23 13:40:56 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Storage.Compression.dll [2013.05.23 13:40:54 | 001,045,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usercpl.dll [2013.05.23 13:40:52 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfmp4srcsnk.dll [2013.05.23 13:40:52 | 000,058,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dam.sys [2013.05.23 13:40:51 | 000,962,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\usercpl.dll [2013.05.23 13:40:51 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcore6.dll [2013.05.23 13:40:50 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SpaceControl.dll [2013.05.23 13:40:50 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dhcpcore6.dll [2013.05.23 13:40:48 | 000,056,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\sdstor.sys [2013.05.23 13:40:48 | 000,033,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\battc.sys [2013.05.23 13:40:46 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SHCore.dll [2013.05.23 13:40:46 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Storage.Compression.dll [2013.05.23 13:40:45 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\input.dll [2013.05.23 13:40:44 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\input.dll [2013.05.23 13:40:43 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcsvc6.dll [2013.05.23 13:40:41 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\microsoft-windows-pdc.dll [2013.05.23 13:40:39 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PCPKsp.dll [2013.05.23 13:40:35 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll [2013.05.23 13:40:34 | 000,757,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FirewallAPI.dll [2013.05.23 13:40:33 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AppxSip.dll [2013.05.23 13:40:31 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AppxSip.dll [2013.05.23 13:40:30 | 001,836,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll [2013.05.23 13:40:30 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SysFxUI.dll [2013.05.23 13:40:25 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icfupgd.dll [2013.05.23 13:40:24 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BdeUISrv.exe [2013.05.23 13:40:22 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PCPKsp.dll [2013.05.23 13:40:12 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wfapigp.dll [2013.05.23 13:40:12 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wfapigp.dll [2013.05.23 13:40:05 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\drmk.sys [2013.05.23 13:40:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kbdhebl3.dll [2013.05.23 13:40:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\kbdhebl3.dll [2013.05.23 13:37:37 | 001,184,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Display.dll [2013.05.23 13:37:37 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Display.dll [2013.05.23 13:37:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDKURD.DLL [2013.05.23 13:37:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDKURD.DLL [2013.05.23 13:37:34 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSShared.dll [2013.05.23 13:37:33 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSShared.dll [2013.05.23 13:37:33 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.ApplicationModel.Store.dll [2013.05.23 13:37:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll [2013.05.23 13:37:33 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.ApplicationModel.Store.dll [2013.05.23 13:37:33 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll [2013.05.23 13:37:32 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AppXDeploymentServer.dll [2013.05.23 13:37:32 | 000,707,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AppXDeploymentExtensions.dll [2013.05.23 13:37:09 | 003,245,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll [2013.05.23 13:37:07 | 001,536,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\storagewmi.dll [2013.05.23 13:37:07 | 001,122,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Taskmgr.exe [2013.05.23 13:37:07 | 001,027,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Taskmgr.exe [2013.05.23 13:37:06 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WebcamUi.dll [2013.05.23 13:37:06 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WebcamUi.dll [2013.05.23 13:37:05 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UserLanguagesCpl.dll [2013.05.23 13:37:05 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpnapps.dll [2013.05.23 13:37:04 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UserLanguagesCpl.dll [2013.05.23 13:37:03 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe [2013.05.23 13:37:03 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wpnapps.dll [2013.05.23 13:37:03 | 000,027,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rdpvideominiport.sys [2013.05.23 13:37:01 | 001,217,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\storagewmi.dll [2013.05.23 13:36:57 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe [2013.05.23 13:36:53 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nshwfp.dll [2013.05.23 13:36:53 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshwfp.dll [2013.05.23 13:36:52 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vdsutil.dll [2013.05.23 13:36:51 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FWPUCLNT.DLL [2013.05.23 13:36:51 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FWPUCLNT.DLL [2013.05.23 13:36:51 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vds_ps.dll [2013.05.23 13:36:51 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vds_ps.dll [2013.05.23 13:36:51 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rfxvmt.dll [2013.05.23 13:36:51 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vdsldr.exe [2013.05.23 13:36:50 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpudd.dll [2013.05.23 13:36:45 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppwinob.dll [2013.05.23 13:35:59 | 011,459,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\glcndFilter.dll [2013.05.23 13:35:54 | 008,552,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\glcndFilter.dll [2013.05.23 13:35:51 | 001,526,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfcore.dll [2013.05.23 13:35:50 | 001,566,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ole32.dll [2013.05.23 13:35:50 | 001,451,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfcore.dll [2013.05.23 13:35:50 | 000,976,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll [2013.05.23 13:35:47 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll [2013.05.23 13:35:46 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\windows\HelpPane.exe [2013.05.23 13:35:36 | 000,501,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DevicePairing.dll [2013.05.23 13:35:35 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bthprops.cpl [2013.05.23 13:35:35 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dafWCN.dll [2013.05.23 13:35:34 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanmsm.dll [2013.05.23 13:35:34 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanmsm.dll [2013.05.23 13:35:33 | 000,449,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DevicePairing.dll [2013.05.23 13:35:33 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpclip.exe [2013.05.23 13:35:33 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bthprops.cpl [2013.05.23 13:35:33 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MFCaptureEngine.dll [2013.05.23 13:35:30 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MFCaptureEngine.dll [2013.05.23 13:35:28 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanapi.dll [2013.05.23 13:35:25 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlansec.dll [2013.05.23 13:35:25 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanapi.dll [2013.05.23 13:35:25 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WcnApi.dll [2013.05.23 13:35:25 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WcnApi.dll [2013.05.23 13:35:24 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlansec.dll [2013.05.23 13:35:23 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fdWCN.dll [2013.05.23 13:35:23 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WcnEapAuthProxy.dll [2013.05.23 13:35:22 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WcnEapPeerProxy.dll [2013.05.23 13:35:21 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wfdprov.dll [2013.05.23 13:35:20 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wfdprov.dll [2013.05.23 13:35:17 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fxppm.sys [2013.05.23 13:35:17 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanhlp.dll [2013.05.23 13:35:17 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanhlp.dll [2013.05.23 13:35:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iscsilog.dll [2013.05.23 13:13:04 | 000,000,000 | ---D | C] -- C:\Users\Heinz\.android [2013.05.23 12:23:00 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Media Player Classic [2013.05.23 12:12:58 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Diagnostics [2013.05.23 11:38:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2013.05.23 11:11:45 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Creative [2013.05.23 11:10:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative [2013.05.23 04:54:18 | 000,693,112 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe [2013.05.23 04:54:18 | 000,078,200 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl [2013.05.23 04:49:33 | 000,000,000 | R--D | C] -- C:\windows\BrowserChoice [2013.05.22 21:04:40 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcr100_clr0400.dll [2013.05.22 21:04:38 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcr100_clr0400.dll [2013.05.22 21:04:01 | 002,094,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mmc.exe [2013.05.22 21:04:01 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlidsvc.dll [2013.05.22 21:04:00 | 001,611,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mmc.exe [2013.05.22 21:04:00 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msctf.dll [2013.05.22 21:03:59 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupapi.dll [2013.05.22 21:03:59 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsm.dll [2013.05.22 21:03:59 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Media.dll [2013.05.22 21:03:58 | 000,028,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\msgpiowin32.sys [2013.05.22 21:03:57 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samsrv.dll [2013.05.22 21:03:57 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MP4SDECD.DLL [2013.05.22 21:03:57 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MP4SDECD.DLL [2013.05.22 21:03:57 | 000,261,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Media.dll [2013.05.22 21:03:57 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSDMon.dll [2013.05.22 21:03:57 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncbservice.dll [2013.05.22 21:03:57 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetpp.dll [2013.05.22 21:03:57 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\httpprxm.dll [2013.05.22 21:03:57 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wiaacmgr.exe [2013.05.22 21:03:57 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wiaacmgr.exe [2013.05.22 21:03:57 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adhsvc.dll [2013.05.22 21:03:56 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adhapi.dll [2013.05.22 21:03:56 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\httpprxp.dll [2013.05.22 21:03:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\keepaliveprovider.dll [2013.05.22 21:03:44 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppobjs.dll [2013.05.22 21:03:38 | 001,627,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll [2013.05.22 21:03:37 | 005,978,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll [2013.05.22 21:03:36 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfasfsrcsnk.dll [2013.05.22 21:03:36 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfasfsrcsnk.dll [2013.05.22 21:03:36 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ubpm.dll [2013.05.22 21:03:35 | 001,149,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winmde.dll [2013.05.22 21:03:35 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpmde.dll [2013.05.22 21:03:35 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BCP47Langs.dll [2013.05.22 21:03:35 | 000,327,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Classpnp.sys [2013.05.22 21:03:35 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ubpm.dll [2013.05.22 21:03:34 | 005,091,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll [2013.05.22 21:03:34 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Globalization.dll [2013.05.22 21:03:34 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll [2013.05.22 21:03:34 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Security.Authentication.OnlineId.dll [2013.05.22 21:03:34 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\BCP47Langs.dll [2013.05.22 21:03:33 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll [2013.05.22 21:03:33 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcfgx.dll [2013.05.22 21:03:33 | 000,332,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys [2013.05.22 21:03:33 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SystemEventsBrokerServer.dll [2013.05.22 21:03:33 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TimeBrokerServer.dll [2013.05.22 21:03:32 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\winmde.dll [2013.05.22 21:03:32 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS [2013.05.22 21:03:31 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Globalization.dll [2013.05.22 21:03:29 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcfgx.dll [2013.05.22 21:03:29 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SettingSync.dll [2013.05.22 21:03:28 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drvstore.dll [2013.05.22 21:03:28 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll [2013.05.22 21:03:28 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvstore.dll [2013.05.22 21:03:28 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Security.Authentication.OnlineId.dll [2013.05.22 21:03:28 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUSettingsProvider.dll [2013.05.22 21:03:28 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usbmon.dll [2013.05.22 21:03:27 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SettingSync.dll [2013.05.22 21:03:27 | 000,194,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\sdbus.sys [2013.05.22 21:03:27 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe [2013.05.22 21:03:26 | 000,337,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBXHCI.SYS [2013.05.22 21:03:26 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\powercfg.cpl [2013.05.22 21:03:26 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\discan.dll [2013.05.22 21:03:26 | 000,148,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tpm.sys [2013.05.22 21:03:26 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\powercfg.cpl [2013.05.22 21:03:26 | 000,125,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dumpsd.sys [2013.05.22 21:03:26 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NdisImPlatform.dll [2013.05.22 21:03:26 | 000,077,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storahci.sys [2013.05.22 21:03:26 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhostex.exe [2013.05.22 21:03:26 | 000,058,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe [2013.05.22 21:03:26 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DevDispItemProvider.dll [2013.05.22 21:03:26 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll [2013.05.22 21:03:26 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll [2013.05.22 21:03:26 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuaext.dll [2013.05.22 21:03:25 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fsquirt.exe [2013.05.22 21:03:25 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\storewuauth.dll [2013.05.22 21:03:25 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll [2013.05.22 21:03:25 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll [2013.05.22 21:03:25 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll [2013.05.22 21:03:25 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll [2013.05.22 21:03:24 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SettingSyncInfo.dll [2013.05.22 21:03:24 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SettingSyncInfo.dll [2013.05.22 21:03:24 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSDPrintProxy.DLL [2013.05.22 21:03:24 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe [2013.05.22 21:03:24 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DevDispItemProvider.dll [2013.05.22 21:03:24 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe [2013.05.22 21:03:24 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll [2013.05.22 21:03:23 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wushareduxresources.dll [2013.05.22 21:03:04 | 013,648,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.UI.Xaml.dll [2013.05.22 21:03:03 | 010,116,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\twinui.dll [2013.05.22 21:03:02 | 014,267,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll [2013.05.22 21:03:02 | 003,552,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tquery.dll [2013.05.22 21:03:01 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\twinui.dll [2013.05.22 21:03:00 | 011,878,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll [2013.05.22 21:03:00 | 010,789,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.UI.Xaml.dll [2013.05.22 21:03:00 | 002,107,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssrch.dll [2013.05.22 21:02:59 | 002,767,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tquery.dll [2013.05.22 21:02:58 | 001,829,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll [2013.05.22 21:02:58 | 001,593,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssrch.dll [2013.05.22 21:02:56 | 001,444,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSAudDecMFT.dll [2013.05.22 21:02:55 | 001,113,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSAudDecMFT.dll [2013.05.22 21:02:55 | 000,306,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kd_02_10ec.dll [2013.05.22 21:02:54 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssph.dll [2013.05.22 21:02:54 | 000,298,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rsaenh.dll [2013.05.22 21:02:53 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll [2013.05.22 21:02:53 | 000,446,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll [2013.05.22 21:02:53 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchProtocolHost.exe [2013.05.22 21:02:52 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Networking.dll [2013.05.22 21:02:52 | 000,489,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioEng.dll [2013.05.22 21:02:52 | 000,435,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssph.dll [2013.05.22 21:02:52 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe [2013.05.22 21:02:52 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmredir.dll [2013.05.22 21:02:51 | 002,035,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll [2013.05.22 21:02:51 | 001,403,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi [2013.05.22 21:02:51 | 000,804,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RecoveryDrive.exe [2013.05.22 21:02:51 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpncore.dll [2013.05.22 21:02:51 | 000,253,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\audiodg.exe [2013.05.22 21:02:50 | 001,267,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe [2013.05.22 21:02:50 | 000,523,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll [2013.05.22 21:02:50 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MFMediaEngine.dll [2013.05.22 21:02:50 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Networking.BackgroundTransfer.dll [2013.05.22 21:02:49 | 001,217,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi [2013.05.22 21:02:48 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\actxprxy.dll [2013.05.22 21:02:48 | 001,093,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe [2013.05.22 21:02:48 | 000,503,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ci.dll [2013.05.22 21:02:48 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Networking.dll [2013.05.22 21:02:48 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fhengine.dll [2013.05.22 21:02:48 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsRasterService.dll [2013.05.22 21:02:48 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dmvdsitf.dll [2013.05.22 21:02:47 | 000,659,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssvp.dll [2013.05.22 21:02:47 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MFMediaEngine.dll [2013.05.22 21:02:47 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfreadwrite.dll [2013.05.22 21:02:47 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Networking.BackgroundTransfer.dll [2013.05.22 21:02:47 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioEndpointBuilder.dll [2013.05.22 21:02:47 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Robocopy.exe [2013.05.22 21:02:47 | 000,123,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wscapi.dll [2013.05.22 21:02:47 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys [2013.05.22 21:02:47 | 000,077,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kdvm.dll [2013.05.22 21:02:47 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\pdc.sys [2013.05.22 21:02:46 | 000,522,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AUDIOKSE.dll [2013.05.22 21:02:46 | 000,463,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AUDIOKSE.dll [2013.05.22 21:02:46 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\intl.cpl [2013.05.22 21:02:46 | 000,284,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\spaceport.sys [2013.05.22 21:02:46 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iuilp.dll [2013.05.22 21:02:46 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFilterHost.exe [2013.05.22 21:02:46 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dmvdsitf.dll [2013.05.22 21:02:46 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsRasterService.dll [2013.05.22 21:02:46 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Robocopy.exe [2013.05.22 21:02:46 | 000,086,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kdnet.dll [2013.05.22 21:02:45 | 000,745,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssvp.dll [2013.05.22 21:02:45 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\GenuineCenter.dll [2013.05.22 21:02:45 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\intl.cpl [2013.05.22 21:02:45 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll [2013.05.22 21:02:45 | 000,303,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys [2013.05.22 21:02:45 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssphtb.dll [2013.05.22 21:02:45 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfreadwrite.dll [2013.05.22 21:02:45 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssprxy.dll [2013.05.22 21:02:45 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fmifs.dll [2013.05.22 21:02:45 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fmifs.dll [2013.05.22 21:02:45 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidi2c.sys [2013.05.22 21:02:45 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msshooks.dll [2013.05.22 21:02:45 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msshooks.dll [2013.05.22 21:02:44 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDump.dll [2013.05.22 21:02:44 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssitlb.dll [2013.05.22 21:02:44 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssitlb.dll [2013.05.22 21:02:44 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscntrs.dll [2013.05.22 21:02:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscntrs.dll [2013.05.22 21:02:22 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tssdisai.dll [2013.05.22 21:02:22 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appserverai.dll [2013.05.22 21:02:22 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RDWebAI.dll [2013.05.22 21:02:22 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VmHostAI.dll [2013.05.22 21:02:21 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe [2013.05.22 21:02:21 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe [2013.05.22 21:02:19 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\synceng.dll [2013.05.22 21:02:19 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\synceng.dll [2013.05.22 21:02:02 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2013.05.22 21:01:54 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uxtheme.dll [2013.05.22 21:01:54 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2013.05.22 21:01:54 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2013.05.22 21:01:51 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll [2013.05.22 21:01:50 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe [2013.05.22 21:01:49 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll [2013.05.22 21:01:49 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll [2013.05.22 21:01:49 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll [2013.05.22 21:01:49 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll [2013.05.22 21:01:49 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UXInit.dll [2013.05.22 21:01:49 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UXInit.dll [2013.05.22 21:01:49 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll [2013.05.22 21:01:49 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll [2013.05.22 21:01:46 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncryptsslp.dll [2013.05.22 21:01:46 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncryptsslp.dll [2013.05.22 21:01:10 | 006,987,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe [2013.05.22 21:01:03 | 000,230,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdFilter.sys [2013.05.22 21:01:01 | 000,035,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdBoot.sys [2013.05.22 21:00:35 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pcadm.dll [2013.05.22 21:00:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pcalua.exe [2013.05.22 21:00:35 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pcaevts.dll [2013.05.22 21:00:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml6r.dll [2013.05.22 21:00:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml6r.dll [2013.05.22 21:00:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll [2013.05.22 21:00:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll [2013.05.22 21:00:31 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnet.dll [2013.05.22 21:00:31 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnet.dll [2013.05.22 21:00:31 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnathlp.dll [2013.05.22 21:00:31 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnathlp.dll [2013.05.22 21:00:31 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnsvr.exe [2013.05.22 21:00:31 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnsvr.exe [2013.05.22 21:00:31 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnhupnp.dll [2013.05.22 21:00:31 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnhpast.dll [2013.05.22 21:00:31 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnhupnp.dll [2013.05.22 21:00:31 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnhpast.dll [2013.05.22 21:00:31 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnlobby.dll [2013.05.22 21:00:31 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnaddr.dll [2013.05.22 21:00:31 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnlobby.dll [2013.05.22 21:00:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnaddr.dll [2013.05.22 21:00:19 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\duser.dll [2013.05.22 21:00:17 | 000,543,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlroamextension.dll [2013.05.22 21:00:16 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WWanAPI.dll [2013.05.22 21:00:16 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netprofmsvc.dll [2013.05.22 21:00:16 | 000,446,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBHUB3.SYS [2013.05.22 21:00:16 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncsi.dll [2013.05.22 21:00:16 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Networking.Connectivity.dll [2013.05.22 21:00:16 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hotspotauth.dll [2013.05.22 21:00:15 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll [2013.05.22 21:00:15 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WWanAPI.dll [2013.05.22 21:00:15 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mbsmsapi.dll [2013.05.22 21:00:15 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Networking.Connectivity.dll [2013.05.22 21:00:15 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mbsmsapi.dll [2013.05.22 21:00:15 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskkill.exe [2013.05.22 21:00:15 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tasklist.exe [2013.05.22 21:00:15 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\BthAvrcpTg.sys [2013.05.22 21:00:14 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpd_ci.dll [2013.05.22 21:00:14 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlroamextension.dll [2013.05.22 21:00:14 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tasklist.exe [2013.05.22 21:00:14 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskkill.exe [2013.05.22 21:00:14 | 000,061,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\crashdmp.sys [2013.05.22 21:00:13 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nlmproxy.dll [2013.05.22 21:00:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nlmsprep.dll [2013.05.22 21:00:12 | 000,029,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\BthhfHid.sys [2013.05.22 21:00:12 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\BtaMPM.sys [2013.05.22 20:59:48 | 001,690,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\GdiPlus.dll [2013.05.22 20:59:48 | 001,437,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\GdiPlus.dll [2013.05.22 20:59:45 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usb8023x.sys [2013.05.22 20:59:45 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usb8023.sys [2013.05.22 20:59:44 | 000,362,496 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll [2013.05.22 20:59:44 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll [2013.05.22 20:59:44 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll [2013.05.22 20:59:44 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll [2013.05.22 20:59:44 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll [2013.05.22 20:59:44 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll [2013.05.22 20:59:44 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dciman32.dll [2013.05.22 20:59:44 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpk.dll [2013.05.22 20:59:31 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll [2013.05.22 20:59:30 | 000,112,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe [2013.05.22 20:59:27 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ReAgentc.exe [2013.05.22 20:59:27 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgentc.exe [2013.05.22 20:59:26 | 000,945,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\resetengmig.dll [2013.05.22 20:59:26 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ReAgent.dll [2013.05.22 20:59:26 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgent.dll [2013.05.22 20:59:25 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\esent.dll [2013.05.22 20:59:25 | 002,382,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\esent.dll [2013.05.22 20:59:25 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\reseteng.dll [2013.05.22 20:59:25 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysreset.exe [2013.05.22 15:28:50 | 000,000,000 | ---D | C] -- C:\sources [2013.05.22 15:21:31 | 000,000,000 | ---D | C] -- C:\JD - Temp [2013.05.22 15:13:45 | 001,092,512 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\npDeployJava1.dll [2013.05.22 15:13:45 | 000,971,680 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\deployJava1.dll [2013.05.22 15:13:45 | 000,311,200 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\javaws.exe [2013.05.22 15:13:43 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\javaw.exe [2013.05.22 15:13:43 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\java.exe [2013.05.22 15:13:43 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\WindowsAccessBridge-64.dll [2013.05.22 15:13:37 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2013.05.22 15:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2013.05.22 15:13:16 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2013.05.22 15:09:43 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Paint.NET [2013.05.22 15:09:43 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET [2013.05.22 15:05:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2013.05.22 14:59:31 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Yontoo [2013.05.22 14:59:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo [2013.05.22 14:59:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer [2013.05.22 14:53:56 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Microsoft Help [2013.05.22 14:53:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2013.05.22 14:51:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2013.05.22 14:51:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2013.05.22 14:51:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2013.05.22 14:51:04 | 003,649,536 | ---- | C] (x264vfw project) -- C:\windows\SysWow64\x264vfw.dll [2013.05.22 14:51:04 | 000,151,552 | ---- | C] (fccHandler) -- C:\windows\SysWow64\ac3acm.acm [2013.05.22 14:51:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack [2013.05.22 14:50:06 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WdfCoInstaller01007.dll [2013.05.22 14:50:06 | 000,708,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinUSBCoInstaller.dll [2013.05.22 14:49:38 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\windows\SysWow64\Redemption.dll [2013.05.22 14:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung [2013.05.22 14:49:34 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\windows\SysWow64\dgderapi.dll [2013.05.22 14:49:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung [2013.05.22 14:49:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung [2013.05.22 14:48:52 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Downloaded Installations [2013.05.22 14:47:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2013.05.22 14:45:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative [2013.05.22 14:45:17 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Creative Installation Information [2013.05.22 14:43:36 | 000,728,576 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysWow64\KSAPO32.dll [2013.05.22 14:43:36 | 000,262,656 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\KSVSPI64.dll [2013.05.22 14:43:36 | 000,235,520 | ---- | C] (Creative Technology Limited) -- C:\windows\SysNative\KsDvInst.dll [2013.05.22 14:43:36 | 000,195,584 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysWow64\KSVSPI32.dll [2013.05.22 14:43:36 | 000,074,240 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\KSWrap64.dll [2013.05.22 14:43:36 | 000,053,760 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\KSPPCn64.dll [2013.05.22 14:43:35 | 001,588,608 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\drivers\ksaud.sys [2013.05.22 14:43:35 | 000,866,816 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\KSAPO64.dll [2013.05.22 14:43:35 | 000,631,428 | ---- | C] (Creative Technology Ltd) -- C:\windows\KSAIM64.exe [2013.05.22 14:43:35 | 000,479,232 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\JDetect.exe [2013.05.22 14:43:35 | 000,115,712 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\SBAVMon.dll [2013.05.22 14:43:35 | 000,067,584 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\KSDGFX64.dll [2013.05.22 14:43:35 | 000,057,856 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\KSppld64.dll [2013.05.22 14:42:50 | 000,466,520 | ---- | C] (Creative Labs) -- C:\windows\SysNative\wrap_oal.dll [2013.05.22 14:42:49 | 000,123,480 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\windows\SysNative\OpenAL32.dll [2013.05.22 14:42:48 | 000,445,016 | ---- | C] (Creative Labs) -- C:\windows\SysWow64\wrap_oal.dll [2013.05.22 14:42:48 | 000,109,144 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\windows\SysWow64\OpenAL32.dll [2013.05.22 14:42:47 | 002,902,496 | ---- | C] (Creative) -- C:\windows\SysWow64\Sens_oal.dll [2013.05.22 14:42:46 | 001,940,992 | ---- | C] (Creative) -- C:\windows\SysNative\Sens_oal.dll [2013.05.22 14:42:21 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Creative [2013.05.22 14:41:33 | 000,079,360 | ---- | C] (Creative Technology Ltd) -- C:\windows\SysWow64\CTOPT399.dll [2013.05.22 14:41:32 | 000,061,440 | ---- | C] (Creative Technology Ltd) -- C:\windows\SysWow64\CTChkAud.dll [2013.05.22 14:41:32 | 000,042,496 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysWow64\AddCat.exe [2013.05.22 14:41:31 | 000,088,576 | ---- | C] (Creative Technology Ltd) -- C:\windows\SysNative\CTOPT399.dll [2013.05.22 14:41:31 | 000,049,664 | ---- | C] (Creative Technology Ltd) -- C:\windows\SysNative\CTChkAud.dll [2013.05.22 14:41:30 | 000,042,496 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\AddCat.exe [2013.05.22 14:41:02 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Mscomct2.ocx [2013.05.22 14:41:02 | 000,053,248 | ---- | C] (Creative Technology Ltd ) -- C:\windows\Ctregrun.exe [2013.05.22 14:36:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative [2013.05.22 14:36:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative Labs Shared [2013.05.22 14:34:20 | 000,000,000 | ---D | C] -- C:\Program Files\Creative [2013.05.22 14:33:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative [2013.05.22 14:30:36 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Nero [2013.05.22 14:30:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack x64 [2013.05.22 14:29:39 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack x64 [2013.05.22 14:29:06 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Programs [2013.05.22 14:28:21 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Nero [2013.05.22 14:14:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell [2013.05.22 14:14:47 | 000,000,000 | ---D | C] -- C:\Program Files\Classic Shell [2013.05.22 14:14:43 | 000,000,000 | --SD | C] -- C:\Users\Heinz\Google Drive [2013.05.22 14:12:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive [2013.05.22 14:10:44 | 000,378,432 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys [2013.05.22 14:10:44 | 000,033,400 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys [2013.05.22 14:10:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2013.05.22 14:10:43 | 000,072,016 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys [2013.05.22 14:10:43 | 000,064,288 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys [2013.05.22 14:10:37 | 001,025,808 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys [2013.05.22 14:10:35 | 000,287,840 | ---- | C] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe [2013.05.22 14:10:35 | 000,080,816 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys [2013.05.22 14:09:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2013.05.22 14:09:34 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013.05.22 14:09:20 | 000,041,664 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr [2013.05.22 14:09:00 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013.05.22 14:07:53 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2013.05.21 20:49:58 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\TOSHIBA [2013.05.21 20:49:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.05.21 20:49:16 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\ATI [2013.05.21 20:49:16 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\ATI [2013.05.21 20:47:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2013.05.21 20:47:53 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Google [2013.05.21 20:47:39 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Deployment [2013.05.21 20:47:39 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Apps [2013.05.21 20:47:27 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Macromedia [2013.05.21 20:44:28 | 000,000,000 | ---D | C] -- C:\ProgramData\ToshibaEurope [2013.05.21 20:44:13 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\SRS Labs [2013.05.21 20:43:33 | 000,000,000 | R--D | C] -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2013.05.21 20:43:33 | 000,000,000 | R--D | C] -- C:\Users\Heinz\Searches [2013.05.21 20:43:33 | 000,000,000 | R--D | C] -- C:\Users\Heinz\Contacts [2013.05.21 20:43:33 | 000,000,000 | R--D | C] -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2013.05.21 20:43:33 | 000,000,000 | -H-D | C] -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned [2013.05.21 20:43:28 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Adobe [2013.05.21 20:42:17 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\VirtualStore [2013.05.21 20:42:09 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Packages [2013.05.21 20:42:02 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution [2013.05.21 20:41:55 | 000,000,000 | --SD | C] -- C:\Users\Heinz\AppData\Roaming\Microsoft [2013.05.21 20:41:55 | 000,000,000 | R--D | C] -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2013.05.21 20:41:55 | 000,000,000 | R--D | C] -- C:\Users\Heinz\Links [2013.05.21 20:41:55 | 000,000,000 | R--D | C] -- C:\Users\Heinz\Favorites [2013.05.21 20:41:55 | 000,000,000 | R--D | C] -- C:\Users\Heinz\Desktop [2013.05.21 20:41:55 | 000,000,000 | R--D | C] -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2013.05.21 20:41:55 | 000,000,000 | R--D | C] -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\AppData\Local\Temporary Internet Files [2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\Templates [2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\Start Menu [2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\SendTo [2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\Recent [2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\PrintHood [2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\NetHood [2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\My Documents [2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\Local Settings [2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\AppData\Local\History [2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\Cookies [2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\Application Data [2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\AppData\Local\Application Data [2013.05.21 20:41:55 | 000,000,000 | -H-D | C] -- C:\Users\Heinz\AppData [2013.05.21 20:41:55 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Temp [2013.05.21 20:41:55 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Microsoft [2013.05.21 20:41:55 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ] [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.07 18:10:34 | 000,007,600 | ---- | M] () -- C:\Users\Heinz\AppData\Local\Resmon.ResmonCfg [2013.06.07 18:02:00 | 000,000,956 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2594244226-710932845-2937545045-1001UA.job [2013.06.07 18:01:46 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.06.07 17:53:01 | 000,001,136 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.07 17:30:05 | 000,001,132 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.07 17:30:03 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2013.06.07 17:28:36 | 000,848,230 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2013.06.07 17:28:36 | 000,719,418 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2013.06.07 17:28:36 | 000,132,748 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2013.06.07 14:18:32 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013.06.07 14:18:28 | 2536,058,879 | -HS- | M] () -- C:\hiberfil.sys [2013.06.07 14:01:00 | 000,000,904 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2594244226-710932845-2937545045-1001Core.job [2013.06.06 22:39:14 | 000,354,840 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT [2013.06.06 11:09:15 | 000,001,172 | ---- | M] () -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk [2013.06.06 11:09:15 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Magician.lnk [2013.06.04 09:15:02 | 000,103,448 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\windows\SysNative\drivers\ssudbus.sys [2013.06.04 09:15:00 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\windows\SysNative\drivers\ssudmdm.sys [2013.06.02 15:34:21 | 000,001,055 | ---- | M] () -- C:\Users\Heinz\Desktop\eclipse.lnk [2013.06.01 16:51:16 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf [2013.05.23 16:19:08 | 000,001,628 | ---- | M] () -- C:\Users\Heinz\Desktop\Medien_Generator.lnk [2013.05.23 16:18:50 | 000,001,520 | ---- | M] () -- C:\Users\Heinz\Desktop\Medien.lnk [2013.05.23 14:59:01 | 000,000,956 | ---- | M] () -- C:\Users\Heinz\Desktop\Dubstep.lnk [2013.05.23 12:20:01 | 000,000,640 | ---- | M] () -- C:\Users\Heinz\Desktop\Thomas.lnk [2013.05.23 12:16:47 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_WinUSB_01007.Wdf [2013.05.22 15:13:41 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\WindowsAccessBridge-64.dll [2013.05.22 15:13:39 | 000,311,200 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\javaws.exe [2013.05.22 15:13:39 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\javaw.exe [2013.05.22 15:13:39 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\java.exe [2013.05.22 15:13:38 | 001,092,512 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\npDeployJava1.dll [2013.05.22 15:13:37 | 000,971,680 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\deployJava1.dll [2013.05.22 15:06:39 | 000,002,012 | ---- | M] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk [2013.05.22 14:49:38 | 000,002,037 | ---- | M] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk [2013.05.22 14:49:38 | 000,002,027 | ---- | M] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk [2013.05.22 14:45:06 | 000,000,286 | RH-- | M] () -- C:\windows\ctfile.rfc [2013.05.22 14:42:50 | 000,466,520 | ---- | M] (Creative Labs) -- C:\windows\SysNative\wrap_oal.dll [2013.05.22 14:42:49 | 000,445,016 | ---- | M] (Creative Labs) -- C:\windows\SysWow64\wrap_oal.dll [2013.05.22 14:42:49 | 000,123,480 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\windows\SysNative\OpenAL32.dll [2013.05.22 14:42:48 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\windows\SysWow64\OpenAL32.dll [2013.05.22 14:15:40 | 000,000,355 | ---- | M] () -- C:\Users\Heinz\Desktop\Computer.lnk [2013.05.22 14:14:47 | 000,002,290 | ---- | M] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013.05.22 14:10:35 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt [2013.05.22 14:09:13 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf [2013.05.21 20:47:23 | 000,001,435 | ---- | M] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2013.05.09 10:59:07 | 001,025,808 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys [2013.05.09 10:59:07 | 000,378,432 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys [2013.05.09 10:59:07 | 000,189,936 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys [2013.05.09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys [2013.05.09 10:59:07 | 000,065,336 | ---- | M] () -- C:\windows\SysNative\drivers\aswRvrt.sys [2013.05.09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys [2013.05.09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys [2013.05.09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys [2013.05.09 10:58:37 | 000,041,664 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr [2013.05.09 10:58:11 | 000,287,840 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe [2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ] [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.07 18:01:46 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.06.07 13:08:04 | 000,630,054 | ---- | C] () -- E:\Thomas\My Documents\trancegott_rot-lila.bmp [2013.06.07 13:08:04 | 000,630,054 | ---- | C] () -- E:\Thomas\My Documents\trancegott_rot.bmp [2013.06.07 13:08:04 | 000,630,054 | ---- | C] () -- E:\Thomas\My Documents\trancegott_lila.bmp [2013.06.07 13:08:04 | 000,630,054 | ---- | C] () -- E:\Thomas\My Documents\trancegott_grün.bmp [2013.06.07 13:08:04 | 000,630,054 | ---- | C] () -- E:\Thomas\My Documents\trancegott_blau.bmp [2013.06.07 13:08:04 | 000,044,024 | ---- | C] () -- E:\Thomas\My Documents\trancegott_rot-lila-blau.png [2013.06.07 13:08:04 | 000,038,195 | ---- | C] () -- E:\Thomas\My Documents\trancegott_blau.png [2013.06.07 13:08:04 | 000,038,055 | ---- | C] () -- E:\Thomas\My Documents\trancegott_lila.png [2013.06.07 13:08:04 | 000,037,992 | ---- | C] () -- E:\Thomas\My Documents\trancegott_grün.png [2013.06.07 13:08:04 | 000,037,834 | ---- | C] () -- E:\Thomas\My Documents\trancegott_rot.png [2013.06.07 13:08:04 | 000,029,825 | ---- | C] () -- E:\Thomas\My Documents\trancegott.png [2013.06.07 13:08:04 | 000,017,442 | ---- | C] () -- E:\Thomas\My Documents\Trancegott_rot-weiß.jpg [2013.06.07 13:08:04 | 000,016,532 | ---- | C] () -- E:\Thomas\My Documents\Trancegott_rot-weiß_4-3.jpg [2013.06.06 11:06:09 | 000,001,172 | ---- | C] () -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk [2013.06.06 11:06:09 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Magician.lnk [2013.06.02 15:34:20 | 000,001,055 | ---- | C] () -- C:\Users\Heinz\Desktop\eclipse.lnk [2013.06.01 16:51:16 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf [2013.06.01 15:14:32 | 000,000,299 | ---- | C] () -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin (3).lnk [2013.05.31 13:57:01 | 000,000,956 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2594244226-710932845-2937545045-1001UA.job [2013.05.31 13:56:59 | 000,000,904 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2594244226-710932845-2937545045-1001Core.job [2013.05.26 16:10:08 | 000,000,299 | ---- | C] () -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin (2).lnk [2013.05.24 22:46:02 | 000,354,840 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT [2013.05.24 13:30:05 | 000,000,299 | ---- | C] () -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk [2013.05.23 16:19:08 | 000,001,628 | ---- | C] () -- C:\Users\Heinz\Desktop\Medien_Generator.lnk [2013.05.23 16:18:50 | 000,001,520 | ---- | C] () -- C:\Users\Heinz\Desktop\Medien.lnk [2013.05.23 14:59:01 | 000,000,956 | ---- | C] () -- C:\Users\Heinz\Desktop\Dubstep.lnk [2013.05.23 14:40:28 | 000,007,600 | ---- | C] () -- C:\Users\Heinz\AppData\Local\Resmon.ResmonCfg [2013.05.23 12:20:01 | 000,000,640 | ---- | C] () -- C:\Users\Heinz\Desktop\Thomas.lnk [2013.05.23 12:16:47 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_WinUSB_01007.Wdf [2013.05.22 21:02:48 | 000,387,688 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml [2013.05.22 15:17:08 | 000,001,199 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk [2013.05.22 15:06:39 | 000,002,012 | ---- | C] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk [2013.05.22 15:06:35 | 000,002,012 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk [2013.05.22 15:06:35 | 000,001,956 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk [2013.05.22 15:06:34 | 000,001,935 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk [2013.05.22 14:51:58 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2013.05.22 14:51:04 | 000,650,752 | ---- | C] () -- C:\windows\SysWow64\xvidcore.dll [2013.05.22 14:51:04 | 000,243,200 | ---- | C] () -- C:\windows\SysWow64\xvidvfw.dll [2013.05.22 14:51:04 | 000,216,064 | ---- | C] ( ) -- C:\windows\SysWow64\lagarith.dll [2013.05.22 14:51:04 | 000,178,688 | ---- | C] () -- C:\windows\SysWow64\unrar.dll [2013.05.22 14:51:02 | 000,112,640 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll [2013.05.22 14:49:38 | 000,002,037 | ---- | C] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk [2013.05.22 14:49:38 | 000,002,027 | ---- | C] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk [2013.05.22 14:44:39 | 000,237,056 | ---- | C] () -- C:\windows\SysNative\APOMgr64.DLL [2013.05.22 14:44:39 | 000,181,760 | ---- | C] () -- C:\windows\SysWow64\APOMngr.DLL [2013.05.22 14:44:39 | 000,089,088 | ---- | C] () -- C:\windows\SysNative\CmdRtr64.DLL [2013.05.22 14:44:39 | 000,073,728 | ---- | C] () -- C:\windows\SysWow64\CmdRtr.DLL [2013.05.22 14:44:03 | 000,044,795 | R--- | C] () -- C:\windows\SysNative\kschimp.ini [2013.05.22 14:43:36 | 000,034,637 | ---- | C] () -- C:\windows\SysNative\ksaud.ini [2013.05.22 14:43:36 | 000,012,344 | ---- | C] () -- C:\windows\SysNative\MixerDefault.reg [2013.05.22 14:43:36 | 000,001,772 | ---- | C] () -- C:\ProgramData\cfSB1095.ini [2013.05.22 14:43:04 | 000,026,768 | R--- | C] () -- C:\windows\ksaudENG.reg [2013.05.22 14:43:04 | 000,002,630 | R--- | C] () -- C:\windows\MixerName.reg [2013.05.22 14:43:04 | 000,000,286 | RH-- | C] () -- C:\windows\ctfile.rfc [2013.05.22 14:41:32 | 000,005,498 | ---- | C] () -- C:\windows\SysWow64\CTOPT399.cat [2013.05.22 14:41:31 | 000,005,594 | ---- | C] () -- C:\windows\SysNative\CTOPT399.cat [2013.05.22 14:40:36 | 000,007,062 | ---- | C] () -- C:\windows\SysWow64\audiopid.vxd [2013.05.22 14:30:09 | 000,206,336 | ---- | C] () -- C:\windows\SysNative\unrar64.dll [2013.05.22 14:30:09 | 000,148,992 | ---- | C] ( ) -- C:\windows\SysNative\lagarith.dll [2013.05.22 14:15:40 | 000,000,355 | ---- | C] () -- C:\Users\Heinz\Desktop\Computer.lnk [2013.05.22 14:10:37 | 000,189,936 | ---- | C] () -- C:\windows\SysNative\drivers\aswVmm.sys [2013.05.22 14:10:37 | 000,065,336 | ---- | C] () -- C:\windows\SysNative\drivers\aswRvrt.sys [2013.05.22 14:10:35 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\config.nt [2013.05.22 14:09:13 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf [2013.05.21 20:49:45 | 000,002,290 | ---- | C] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013.05.21 20:48:00 | 000,001,136 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.21 20:47:59 | 000,001,132 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.21 20:47:23 | 000,001,435 | ---- | C] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2013.05.21 20:43:28 | 000,001,441 | ---- | C] () -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2013.05.21 20:41:55 | 000,000,352 | ---- | C] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2013.05.21 20:41:55 | 000,000,334 | ---- | C] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2013.01.17 04:18:06 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin [2012.11.13 19:18:06 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll [2012.09.18 03:40:14 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat [2012.09.18 03:40:14 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat [2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat [2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT [2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat [2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll [2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin [2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll [2012.07.25 22:22:56 | 000,733,840 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng700.bin [2012.07.25 22:22:56 | 000,492,340 | ---- | C] () -- C:\windows\SysWow64\igvpkrng700.bin [2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat [2012.05.11 02:35:16 | 000,029,184 | ---- | C] () -- C:\windows\SysWow64\kdbsdk32.dll [2012.04.20 23:59:44 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
|
08.06.2013, 09:39
| #10 |
| /// the machine /// TB-Ausbilder | Windows System immer bei 20% Systemauslastung, Virus vermutet hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.06.2013, 10:36
| #11 |
| | Windows System immer bei 20% Systemauslastung, Virus vermutetCode:
ATTFilter 11:33:52.0673 1652 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:33:52.0673 1652 UEFI system
11:33:52.0806 1652 ============================================================
11:33:52.0806 1652 Current date / time: 2013/06/08 11:33:52.0806
11:33:52.0806 1652 SystemInfo:
11:33:52.0806 1652
11:33:52.0806 1652 OS Version: 6.2.9200 ServicePack: 0.0
11:33:52.0806 1652 Product type: Workstation
11:33:52.0806 1652 ComputerName: TRANCEGOTT-PC
11:33:52.0806 1652 UserName: Thomas Terpelle
11:33:52.0806 1652 Windows directory: C:\windows
11:33:52.0806 1652 System windows directory: C:\windows
11:33:52.0806 1652 Running under WOW64
11:33:52.0807 1652 Processor architecture: Intel x64
11:33:52.0807 1652 Number of processors: 8
11:33:52.0807 1652 Page size: 0x1000
11:33:52.0807 1652 Boot type: Normal boot
11:33:52.0807 1652 ============================================================
11:33:52.0975 1652 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:33:52.0977 1652 ============================================================
11:33:52.0977 1652 \Device\Harddisk0\DR0:
11:33:52.0977 1652 GPT partitions:
11:33:52.0978 1652 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {FC31BAD6-E279-4BA1-8D27-300280A701BF}, Name: , StartLBA 0x22, BlocksNum 0x40000
11:33:52.0978 1652 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {754C4DAC-EF53-4CC6-912C-3F497C745887}, Name: , StartLBA 0x40800, BlocksNum 0xE1000
11:33:52.0978 1652 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A0A3484B-51B4-4EF4-95E3-244C0CBB5D47}, Name: , StartLBA 0x121800, BlocksNum 0x82000
11:33:52.0978 1652 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A18A8E91-0208-48BF-9321-389B27ACA356}, Name: , StartLBA 0x1A3800, BlocksNum 0xF87C800
11:33:52.0978 1652 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {550EE9E7-C86C-4343-8E22-068194B3C2BC}, Name: Basic data partition, StartLBA 0xFA20000, BlocksNum 0xB338E67
11:33:52.0978 1652 MBR partitions:
11:33:52.0978 1652 ============================================================
11:33:52.0979 1652 C: <-> \Device\Harddisk0\DR0\Partition4
11:33:52.0980 1652 E: <-> \Device\Harddisk0\DR0\Partition5
11:33:52.0980 1652 ============================================================
11:33:52.0980 1652 Initialize success
11:33:52.0980 1652 ============================================================
11:34:06.0474 6460 ============================================================
11:34:06.0474 6460 Scan started
11:34:06.0474 6460 Mode: Manual; SigCheck; TDLFS;
11:34:06.0474 6460 ============================================================
11:34:06.0596 6460 ================ Scan system memory ========================
11:34:06.0596 6460 System memory - ok
11:34:06.0597 6460 ================ Scan services =============================
11:34:06.0629 6460 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\windows\System32\drivers\1394ohci.sys
11:34:06.0657 6460 1394ohci - ok
11:34:06.0660 6460 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\windows\system32\drivers\3ware.sys
11:34:06.0668 6460 3ware - ok
11:34:06.0674 6460 [ 975AABEB243B800C23626D6B652C5A9C ] ACPI C:\windows\system32\drivers\ACPI.sys
11:34:06.0687 6460 ACPI - ok
11:34:06.0690 6460 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\windows\system32\Drivers\acpiex.sys
11:34:06.0697 6460 acpiex - ok
11:34:06.0700 6460 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\windows\System32\drivers\acpipagr.sys
11:34:06.0708 6460 acpipagr - ok
11:34:06.0711 6460 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\windows\System32\drivers\acpipmi.sys
11:34:06.0719 6460 AcpiPmi - ok
11:34:06.0721 6460 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\windows\System32\drivers\acpitime.sys
11:34:06.0730 6460 acpitime - ok
11:34:06.0733 6460 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:34:06.0739 6460 AdobeARMservice - ok
11:34:06.0745 6460 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\windows\system32\drivers\adp94xx.sys
11:34:06.0758 6460 adp94xx - ok
11:34:06.0763 6460 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\windows\system32\drivers\adpahci.sys
11:34:06.0775 6460 adpahci - ok
11:34:06.0779 6460 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\windows\system32\drivers\adpu320.sys
11:34:06.0788 6460 adpu320 - ok
11:34:06.0792 6460 [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc C:\windows\System32\aelupsvc.dll
11:34:06.0802 6460 AeLookupSvc - ok
11:34:06.0808 6460 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\windows\system32\drivers\afd.sys
11:34:06.0821 6460 AFD - ok
11:34:06.0824 6460 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\windows\system32\drivers\agp440.sys
11:34:06.0832 6460 agp440 - ok
11:34:06.0834 6460 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\windows\System32\alg.exe
11:34:06.0845 6460 ALG - ok
11:34:06.0849 6460 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
11:34:06.0858 6460 AllUserInstallAgent - ok
11:34:06.0862 6460 [ E14F7B22FD0BD5FAA8C885C64690965D ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
11:34:06.0874 6460 AMD External Events Utility - ok
11:34:06.0877 6460 [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\windows\System32\drivers\amdk8.sys
11:34:06.0886 6460 AmdK8 - ok
11:34:06.0948 6460 [ F931C2ED6C8294909C10657DCB9A9A4E ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
11:34:07.0042 6460 amdkmdag - ok
11:34:07.0048 6460 [ 0D481A7FE3A66724DC11AD8A4E417A9A ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
11:34:07.0061 6460 amdkmdap - ok
11:34:07.0064 6460 [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\windows\System32\drivers\amdppm.sys
11:34:07.0073 6460 AmdPPM - ok
11:34:07.0076 6460 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\windows\system32\drivers\amdsata.sys
11:34:07.0083 6460 amdsata - ok
11:34:07.0088 6460 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
11:34:07.0098 6460 amdsbs - ok
11:34:07.0100 6460 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\windows\system32\drivers\amdxata.sys
11:34:07.0107 6460 amdxata - ok
11:34:07.0110 6460 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\windows\system32\drivers\appid.sys
11:34:07.0121 6460 AppID - ok
11:34:07.0124 6460 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\windows\System32\appidsvc.dll
11:34:07.0134 6460 AppIDSvc - ok
11:34:07.0137 6460 [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo C:\windows\System32\appinfo.dll
11:34:07.0146 6460 Appinfo - ok
11:34:07.0149 6460 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\windows\system32\drivers\arc.sys
11:34:07.0157 6460 arc - ok
11:34:07.0161 6460 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\windows\system32\drivers\arcsas.sys
11:34:07.0169 6460 arcsas - ok
11:34:07.0171 6460 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
11:34:07.0182 6460 aswFsBlk - ok
11:34:07.0185 6460 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
11:34:07.0190 6460 aswMonFlt - ok
11:34:07.0193 6460 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
11:34:07.0199 6460 aswRdr - ok
11:34:07.0201 6460 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys
11:34:07.0207 6460 aswRvrt - ok
11:34:07.0215 6460 [ 10ED1CAB84AA65983C41A11F60294C9B ] aswSnx C:\windows\system32\drivers\aswSnx.sys
11:34:07.0230 6460 aswSnx - ok
11:34:07.0235 6460 [ 00E5253353717D3CA12A0F5A6F9991EC ] aswSP C:\windows\system32\drivers\aswSP.sys
11:34:07.0244 6460 aswSP - ok
11:34:07.0246 6460 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
11:34:07.0252 6460 aswTdi - ok
11:34:07.0255 6460 [ 6359B99C955DB9F40B653159A0EED261 ] aswVmm C:\windows\system32\drivers\aswVmm.sys
11:34:07.0262 6460 aswVmm - ok
11:34:07.0264 6460 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
11:34:07.0274 6460 AsyncMac - ok
11:34:07.0277 6460 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\windows\system32\drivers\atapi.sys
11:34:07.0284 6460 atapi - ok
11:34:07.0307 6460 [ F17ABC4AA1FE4989E812858261414FE5 ] athr C:\windows\system32\DRIVERS\athw8x.sys
11:34:07.0346 6460 athr - ok
11:34:07.0351 6460 [ 506907D2E7F3A5B67DBD39C00A788B7C ] AtiHDAudioService C:\windows\system32\drivers\AtihdW86.sys
11:34:07.0356 6460 AtiHDAudioService - ok
11:34:07.0360 6460 [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
11:34:07.0370 6460 AudioEndpointBuilder - ok
11:34:07.0378 6460 [ 810F30FF8490ED5ED510621DF10DE320 ] Audiosrv C:\windows\System32\Audiosrv.dll
11:34:07.0393 6460 Audiosrv - ok
11:34:07.0397 6460 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:34:07.0402 6460 avast! Antivirus - ok
11:34:07.0405 6460 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\windows\System32\AxInstSV.dll
11:34:07.0414 6460 AxInstSV - ok
11:34:07.0420 6460 [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
11:34:07.0435 6460 b06bdrv - ok
11:34:07.0438 6460 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\windows\System32\drivers\BasicDisplay.sys
11:34:07.0446 6460 BasicDisplay - ok
11:34:07.0449 6460 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\windows\System32\drivers\BasicRender.sys
11:34:07.0457 6460 BasicRender - ok
11:34:07.0461 6460 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\windows\System32\bdesvc.dll
11:34:07.0471 6460 BDESVC - ok
11:34:07.0473 6460 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\windows\system32\drivers\Beep.sys
11:34:07.0481 6460 Beep - ok
11:34:07.0488 6460 [ 9E6A544F465C582AB42444A217CF04DC ] BFE C:\windows\System32\bfe.dll
11:34:07.0502 6460 BFE - ok
11:34:07.0510 6460 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\windows\System32\qmgr.dll
11:34:07.0530 6460 BITS - ok
11:34:07.0533 6460 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\windows\system32\DRIVERS\bowser.sys
11:34:07.0542 6460 bowser - ok
11:34:07.0545 6460 [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
11:34:07.0555 6460 BrokerInfrastructure - ok
11:34:07.0558 6460 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\windows\System32\browser.dll
11:34:07.0567 6460 Browser - ok
11:34:07.0570 6460 [ 95280EF7B3351351A1B7F274D503A526 ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
11:34:07.0579 6460 BtFilter - ok
11:34:07.0582 6460 [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg C:\windows\System32\drivers\BthAvrcpTg.sys
11:34:07.0590 6460 BthAvrcpTg - ok
11:34:07.0593 6460 [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum C:\windows\System32\drivers\BthEnum.sys
11:34:07.0601 6460 BthEnum - ok
11:34:07.0604 6460 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\windows\System32\drivers\bthhfenum.sys
11:34:07.0619 6460 BthHFEnum - ok
11:34:07.0621 6460 [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid C:\windows\System32\drivers\BthHFHid.sys
11:34:07.0660 6460 bthhfhid - ok
11:34:07.0664 6460 [ 42201C346F0B8C458E1E9CDE04D68A2C ] BthLEEnum C:\windows\system32\DRIVERS\BthLEEnum.sys
11:34:07.0680 6460 BthLEEnum - ok
11:34:07.0683 6460 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\windows\System32\drivers\bthmodem.sys
11:34:07.0698 6460 BTHMODEM - ok
11:34:07.0701 6460 [ 091BB978E9504D0AD14586929431A957 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
11:34:07.0737 6460 BthPan - ok
11:34:07.0746 6460 [ 13795CAA34239D97A7211E7F9D96E012 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
11:34:07.0763 6460 BTHPORT - ok
11:34:07.0767 6460 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\windows\system32\bthserv.dll
11:34:07.0776 6460 bthserv - ok
11:34:07.0778 6460 [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
11:34:07.0786 6460 BTHUSB - ok
11:34:07.0789 6460 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
11:34:07.0798 6460 cdfs - ok
11:34:07.0802 6460 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\windows\System32\drivers\cdrom.sys
11:34:07.0811 6460 cdrom - ok
11:34:07.0814 6460 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\windows\System32\certprop.dll
11:34:07.0844 6460 CertPropSvc - ok
11:34:07.0846 6460 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\windows\System32\drivers\circlass.sys
11:34:07.0861 6460 circlass - ok
11:34:07.0864 6460 [ 9BCE872B95A6AA65C5B5A0E60703F1E3 ] ClassicShellService c:\Program Files\Classic Shell\ClassicShellService.exe
11:34:07.0867 6460 ClassicShellService ( UnsignedFile.Multi.Generic ) - warning
11:34:07.0867 6460 ClassicShellService - detected UnsignedFile.Multi.Generic (1)
11:34:07.0872 6460 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\windows\system32\drivers\CLFS.sys
11:34:07.0884 6460 CLFS - ok
11:34:07.0891 6460 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\windows\System32\drivers\CmBatt.sys
11:34:07.0898 6460 CmBatt - ok
11:34:07.0904 6460 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\windows\system32\Drivers\cng.sys
11:34:07.0919 6460 CNG - ok
11:34:07.0923 6460 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\windows\System32\drivers\CompositeBus.sys
11:34:07.0938 6460 CompositeBus - ok
11:34:07.0940 6460 COMSysApp - ok
11:34:07.0943 6460 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\windows\system32\drivers\condrv.sys
11:34:07.0952 6460 condrv - ok
11:34:07.0954 6460 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
11:34:07.0958 6460 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
11:34:07.0958 6460 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)
11:34:07.0961 6460 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
11:34:07.0964 6460 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
11:34:07.0964 6460 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
11:34:07.0968 6460 [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc C:\windows\system32\cryptsvc.dll
11:34:07.0978 6460 CryptSvc - ok
11:34:07.0982 6460 [ 5CE3D0E1D1B3832EE052CFC442EEE0FA ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
11:34:07.0987 6460 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
11:34:07.0987 6460 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
11:34:07.0990 6460 [ C4D01BD86D6B207275FC143EEA951D75 ] dam C:\windows\system32\drivers\dam.sys
11:34:07.0997 6460 dam - ok
11:34:08.0006 6460 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\windows\system32\rpcss.dll
11:34:08.0022 6460 DcomLaunch - ok
11:34:08.0027 6460 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\windows\System32\defragsvc.dll
11:34:08.0042 6460 defragsvc - ok
11:34:08.0047 6460 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\windows\system32\das.dll
11:34:08.0062 6460 DeviceAssociationService - ok
11:34:08.0066 6460 [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall C:\windows\system32\umpnpmgr.dll
11:34:08.0077 6460 DeviceInstall - ok
11:34:08.0080 6460 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\windows\system32\Drivers\dfsc.sys
11:34:08.0089 6460 Dfsc - ok
11:34:08.0092 6460 [ 0B3F6C8F93C5C25977EA5A8B2E656357 ] dg_ssudbus C:\windows\system32\DRIVERS\ssudbus.sys
11:34:08.0098 6460 dg_ssudbus - ok
11:34:08.0102 6460 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\windows\system32\dhcpcore.dll
11:34:08.0113 6460 Dhcp - ok
11:34:08.0116 6460 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\windows\system32\drivers\discache.sys
11:34:08.0128 6460 discache - ok
11:34:08.0131 6460 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\windows\system32\drivers\disk.sys
11:34:08.0139 6460 disk - ok
11:34:08.0142 6460 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\windows\System32\drivers\dmvsc.sys
11:34:08.0150 6460 dmvsc - ok
11:34:08.0153 6460 [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache C:\windows\System32\dnsrslvr.dll
11:34:08.0164 6460 Dnscache - ok
11:34:08.0168 6460 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\windows\System32\dot3svc.dll
11:34:08.0180 6460 dot3svc - ok
11:34:08.0184 6460 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\windows\system32\dps.dll
11:34:08.0198 6460 DPS - ok
11:34:08.0200 6460 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\windows\system32\drivers\drmkaud.sys
11:34:08.0208 6460 drmkaud - ok
11:34:08.0212 6460 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc C:\windows\System32\DeviceSetupManager.dll
11:34:08.0223 6460 DsmSvc - ok
11:34:08.0235 6460 [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
11:34:08.0262 6460 DXGKrnl - ok
11:34:08.0265 6460 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\windows\System32\eapsvc.dll
11:34:08.0276 6460 Eaphost - ok
11:34:08.0298 6460 [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv C:\windows\system32\drivers\evbda.sys
11:34:08.0350 6460 ebdrv - ok
11:34:08.0354 6460 [ F702AB6181513303AB0FC8D59E52708B ] EFS C:\windows\System32\lsass.exe
11:34:08.0363 6460 EFS - ok
11:34:08.0366 6460 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\windows\system32\drivers\EhStorClass.sys
11:34:08.0374 6460 EhStorClass - ok
11:34:08.0377 6460 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\windows\system32\drivers\EhStorTcgDrv.sys
11:34:08.0385 6460 EhStorTcgDrv - ok
11:34:08.0387 6460 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\windows\System32\drivers\errdev.sys
11:34:08.0395 6460 ErrDev - ok
11:34:08.0402 6460 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\windows\system32\es.dll
11:34:08.0415 6460 EventSystem - ok
11:34:08.0419 6460 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\windows\system32\drivers\exfat.sys
11:34:08.0432 6460 exfat - ok
11:34:08.0436 6460 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\windows\system32\drivers\fastfat.sys
11:34:08.0446 6460 fastfat - ok
11:34:08.0452 6460 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\windows\system32\fxssvc.exe
11:34:08.0469 6460 Fax - ok
11:34:08.0473 6460 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\windows\System32\drivers\fdc.sys
11:34:08.0482 6460 fdc - ok
11:34:08.0484 6460 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\windows\system32\fdPHost.dll
11:34:08.0497 6460 fdPHost - ok
11:34:08.0500 6460 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\windows\system32\fdrespub.dll
11:34:08.0513 6460 FDResPub - ok
11:34:08.0516 6460 [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc C:\windows\system32\fhsvc.dll
11:34:08.0525 6460 fhsvc - ok
11:34:08.0529 6460 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
11:34:08.0537 6460 FileInfo - ok
11:34:08.0539 6460 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\windows\system32\drivers\filetrace.sys
11:34:08.0552 6460 Filetrace - ok
11:34:08.0554 6460 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\windows\System32\drivers\flpydisk.sys
11:34:08.0562 6460 flpydisk - ok
11:34:08.0567 6460 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\windows\system32\drivers\fltmgr.sys
11:34:08.0579 6460 FltMgr - ok
11:34:08.0589 6460 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\windows\system32\FntCache.dll
11:34:08.0609 6460 FontCache - ok
11:34:08.0612 6460 [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:34:08.0620 6460 FontCache3.0.0.0 - ok
11:34:08.0622 6460 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\windows\system32\drivers\FsDepends.sys
11:34:08.0630 6460 FsDepends - ok
11:34:08.0633 6460 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
11:34:08.0639 6460 Fs_Rec - ok
11:34:08.0645 6460 [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
11:34:08.0659 6460 fvevol - ok
11:34:08.0662 6460 [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\windows\System32\drivers\fxppm.sys
11:34:08.0670 6460 FxPPM - ok
11:34:08.0673 6460 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
11:34:08.0680 6460 gagp30kx - ok
11:34:08.0684 6460 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
11:34:08.0691 6460 GamesAppService - ok
11:34:08.0693 6460 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\windows\System32\drivers\vmgencounter.sys
11:34:08.0701 6460 gencounter - ok
11:34:08.0705 6460 [ 4E1D0A246E10CFDDBF856432418DE404 ] GFNEXSrv C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
11:34:08.0709 6460 GFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
11:34:08.0709 6460 GFNEXSrv - detected UnsignedFile.Multi.Generic (1)
11:34:08.0712 6460 [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101 C:\windows\system32\Drivers\msgpioclx.sys
11:34:08.0720 6460 GPIOClx0101 - ok
11:34:08.0731 6460 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\windows\System32\gpsvc.dll
11:34:08.0754 6460 gpsvc - ok
11:34:08.0756 6460 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:34:08.0762 6460 gupdate - ok
11:34:08.0764 6460 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:34:08.0769 6460 gupdatem - ok
11:34:08.0773 6460 [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
11:34:08.0783 6460 HdAudAddService - ok
11:34:08.0786 6460 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus C:\windows\System32\drivers\HDAudBus.sys
11:34:08.0794 6460 HDAudBus - ok
11:34:08.0797 6460 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\windows\System32\drivers\HidBatt.sys
11:34:08.0805 6460 HidBatt - ok
11:34:08.0808 6460 [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth C:\windows\System32\drivers\hidbth.sys
11:34:08.0816 6460 HidBth - ok
11:34:08.0818 6460 [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\windows\System32\drivers\hidi2c.sys
11:34:08.0826 6460 hidi2c - ok
11:34:08.0829 6460 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\windows\System32\drivers\hidir.sys
11:34:08.0844 6460 HidIr - ok
11:34:08.0846 6460 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\windows\system32\hidserv.dll
11:34:08.0855 6460 hidserv - ok
11:34:08.0858 6460 [ 9E11EE0F2E117B2D5A835B2B91752827 ] HidUsb C:\windows\System32\drivers\hidusb.sys
11:34:08.0866 6460 HidUsb - ok
11:34:08.0869 6460 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\windows\system32\kmsvc.dll
11:34:08.0881 6460 hkmsvc - ok
11:34:08.0885 6460 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\windows\system32\ListSvc.dll
11:34:08.0896 6460 HomeGroupListener - ok
11:34:08.0901 6460 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\windows\system32\provsvc.dll
11:34:08.0913 6460 HomeGroupProvider - ok
11:34:08.0916 6460 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
11:34:08.0924 6460 HpSAMD - ok
11:34:08.0932 6460 [ F4A91D985EB9D1D2717D538F3424603C ] HTTP C:\windows\system32\drivers\HTTP.sys
11:34:08.0946 6460 HTTP - ok
11:34:08.0949 6460 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
11:34:08.0956 6460 hwpolicy - ok
11:34:08.0958 6460 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\windows\System32\drivers\hyperkbd.sys
11:34:08.0966 6460 hyperkbd - ok
11:34:08.0968 6460 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\windows\system32\DRIVERS\HyperVideo.sys
11:34:08.0976 6460 HyperVideo - ok
11:34:08.0979 6460 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\windows\System32\drivers\i8042prt.sys
11:34:08.0988 6460 i8042prt - ok
11:34:08.0994 6460 [ 050F2539E14F9D5E90A4B61738EC29BD ] iaStorA C:\windows\system32\drivers\iaStorA.sys
11:34:09.0005 6460 iaStorA - ok
11:34:09.0010 6460 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
11:34:09.0023 6460 iaStorV - ok
11:34:09.0120 6460 [ E5272DDF2C9043411809171715B4633D ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
11:34:09.0259 6460 igfx - ok
11:34:09.0264 6460 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\windows\system32\drivers\iirsp.sys
11:34:09.0271 6460 iirsp - ok
11:34:09.0280 6460 [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT C:\windows\System32\ikeext.dll
11:34:09.0298 6460 IKEEXT - ok
11:34:09.0326 6460 [ E0B2C982CA743CE8B3CBD7DD50AB82B0 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
11:34:09.0374 6460 IntcAzAudAddService - ok
11:34:09.0381 6460 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:34:09.0393 6460 Intel(R) Capability Licensing Service Interface - ok
11:34:09.0396 6460 [ 9656F8E29F6C3161A3E99BCD3A472FF9 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
11:34:09.0402 6460 Intel(R) ME Service - ok
11:34:09.0404 6460 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\windows\system32\drivers\intelide.sys
11:34:09.0411 6460 intelide - ok
11:34:09.0414 6460 [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\windows\System32\drivers\intelppm.sys
11:34:09.0422 6460 intelppm - ok
11:34:09.0425 6460 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
11:34:09.0435 6460 IpFilterDriver - ok
11:34:09.0443 6460 [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc C:\windows\System32\iphlpsvc.dll
11:34:09.0459 6460 iphlpsvc - ok
11:34:09.0462 6460 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\windows\System32\drivers\IPMIDrv.sys
11:34:09.0470 6460 IPMIDRV - ok
11:34:09.0473 6460 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\windows\system32\drivers\ipnat.sys
11:34:09.0484 6460 IPNAT - ok
11:34:09.0488 6460 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\windows\system32\drivers\irenum.sys
11:34:09.0496 6460 IRENUM - ok
11:34:09.0498 6460 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\windows\system32\drivers\isapnp.sys
11:34:09.0506 6460 isapnp - ok
11:34:09.0510 6460 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\windows\System32\drivers\msiscsi.sys
11:34:09.0521 6460 iScsiPrt - ok
11:34:09.0525 6460 [ 78ABBE558F57144047F10A0F50FE4B2F ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:34:09.0531 6460 jhi_service - ok
11:34:09.0534 6460 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\windows\System32\drivers\kbdclass.sys
11:34:09.0542 6460 kbdclass - ok
11:34:09.0544 6460 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\windows\System32\drivers\kbdhid.sys
11:34:09.0552 6460 kbdhid - ok
11:34:09.0554 6460 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\windows\system32\DRIVERS\kdnic.sys
11:34:09.0562 6460 kdnic - ok
11:34:09.0564 6460 [ F702AB6181513303AB0FC8D59E52708B ] KeyIso C:\windows\system32\lsass.exe
11:34:09.0573 6460 KeyIso - ok
11:34:09.0585 6460 [ E5E6ED52E30E1DFC05CCF83286FAA1AD ] ksaud C:\windows\system32\drivers\ksaud.sys
11:34:09.0603 6460 ksaud - ok
11:34:09.0606 6460 [ DFA480F6DED551464F3A5B959F437800 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
11:34:09.0614 6460 KSecDD - ok
11:34:09.0618 6460 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
11:34:09.0627 6460 KSecPkg - ok
11:34:09.0629 6460 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
11:34:09.0637 6460 ksthunk - ok
11:34:09.0642 6460 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\windows\system32\msdtckrm.dll
11:34:09.0655 6460 KtmRm - ok
11:34:09.0660 6460 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\windows\system32\srvsvc.dll
11:34:09.0672 6460 LanmanServer - ok
11:34:09.0676 6460 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
11:34:09.0688 6460 LanmanWorkstation - ok
11:34:09.0692 6460 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
11:34:09.0702 6460 lltdio - ok
11:34:09.0706 6460 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\windows\System32\lltdsvc.dll
11:34:09.0719 6460 lltdsvc - ok
11:34:09.0722 6460 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\windows\System32\lmhsvc.dll
11:34:09.0731 6460 lmhosts - ok
11:34:09.0734 6460 [ 2C24DC448DBE8DB9BE1441B824C57E79 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:34:09.0741 6460 LMS - ok
11:34:09.0745 6460 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
11:34:09.0753 6460 LSI_SAS - ok
11:34:09.0756 6460 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
11:34:09.0764 6460 LSI_SAS2 - ok
11:34:09.0767 6460 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
11:34:09.0776 6460 LSI_SCSI - ok
11:34:09.0778 6460 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\windows\system32\drivers\lsi_sss.sys
11:34:09.0786 6460 LSI_SSS - ok
11:34:09.0791 6460 [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM C:\windows\System32\lsm.dll
11:34:09.0803 6460 LSM - ok
11:34:09.0807 6460 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\windows\system32\drivers\luafv.sys
11:34:09.0819 6460 luafv - ok
11:34:09.0823 6460 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\windows\system32\drivers\megasas.sys
11:34:09.0830 6460 megasas - ok
11:34:09.0835 6460 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
11:34:09.0846 6460 MegaSR - ok
11:34:09.0849 6460 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\windows\System32\drivers\HECIx64.sys
11:34:09.0854 6460 MEIx64 - ok
11:34:09.0858 6460 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS C:\windows\system32\mmcss.dll
11:34:09.0867 6460 MMCSS - ok
11:34:09.0870 6460 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\windows\system32\drivers\modem.sys
11:34:09.0880 6460 Modem - ok
11:34:09.0882 6460 [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor C:\windows\System32\drivers\monitor.sys
11:34:09.0890 6460 monitor - ok
11:34:09.0893 6460 [ 618446B98C79776654340CE27C73485E ] mouclass C:\windows\System32\drivers\mouclass.sys
11:34:09.0900 6460 mouclass - ok
11:34:09.0903 6460 [ C0ADEBED913295803B579ED288936CBB ] mouhid C:\windows\System32\drivers\mouhid.sys
11:34:09.0910 6460 mouhid - ok
11:34:09.0913 6460 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\windows\system32\drivers\mountmgr.sys
11:34:09.0921 6460 mountmgr - ok
11:34:09.0924 6460 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
11:34:09.0932 6460 mpsdrv - ok
11:34:09.0940 6460 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\windows\system32\mpssvc.dll
11:34:09.0957 6460 MpsSvc - ok
11:34:09.0960 6460 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
11:34:09.0971 6460 MRxDAV - ok
11:34:09.0975 6460 [ 93179D48066918323628CB016D8C94DC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
11:34:09.0986 6460 mrxsmb - ok
11:34:09.0991 6460 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
11:34:10.0001 6460 mrxsmb10 - ok
11:34:10.0004 6460 [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
11:34:10.0014 6460 mrxsmb20 - ok
11:34:10.0017 6460 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\windows\system32\DRIVERS\bridge.sys
11:34:10.0028 6460 MsBridge - ok
11:34:10.0031 6460 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\windows\System32\msdtc.exe
11:34:10.0041 6460 MSDTC - ok
11:34:10.0046 6460 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\windows\system32\drivers\Msfs.sys
11:34:10.0054 6460 Msfs - ok
11:34:10.0057 6460 [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32 C:\windows\System32\drivers\msgpiowin32.sys
11:34:10.0064 6460 msgpiowin32 - ok
11:34:10.0066 6460 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
11:34:10.0074 6460 mshidkmdf - ok
11:34:10.0076 6460 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\windows\System32\drivers\mshidumdf.sys
11:34:10.0084 6460 mshidumdf - ok
11:34:10.0087 6460 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\windows\system32\drivers\msisadrv.sys
11:34:10.0094 6460 msisadrv - ok
11:34:10.0097 6460 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\windows\system32\iscsiexe.dll
11:34:10.0107 6460 MSiSCSI - ok
11:34:10.0110 6460 msiserver - ok
11:34:10.0112 6460 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
11:34:10.0120 6460 MSKSSRV - ok
11:34:10.0123 6460 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\windows\system32\DRIVERS\mslldp.sys
11:34:10.0132 6460 MsLldp - ok
11:34:10.0134 6460 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
11:34:10.0142 6460 MSPCLOCK - ok
11:34:10.0145 6460 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
11:34:10.0152 6460 MSPQM - ok
11:34:10.0157 6460 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
11:34:10.0170 6460 MsRPC - ok
11:34:10.0173 6460 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\windows\System32\drivers\mssmbios.sys
11:34:10.0180 6460 mssmbios - ok
11:34:10.0182 6460 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
11:34:10.0190 6460 MSTEE - ok
11:34:10.0193 6460 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\windows\System32\drivers\MTConfig.sys
11:34:10.0201 6460 MTConfig - ok
11:34:10.0203 6460 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\windows\system32\Drivers\mup.sys
11:34:10.0211 6460 Mup - ok
11:34:10.0214 6460 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\windows\system32\drivers\mvumis.sys
11:34:10.0221 6460 mvumis - ok
11:34:10.0227 6460 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\windows\system32\qagentRT.dll
11:34:10.0242 6460 napagent - ok
11:34:10.0247 6460 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
11:34:10.0259 6460 NativeWifiP - ok
11:34:10.0267 6460 [ E0E4A1F81A7D69C595A8A9DDAD084C19 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
11:34:10.0279 6460 NAUpdate - ok
11:34:10.0283 6460 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\windows\System32\ncasvc.dll
11:34:10.0293 6460 NcaSvc - ok
11:34:10.0296 6460 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\windows\System32\NcdAutoSetup.dll
11:34:10.0306 6460 NcdAutoSetup - ok
11:34:10.0315 6460 [ 03CFE4108D1DE16D6C59455B5C73319C ] NDIS C:\windows\system32\drivers\ndis.sys
11:34:10.0335 6460 NDIS - ok
11:34:10.0338 6460 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
11:34:10.0348 6460 NdisCap - ok
11:34:10.0351 6460 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\windows\system32\DRIVERS\NdisImPlatform.sys
11:34:10.0360 6460 NdisImPlatform - ok
11:34:10.0362 6460 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
11:34:10.0370 6460 NdisTapi - ok
11:34:10.0373 6460 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
11:34:10.0381 6460 Ndisuio - ok
11:34:10.0385 6460 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
11:34:10.0396 6460 NdisWan - ok
11:34:10.0399 6460 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\windows\system32\DRIVERS\ndiswan.sys
11:34:10.0409 6460 NDISWANLEGACY - ok
11:34:10.0412 6460 [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
11:34:10.0420 6460 NDProxy - ok
11:34:10.0423 6460 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\windows\system32\drivers\Ndu.sys
11:34:10.0432 6460 Ndu - ok
11:34:10.0435 6460 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
11:34:10.0445 6460 NetBIOS - ok
11:34:10.0449 6460 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
11:34:10.0461 6460 NetBT - ok
11:34:10.0464 6460 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\windows\system32\lsass.exe
11:34:10.0472 6460 Netlogon - ok
11:34:10.0476 6460 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\windows\System32\netman.dll
11:34:10.0489 6460 Netman - ok
11:34:10.0495 6460 [ 5FF52E13C72838D87DAF228EC9E92C89 ] netprofm C:\windows\System32\netprofmsvc.dll
11:34:10.0508 6460 netprofm - ok
11:34:10.0513 6460 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:34:10.0523 6460 NetTcpPortSharing - ok
11:34:10.0526 6460 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
11:34:10.0534 6460 nfrd960 - ok
11:34:10.0538 6460 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\windows\System32\nlasvc.dll
11:34:10.0550 6460 NlaSvc - ok
11:34:10.0553 6460 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\windows\system32\drivers\Npfs.sys
11:34:10.0562 6460 Npfs - ok
11:34:10.0564 6460 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\windows\System32\drivers\npsvctrig.sys
11:34:10.0576 6460 npsvctrig - ok
11:34:10.0579 6460 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\windows\system32\nsisvc.dll
11:34:10.0589 6460 nsi - ok
11:34:10.0591 6460 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
11:34:10.0600 6460 nsiproxy - ok
11:34:10.0616 6460 [ 76929F4A69E425911A63B407E26C2589 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
11:34:10.0650 6460 Ntfs - ok
11:34:10.0653 6460 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\windows\system32\drivers\Null.sys
11:34:10.0661 6460 Null - ok
11:34:10.0664 6460 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\windows\system32\drivers\nvraid.sys
11:34:10.0673 6460 nvraid - ok
11:34:10.0676 6460 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\windows\system32\drivers\nvstor.sys
11:34:10.0686 6460 nvstor - ok
11:34:10.0689 6460 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
11:34:10.0697 6460 nv_agp - ok
11:34:10.0700 6460 [ B9C125314A025127FE562C116D614AA3 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:34:10.0708 6460 ose64 - ok
11:34:10.0713 6460 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\windows\system32\pnrpsvc.dll
11:34:10.0725 6460 p2pimsvc - ok
11:34:10.0730 6460 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\windows\system32\p2psvc.dll
11:34:10.0743 6460 p2psvc - ok
11:34:10.0747 6460 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\windows\System32\drivers\parport.sys
11:34:10.0755 6460 Parport - ok
11:34:10.0758 6460 [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr C:\windows\system32\drivers\partmgr.sys
11:34:10.0766 6460 partmgr - ok
11:34:10.0771 6460 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\windows\System32\pcasvc.dll
11:34:10.0783 6460 PcaSvc - ok
11:34:10.0787 6460 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\windows\system32\drivers\pci.sys
11:34:10.0797 6460 pci - ok
11:34:10.0800 6460 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\windows\system32\drivers\pciide.sys
11:34:10.0806 6460 pciide - ok
11:34:10.0810 6460 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
11:34:10.0820 6460 pcmcia - ok
11:34:10.0823 6460 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\windows\system32\drivers\pcw.sys
11:34:10.0830 6460 pcw - ok
11:34:10.0833 6460 [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc C:\windows\system32\drivers\pdc.sys
11:34:10.0840 6460 pdc - ok
11:34:10.0848 6460 [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH C:\windows\system32\drivers\peauth.sys
11:34:10.0863 6460 PEAUTH - ok
11:34:10.0864 6460 [ EE926C59CBD4DC4DC9FBB85014A2F1A5 ] PEGAGFN C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys
11:34:10.0869 6460 PEGAGFN - ok
11:34:10.0883 6460 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\windows\SysWow64\perfhost.exe
11:34:10.0893 6460 PerfHost - ok
11:34:10.0907 6460 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\windows\system32\pla.dll
11:34:10.0931 6460 pla - ok
11:34:10.0934 6460 [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay C:\windows\system32\umpnpmgr.dll
11:34:10.0945 6460 PlugPlay - ok
11:34:10.0947 6460 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
11:34:10.0963 6460 PNRPAutoReg - ok
11:34:10.0967 6460 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\windows\system32\pnrpsvc.dll
11:34:10.0978 6460 PNRPsvc - ok
11:34:10.0984 6460 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
11:34:10.0999 6460 PolicyAgent - ok
11:34:11.0003 6460 [ F1E067F56373F11EA4B785CAE823740A ] Power C:\windows\system32\umpo.dll
11:34:11.0013 6460 Power - ok
11:34:11.0016 6460 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
11:34:11.0026 6460 PptpMiniport - ok
11:34:11.0047 6460 [ CC0B8655E4B2A5BBB215CDA8FC3BE4DE ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
11:34:11.0077 6460 PrintNotify - ok
11:34:11.0080 6460 [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\windows\System32\drivers\processr.sys
11:34:11.0089 6460 Processor - ok
11:34:11.0093 6460 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\windows\system32\profsvc.dll
11:34:11.0104 6460 ProfSvc - ok
11:34:11.0107 6460 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\windows\system32\DRIVERS\pacer.sys
11:34:11.0118 6460 Psched - ok
11:34:11.0122 6460 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\windows\system32\qwave.dll
11:34:11.0135 6460 QWAVE - ok
11:34:11.0137 6460 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
11:34:11.0146 6460 QWAVEdrv - ok
11:34:11.0148 6460 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
11:34:11.0158 6460 RasAcd - ok
11:34:11.0161 6460 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
11:34:11.0171 6460 RasAgileVpn - ok
11:34:11.0174 6460 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\windows\System32\rasauto.dll
11:34:11.0186 6460 RasAuto - ok
11:34:11.0189 6460 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
11:34:11.0199 6460 Rasl2tp - ok
11:34:11.0204 6460 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\windows\System32\rasmans.dll
11:34:11.0218 6460 RasMan - ok
11:34:11.0221 6460 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
11:34:11.0232 6460 RasPppoe - ok
11:34:11.0234 6460 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
11:34:11.0245 6460 RasSstp - ok
11:34:11.0250 6460 [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
11:34:11.0261 6460 rdbss - ok
11:34:11.0265 6460 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\windows\System32\drivers\rdpbus.sys
11:34:11.0273 6460 rdpbus - ok
11:34:11.0276 6460 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\windows\system32\drivers\rdpdr.sys
11:34:11.0285 6460 RDPDR - ok
11:34:11.0290 6460 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
11:34:11.0297 6460 RdpVideoMiniport - ok
11:34:11.0300 6460 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
11:34:11.0310 6460 RDPWD - ok
11:34:11.0314 6460 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
11:34:11.0324 6460 rdyboost - ok
11:34:11.0327 6460 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\windows\System32\mprdim.dll
11:34:11.0339 6460 RemoteAccess - ok
11:34:11.0342 6460 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\windows\system32\regsvc.dll
11:34:11.0357 6460 RemoteRegistry - ok
11:34:11.0360 6460 [ CCBFCABDFE2BC22F0645CEAADDB36004 ] RFCOMM C:\windows\System32\drivers\rfcomm.sys
11:34:11.0369 6460 RFCOMM - ok
11:34:11.0372 6460 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
11:34:11.0382 6460 RpcEptMapper - ok
11:34:11.0385 6460 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\windows\system32\locator.exe
11:34:11.0394 6460 RpcLocator - ok
11:34:11.0401 6460 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\windows\system32\rpcss.dll
11:34:11.0416 6460 RpcSs - ok
11:34:11.0419 6460 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
11:34:11.0429 6460 rspndr - ok
11:34:11.0433 6460 [ 0E32A8922DCFD28EA00AAEC07CB3F331 ] RSUSBSTOR C:\windows\System32\Drivers\RtsUStor.sys
11:34:11.0440 6460 RSUSBSTOR - ok
11:34:11.0444 6460 [ 3BDBB0CBFB27FEF51B7574676D1C9F6A ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
11:34:11.0450 6460 RtkAudioService - ok
11:34:11.0457 6460 [ 34DA0D14F5C3F1883A331AFB975AB434 ] RTL8168 C:\windows\system32\DRIVERS\Rt630x64.sys
11:34:11.0469 6460 RTL8168 - ok
11:34:11.0478 6460 [ A02C8EA09D5601FA0148739A95F31AEF ] RTL8192Ce C:\windows\system32\DRIVERS\rtwlane.sys
11:34:11.0503 6460 RTL8192Ce - ok
11:34:11.0506 6460 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\windows\System32\drivers\vms3cap.sys
11:34:11.0513 6460 s3cap - ok
11:34:11.0516 6460 [ F702AB6181513303AB0FC8D59E52708B ] SamSs C:\windows\system32\lsass.exe
11:34:11.0525 6460 SamSs - ok
11:34:11.0528 6460 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
11:34:11.0537 6460 sbp2port - ok
11:34:11.0541 6460 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\windows\System32\SCardSvr.dll
11:34:11.0554 6460 SCardSvr - ok
11:34:11.0556 6460 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
11:34:11.0567 6460 scfilter - ok
11:34:11.0577 6460 [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule C:\windows\system32\schedsvc.dll
11:34:11.0598 6460 Schedule - ok
11:34:11.0602 6460 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\windows\System32\certprop.dll
11:34:11.0612 6460 SCPolicySvc - ok
11:34:11.0616 6460 [ 047315E75392CEA447ACC86257824C16 ] sdbus C:\windows\System32\drivers\sdbus.sys
11:34:11.0625 6460 sdbus - ok
11:34:11.0629 6460 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\windows\System32\SDRSVC.dll
11:34:11.0640 6460 SDRSVC - ok
11:34:11.0643 6460 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\windows\System32\drivers\sdstor.sys
11:34:11.0651 6460 sdstor - ok
11:34:11.0653 6460 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
11:34:11.0661 6460 secdrv - ok
11:34:11.0664 6460 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\windows\system32\seclogon.dll
11:34:11.0676 6460 seclogon - ok
11:34:11.0679 6460 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\windows\System32\sens.dll
11:34:11.0693 6460 SENS - ok
11:34:11.0696 6460 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\windows\system32\sensrsvc.dll
11:34:11.0707 6460 SensrSvc - ok
11:34:11.0710 6460 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\windows\system32\drivers\SerCx.sys
11:34:11.0718 6460 SerCx - ok
11:34:11.0721 6460 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\windows\System32\drivers\serenum.sys
11:34:11.0729 6460 Serenum - ok
11:34:11.0733 6460 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\windows\System32\drivers\serial.sys
11:34:11.0741 6460 Serial - ok
11:34:11.0744 6460 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\windows\System32\drivers\sermouse.sys
11:34:11.0752 6460 sermouse - ok
11:34:11.0759 6460 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\windows\system32\sessenv.dll
11:34:11.0771 6460 SessionEnv - ok
11:34:11.0774 6460 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\windows\System32\drivers\sfloppy.sys
11:34:11.0782 6460 sfloppy - ok
11:34:11.0787 6460 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\windows\System32\ipnathlp.dll
11:34:11.0802 6460 SharedAccess - ok
11:34:11.0809 6460 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\windows\System32\shsvcs.dll
11:34:11.0827 6460 ShellHWDetection - ok
11:34:11.0830 6460 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
11:34:11.0837 6460 SiSRaid2 - ok
11:34:11.0840 6460 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
11:34:11.0848 6460 SiSRaid4 - ok
11:34:11.0851 6460 [ 4A2972573225A2DE4DEC0AD68529DF0F ] SmbDrvI C:\windows\system32\DRIVERS\Smb_driver_Intel.sys
11:34:11.0856 6460 SmbDrvI - ok
11:34:11.0861 6460 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\windows\System32\snmptrap.exe
11:34:11.0872 6460 SNMPTRAP - ok
11:34:11.0877 6460 [ 872E937681910E2456A054331C7D5A18 ] spaceport C:\windows\system32\drivers\spaceport.sys
11:34:11.0887 6460 spaceport - ok
11:34:11.0890 6460 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\windows\system32\drivers\SpbCx.sys
11:34:11.0899 6460 SpbCx - ok
11:34:11.0906 6460 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\windows\System32\spoolsv.exe
11:34:11.0923 6460 Spooler - ok
11:34:11.0954 6460 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\windows\system32\sppsvc.exe
11:34:12.0006 6460 sppsvc - ok
11:34:12.0012 6460 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\windows\system32\DRIVERS\srv.sys
11:34:12.0023 6460 srv - ok
11:34:12.0030 6460 [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
11:34:12.0043 6460 srv2 - ok
11:34:12.0047 6460 [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
11:34:12.0056 6460 srvnet - ok
11:34:12.0060 6460 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
11:34:12.0074 6460 SSDPSRV - ok
11:34:12.0077 6460 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\windows\system32\sstpsvc.dll
11:34:12.0089 6460 SstpSvc - ok
11:34:12.0093 6460 [ EA8F41484CCC5BA6A1455C2AD3D1BE3C ] ssudmdm C:\windows\system32\DRIVERS\ssudmdm.sys
11:34:12.0099 6460 ssudmdm - ok
11:34:12.0102 6460 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\windows\system32\drivers\stexstor.sys
11:34:12.0109 6460 stexstor - ok
11:34:12.0115 6460 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\windows\System32\wiaservc.dll
11:34:12.0129 6460 stisvc - ok
11:34:12.0132 6460 [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci C:\windows\system32\drivers\storahci.sys
11:34:12.0140 6460 storahci - ok
11:34:12.0143 6460 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\windows\system32\DRIVERS\vmstorfl.sys
11:34:12.0150 6460 storflt - ok
11:34:12.0153 6460 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\windows\system32\storsvc.dll
11:34:12.0163 6460 StorSvc - ok
11:34:12.0165 6460 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\windows\system32\drivers\storvsc.sys
11:34:12.0172 6460 storvsc - ok
11:34:12.0175 6460 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\windows\system32\svsvc.dll
11:34:12.0189 6460 svsvc - ok
11:34:12.0191 6460 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\windows\System32\drivers\swenum.sys
11:34:12.0198 6460 swenum - ok
11:34:12.0203 6460 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\windows\System32\swprv.dll
11:34:12.0221 6460 swprv - ok
11:34:12.0226 6460 [ 157DFCD1E83E964A5074742AE2DFA0C1 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
11:34:12.0236 6460 SynTP - ok
11:34:12.0247 6460 [ DC21E1F06343773D7E24362DCEF7944B ] SysMain C:\windows\system32\sysmain.dll
11:34:12.0269 6460 SysMain - ok
11:34:12.0273 6460 [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
11:34:12.0284 6460 SystemEventsBroker - ok
11:34:12.0287 6460 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\windows\System32\TabSvc.dll
11:34:12.0297 6460 TabletInputService - ok
11:34:12.0302 6460 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\windows\System32\tapisrv.dll
11:34:12.0315 6460 TapiSrv - ok
11:34:12.0331 6460 [ B6D52E2C38B49A156E58FF5B9C6CA8BE ] Tcpip C:\windows\system32\drivers\tcpip.sys
11:34:12.0369 6460 Tcpip - ok
11:34:12.0386 6460 [ B6D52E2C38B49A156E58FF5B9C6CA8BE ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
11:34:12.0420 6460 TCPIP6 - ok
11:34:12.0424 6460 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
11:34:12.0434 6460 tcpipreg - ok
11:34:12.0438 6460 [ 58480A57ACF2671C343FD1D4BA990E34 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
11:34:12.0443 6460 tdcmdpst - ok
11:34:12.0446 6460 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\windows\system32\DRIVERS\tdx.sys
11:34:12.0455 6460 tdx - ok
11:34:12.0459 6460 [ E53A8CFB52B68AB8981B915CCDF4D5CE ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
11:34:12.0464 6460 TemproMonitoringService - ok
11:34:12.0467 6460 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\windows\System32\drivers\terminpt.sys
11:34:12.0474 6460 terminpt - ok
11:34:12.0481 6460 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\windows\System32\termsrv.dll
11:34:12.0497 6460 TermService - ok
11:34:12.0500 6460 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\windows\system32\themeservice.dll
11:34:12.0514 6460 Themes - ok
11:34:12.0517 6460 [ 16E745743BABAF480B7718442F38B076 ] Thotkey C:\windows\System32\drivers\Thotkey.sys
11:34:12.0522 6460 Thotkey - ok
11:34:12.0525 6460 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER C:\windows\system32\mmcss.dll
11:34:12.0533 6460 THREADORDER - ok
11:34:12.0537 6460 [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker C:\windows\System32\TimeBrokerServer.dll
11:34:12.0548 6460 TimeBroker - ok
11:34:12.0550 6460 [ 5201342394DD42848027CE96A37043DB ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
11:34:12.0555 6460 TMachInfo - ok
11:34:12.0559 6460 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
11:34:12.0566 6460 TODDSrv - ok
11:34:12.0570 6460 [ 4D7977197C3EC8C65F533E8A84DE229C ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\Teco\TecoService.exe
11:34:12.0577 6460 TOSHIBA eco Utility Service - ok
11:34:12.0580 6460 [ 9C422F735F7EB0EFA82C3E0DCC10FAA6 ] tosrfec C:\windows\System32\drivers\tosrfec.sys
11:34:12.0584 6460 tosrfec - ok
11:34:12.0590 6460 [ 36391C3953D191A2AF4556D5D706C641 ] tos_sps64 C:\windows\system32\drivers\tos_sps64.sys
11:34:12.0601 6460 tos_sps64 - ok
11:34:12.0606 6460 [ 8608681DC6E2975815A593209A6432CD ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
11:34:12.0615 6460 TPCHSrv - ok
11:34:12.0618 6460 [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM C:\windows\system32\drivers\tpm.sys
11:34:12.0627 6460 TPM - ok
11:34:12.0630 6460 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\windows\System32\trkwks.dll
11:34:12.0641 6460 TrkWks - ok
11:34:12.0644 6460 [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
11:34:12.0652 6460 TrustedInstaller - ok
11:34:12.0655 6460 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
11:34:12.0663 6460 TsUsbFlt - ok
11:34:12.0666 6460 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\windows\System32\drivers\TsUsbGD.sys
11:34:12.0674 6460 TsUsbGD - ok
11:34:12.0677 6460 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
11:34:12.0688 6460 tunnel - ok
11:34:12.0691 6460 [ 54BDBF3D4DED58DA78B702471C68D4CA ] TVALZ C:\windows\system32\drivers\TVALZ_O.SYS
11:34:12.0696 6460 TVALZ - ok
11:34:12.0698 6460 [ 55A9A23DD64EB7781FCAB565B028CD0E ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
11:34:12.0703 6460 TVALZFL - ok
11:34:12.0706 6460 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\windows\system32\drivers\uagp35.sys
11:34:12.0714 6460 uagp35 - ok
11:34:12.0716 6460 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\windows\System32\drivers\uaspstor.sys
11:34:12.0724 6460 UASPStor - ok
11:34:12.0728 6460 [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000 C:\windows\System32\drivers\ucx01000.sys
11:34:12.0738 6460 UCX01000 - ok
11:34:12.0742 6460 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\windows\system32\DRIVERS\udfs.sys
11:34:12.0757 6460 udfs - ok
11:34:12.0761 6460 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\windows\system32\UI0Detect.exe
11:34:12.0773 6460 UI0Detect - ok
11:34:12.0776 6460 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
11:34:12.0784 6460 uliagpkx - ok
11:34:12.0786 6460 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\windows\System32\drivers\umbus.sys
11:34:12.0795 6460 umbus - ok
11:34:12.0797 6460 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\windows\System32\drivers\umpass.sys
11:34:12.0805 6460 UmPass - ok
11:34:12.0809 6460 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\windows\System32\umrdp.dll
11:34:12.0821 6460 UmRdpService - ok
11:34:12.0826 6460 [ E1A119AD21F5AFE22EB516C549306D3D ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:34:12.0834 6460 UNS - ok
11:34:12.0840 6460 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\windows\System32\upnphost.dll
11:34:12.0856 6460 upnphost - ok
11:34:12.0859 6460 [ 3FBE0784E42E7BA93FCC5201D2BAFE23 ] usbaudio C:\windows\system32\drivers\usbaudio.sys
11:34:12.0875 6460 usbaudio - ok
11:34:12.0878 6460 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\windows\System32\drivers\usbccgp.sys
11:34:12.0887 6460 usbccgp - ok
11:34:12.0889 6460 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\windows\System32\drivers\usbcir.sys
11:34:12.0906 6460 usbcir - ok
11:34:12.0909 6460 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci C:\windows\System32\drivers\usbehci.sys
11:34:12.0917 6460 usbehci - ok
11:34:12.0922 6460 [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub C:\windows\System32\drivers\usbhub.sys
11:34:12.0936 6460 usbhub - ok
11:34:12.0942 6460 [ C5986337DE3BF63ABD9ED4D834D34B89 ] USBHUB3 C:\windows\System32\drivers\UsbHub3.sys
11:34:12.0955 6460 USBHUB3 - ok
11:34:12.0957 6460 [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\windows\System32\drivers\usbohci.sys
11:34:12.0965 6460 usbohci - ok
11:34:12.0968 6460 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\windows\System32\drivers\usbprint.sys
11:34:12.0977 6460 usbprint - ok
11:34:12.0980 6460 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\windows\System32\drivers\USBSTOR.SYS
11:34:12.0988 6460 USBSTOR - ok
11:34:12.0991 6460 [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci C:\windows\System32\drivers\usbuhci.sys
11:34:12.0999 6460 usbuhci - ok
11:34:13.0002 6460 [ 09799E701B4327097E9F63D3FE221083 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
11:34:13.0012 6460 usbvideo - ok
11:34:13.0017 6460 [ 11C0CF143D246E2F0E9BDBF17A0CC70B ] USBXHCI C:\windows\System32\drivers\USBXHCI.SYS
11:34:13.0028 6460 USBXHCI - ok
11:34:13.0031 6460 [ 9AD9560606A3049CE492E3A06FB12716 ] usb_rndisx C:\windows\system32\DRIVERS\usb8023x.sys
11:34:13.0039 6460 usb_rndisx - ok
11:34:13.0041 6460 [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc C:\windows\system32\lsass.exe
11:34:13.0050 6460 VaultSvc - ok
11:34:13.0053 6460 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
11:34:13.0060 6460 vdrvroot - ok
11:34:13.0067 6460 [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds C:\windows\System32\vds.exe
11:34:13.0083 6460 vds - ok
11:34:13.0086 6460 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\windows\system32\drivers\VerifierExt.sys
11:34:13.0094 6460 VerifierExt - ok
11:34:13.0100 6460 [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp C:\windows\System32\drivers\vhdmp.sys
11:34:13.0114 6460 vhdmp - ok
11:34:13.0117 6460 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\windows\system32\drivers\viaide.sys
11:34:13.0124 6460 viaide - ok
11:34:13.0127 6460 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\windows\system32\drivers\vmbus.sys
11:34:13.0135 6460 vmbus - ok
11:34:13.0137 6460 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\windows\System32\drivers\VMBusHID.sys
11:34:13.0145 6460 VMBusHID - ok
11:34:13.0150 6460 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\windows\System32\ICSvc.dll
11:34:13.0161 6460 vmicheartbeat - ok
11:34:13.0165 6460 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\windows\System32\ICSvc.dll
11:34:13.0175 6460 vmickvpexchange - ok
11:34:13.0179 6460 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\windows\System32\ICSvc.dll
11:34:13.0189 6460 vmicrdv - ok
11:34:13.0193 6460 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\windows\System32\ICSvc.dll
11:34:13.0203 6460 vmicshutdown - ok
11:34:13.0206 6460 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\windows\System32\ICSvc.dll
11:34:13.0216 6460 vmictimesync - ok
11:34:13.0220 6460 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\windows\System32\ICSvc.dll
11:34:13.0230 6460 vmicvss - ok
11:34:13.0233 6460 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\windows\system32\drivers\volmgr.sys
11:34:13.0241 6460 volmgr - ok
11:34:13.0246 6460 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
11:34:13.0258 6460 volmgrx - ok
11:34:13.0262 6460 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap C:\windows\system32\drivers\volsnap.sys
11:34:13.0274 6460 volsnap - ok
11:34:13.0276 6460 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\windows\System32\drivers\vpci.sys
11:34:13.0284 6460 vpci - ok
11:34:13.0287 6460 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
11:34:13.0296 6460 vsmraid - ok
11:34:13.0308 6460 [ EA658570314042C914964FC72AB50E6B ] VSS C:\windows\system32\vssvc.exe
11:34:13.0334 6460 VSS - ok
11:34:13.0338 6460 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\windows\system32\drivers\vstxraid.sys
11:34:13.0350 6460 VSTXRAID - ok
11:34:13.0352 6460 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
11:34:13.0360 6460 vwifibus - ok
11:34:13.0362 6460 [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
11:34:13.0371 6460 vwififlt - ok
11:34:13.0373 6460 [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
11:34:13.0381 6460 vwifimp - ok
11:34:13.0386 6460 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\windows\system32\w32time.dll
11:34:13.0402 6460 W32Time - ok
11:34:13.0406 6460 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\windows\System32\drivers\wacompen.sys
11:34:13.0414 6460 WacomPen - ok
11:34:13.0418 6460 [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp C:\windows\system32\DRIVERS\wanarp.sys
11:34:13.0427 6460 Wanarp - ok
11:34:13.0429 6460 [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
11:34:13.0437 6460 Wanarpv6 - ok
11:34:13.0449 6460 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\windows\system32\wbengine.exe
11:34:13.0472 6460 wbengine - ok
11:34:13.0477 6460 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
11:34:13.0489 6460 WbioSrvc - ok
11:34:13.0493 6460 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\windows\System32\wcmsvc.dll
11:34:13.0506 6460 Wcmsvc - ok
11:34:13.0511 6460 [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\windows\System32\wcncsvc.dll
11:34:13.0525 6460 wcncsvc - ok
11:34:13.0528 6460 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
11:34:13.0537 6460 WcsPlugInService - ok
11:34:13.0540 6460 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\windows\system32\drivers\wd.sys
11:34:13.0547 6460 Wd - ok
11:34:13.0550 6460 [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot C:\windows\system32\drivers\WdBoot.sys
11:34:13.0557 6460 WdBoot - ok
11:34:13.0564 6460 [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
11:34:13.0580 6460 Wdf01000 - ok
11:34:13.0584 6460 [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter C:\windows\system32\drivers\WdFilter.sys
11:34:13.0593 6460 WdFilter - ok
11:34:13.0596 6460 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\windows\system32\wdi.dll
11:34:13.0611 6460 WdiServiceHost - ok
11:34:13.0613 6460 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\windows\system32\wdi.dll
11:34:13.0627 6460 WdiSystemHost - ok
11:34:13.0631 6460 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\windows\System32\webclnt.dll
11:34:13.0644 6460 WebClient - ok
11:34:13.0648 6460 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\windows\system32\wecsvc.dll
11:34:13.0661 6460 Wecsvc - ok
11:34:13.0663 6460 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\windows\System32\wercplsupport.dll
11:34:13.0680 6460 wercplsupport - ok
11:34:13.0683 6460 [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc C:\windows\System32\WerSvc.dll
11:34:13.0696 6460 WerSvc - ok
11:34:13.0699 6460 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\windows\system32\DRIVERS\wfplwfs.sys
11:34:13.0707 6460 WFPLWFS - ok
11:34:13.0710 6460 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\windows\System32\wiarpc.dll
11:34:13.0721 6460 WiaRpc - ok
11:34:13.0723 6460 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\windows\system32\drivers\wimmount.sys
11:34:13.0731 6460 WIMMount - ok
11:34:13.0733 6460 WinDefend - ok
11:34:13.0742 6460 [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
11:34:13.0758 6460 WinHttpAutoProxySvc - ok
11:34:13.0764 6460 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
11:34:13.0775 6460 Winmgmt - ok
11:34:13.0794 6460 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\windows\system32\WsmSvc.dll
11:34:13.0830 6460 WinRM - ok
11:34:13.0834 6460 [ BB20956C424531003F7FA6CD36F11D5D ] WinUSB C:\windows\system32\DRIVERS\WinUSB.sys
11:34:13.0849 6460 WinUSB - ok
11:34:13.0861 6460 [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\windows\System32\wlansvc.dll
11:34:13.0882 6460 WlanSvc - ok
11:34:13.0897 6460 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc C:\windows\system32\wlidsvc.dll
11:34:13.0924 6460 wlidsvc - ok
11:34:13.0926 6460 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\windows\System32\drivers\wmiacpi.sys
11:34:13.0934 6460 WmiAcpi - ok
11:34:13.0938 6460 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
11:34:13.0949 6460 wmiApSrv - ok
11:34:13.0951 6460 WMPNetworkSvc - ok
11:34:13.0954 6460 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\windows\system32\DRIVERS\wpcfltr.sys
11:34:13.0962 6460 wpcfltr - ok
11:34:13.0965 6460 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\windows\System32\wpcsvc.dll
11:34:13.0975 6460 WPCSvc - ok
11:34:13.0978 6460 [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
11:34:13.0989 6460 WPDBusEnum - ok
11:34:13.0991 6460 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\windows\system32\drivers\WpdUpFltr.sys
11:34:13.0999 6460 WpdUpFltr - ok
11:34:14.0001 6460 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
11:34:14.0009 6460 ws2ifsl - ok
11:34:14.0012 6460 [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc C:\windows\System32\wscsvc.dll
11:34:14.0023 6460 wscsvc - ok
11:34:14.0025 6460 WSearch - ok
11:34:14.0042 6460 [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService C:\windows\System32\WSService.dll
11:34:14.0085 6460 WSService - ok
11:34:14.0109 6460 [ 79F95469604B77296346DE7DB463EA2A ] wuauserv C:\windows\system32\wuaueng.dll
11:34:14.0146 6460 wuauserv - ok
11:34:14.0149 6460 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
11:34:14.0158 6460 WudfPf - ok
11:34:14.0161 6460 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\System32\drivers\WUDFRd.sys
11:34:14.0171 6460 WUDFRd - ok
11:34:14.0174 6460 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
11:34:14.0185 6460 wudfsvc - ok
11:34:14.0188 6460 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\windows\system32\DRIVERS\WUDFRd.sys
11:34:14.0197 6460 WUDFWpdFs - ok
11:34:14.0200 6460 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp C:\windows\system32\DRIVERS\WUDFRd.sys
11:34:14.0208 6460 WUDFWpdMtp - ok
11:34:14.0214 6460 [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc C:\windows\System32\wwansvc.dll
11:34:14.0227 6460 WwanSvc - ok
11:34:14.0240 6460 [ 24FB8DB6D1D55E2C5D0A53DFE48E6AF8 ] Yontoo Desktop Updater C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
11:34:14.0289 6460 Yontoo Desktop Updater ( UnsignedFile.Multi.Generic ) - warning
11:34:14.0290 6460 Yontoo Desktop Updater - detected UnsignedFile.Multi.Generic (1)
11:34:14.0296 6460 ================ Scan global ===============================
11:34:14.0299 6460 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\windows\system32\basesrv.dll
11:34:14.0303 6460 [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\windows\system32\winsrv.dll
11:34:14.0309 6460 [ BD7C6949984D19AAA609896B675E7357 ] C:\windows\system32\sxssrv.dll
11:34:14.0315 6460 [ 8F226143046435C75C033B0C52E90FFE ] C:\windows\system32\services.exe
11:34:14.0320 6460 [Global] - ok
11:34:14.0320 6460 ================ Scan MBR ==================================
11:34:14.0321 6460 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:34:14.0347 6460 \Device\Harddisk0\DR0 - ok
11:34:14.0348 6460 ================ Scan VBR ==================================
11:34:14.0349 6460 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1
11:34:14.0349 6460 \Device\Harddisk0\DR0\Partition1 - ok
11:34:14.0351 6460 [ 38EEF37150E1B339F40944840E21857A ] \Device\Harddisk0\DR0\Partition2
11:34:14.0352 6460 \Device\Harddisk0\DR0\Partition2 - ok
11:34:14.0353 6460 [ 48557E353E3A9544134C9677A13E4567 ] \Device\Harddisk0\DR0\Partition3
11:34:14.0354 6460 \Device\Harddisk0\DR0\Partition3 - ok
11:34:14.0355 6460 [ C2B3C8B11CA09D8191700CA04D22EBDA ] \Device\Harddisk0\DR0\Partition4
11:34:14.0356 6460 \Device\Harddisk0\DR0\Partition4 - ok
11:34:14.0358 6460 [ 6D84CB10E80AD4FC62318C83C4A1F301 ] \Device\Harddisk0\DR0\Partition5
11:34:14.0359 6460 \Device\Harddisk0\DR0\Partition5 - ok
11:34:14.0359 6460 ============================================================
11:34:14.0359 6460 Scan finished
11:34:14.0359 6460 ============================================================
11:34:14.0365 2500 Detected object count: 6
11:34:14.0365 2500 Actual detected object count: 6
11:35:21.0019 2500 ClassicShellService ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:21.0019 2500 ClassicShellService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:21.0020 2500 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:21.0020 2500 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:21.0020 2500 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:21.0020 2500 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:21.0021 2500 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:21.0021 2500 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:21.0021 2500 GFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:21.0021 2500 GFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:35:21.0022 2500 Yontoo Desktop Updater ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:21.0022 2500 Yontoo Desktop Updater ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
08.06.2013, 11:23
| #12 |
| /// the machine /// TB-Ausbilder | Windows System immer bei 20% Systemauslastung, Virus vermutet Systemscan mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.06.2013, 11:40
| #13 |
| | Windows System immer bei 20% Systemauslastung, Virus vermutetCode:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-06-2013
Ran by Thomas Terpelle (administrator) on 08-06-2013 12:39:38
Running from E:\Thomas\Downloads\Setups
Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(IvoSoft) c:\Program Files\Classic Shell\ClassicShellService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
(IvoSoft) c:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(Microsoft) C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Unified Intents AB) C:\Program Files (x86)\Unified Remote\RemoteServer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
(Yontoo LLC) C:\Users\Heinz\AppData\Roaming\Yontoo\YontooDesktop.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [] [x]
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [13196432 2012-09-25] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] %ProgramFiles%\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2611112 2012-09-05] ()
HKLM\...\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-05] ()
HKLM\...\Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] "C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe" /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip" /h [223242 2012-08-20] ()
HKLM\...\Run: [Creative SB Monitoring Utility] RunDll32 sbavmon.dll,SBAVMonitor [x]
HKCU\...\Run: [GoogleDriveSync] "c:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19662744 2013-04-16] (Google)
HKCU\...\Run: [Google Update] "C:\Users\Heinz\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-05-31] (Google Inc.)
HKCU\...\Run: [MusicManager] "C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" [7331840 2013-04-24] (Google Inc.)
HKCU\...\Run: [Unified Remote v2] C:\Program Files (x86)\Unified Remote\RemoteServer.exe [276568 2013-04-11] (Unified Intents AB)
HKLM-x32\...\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 [155488 2012-08-02] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642216 2012-09-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TPUReg] "C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe" /Retimes [7148032 2012-10-31] (Pegatron Corporation)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe" /r [241789 2010-02-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun [57344 2007-07-23] (Creative Technology Ltd.)
HKLM-x32\...\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-05-11] (Adobe Systems Incorporated)
Startup: C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
HKCU SearchScopes: DefaultScope {65AAC44C-F137-491E-B2E0-08FBBC6459A2} URL =
SearchScopes: HKCU - {65AAC44C-F137-491E-B2E0-08FBBC6459A2} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Chrome:
=======
CHR HomePage: hxxp://www.Twitter.com/
CHR Extension: (Easy Auto Refresh) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc\2.8_0
CHR Extension: (Angry Birds) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0
CHR Extension: (Google Docs) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0
CHR Extension: (Google Search) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google+) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm\1.2.0.418_0
CHR Extension: (Gmail) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 ClassicShellService; c:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-04-13] (IvoSoft)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-14] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-08-31] (Realtek Semiconductor)
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-09-25] (Toshiba Europe GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 Yontoo Desktop Updater; C:\Users\Heinz\AppData\Roaming\Yontoo\YontooDesktop.exe [47392 2013-05-22] (Yontoo LLC)
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-05-09] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378432 2013-05-09] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-05-09] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 ksaud; C:\Windows\system32\drivers\ksaud.sys [1588608 2010-07-30] (Creative Technology Ltd.)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-12] (PEGATRON)
S3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [1119232 2012-06-30] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-08 12:39 - 2013-06-08 12:39 - 00000000 ____D C:\FRST
2013-06-07 18:01 - 2013-06-07 18:01 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Malwarebytes
2013-06-07 18:01 - 2013-06-07 18:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-07 18:01 - 2013-06-07 18:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-07 18:01 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-07 13:02 - 2013-06-07 18:08 - 00000000 ____D C:\Windows\Minidump
2013-06-06 23:11 - 2013-06-06 23:11 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-06-06 11:09 - 2013-06-06 11:09 - 00000000 ____D C:\Program Files (x86)\Samsung Magician
2013-06-06 11:06 - 2013-06-06 11:09 - 00001114 ____A C:\Users\Public\Desktop\Samsung Magician.lnk
2013-06-05 11:10 - 2013-06-05 11:10 - 00000000 ____D C:\ProgramData\Synaptics
2013-06-04 09:15 - 2013-06-04 09:15 - 00203672 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
2013-06-04 09:15 - 2013-06-04 09:15 - 00103448 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys
2013-06-04 08:27 - 2013-06-04 08:27 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Unified Remote
2013-06-04 08:27 - 2013-06-04 08:27 - 00000000 ____D C:\Program Files (x86)\Unified Remote
2013-06-02 15:34 - 2013-06-02 15:34 - 00001055 ____A C:\Users\Heinz\Desktop\eclipse.lnk
2013-06-01 16:51 - 2013-06-01 16:51 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-05-31 13:57 - 2013-06-08 12:02 - 00000956 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2594244226-710932845-2937545045-1001UA.job
2013-05-31 13:56 - 2013-06-07 14:01 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2594244226-710932845-2937545045-1001Core.job
2013-05-26 16:14 - 2013-05-26 16:14 - 00000000 ____D C:\ProgramData\TOSHIBA Tempro
2013-05-26 16:14 - 2013-05-26 16:14 - 00000000 ____D C:\ProgramData\IsolatedStorage
2013-05-26 12:48 - 2013-05-26 12:48 - 00000000 ____D C:\Program Files (x86)\XMedia Recode
2013-05-26 11:07 - 2013-06-03 13:23 - 00000048 ____A C:\Users\Heinz\Desktop\W8.txt
2013-05-25 22:10 - 2013-05-25 22:10 - 00000000 ____D C:\Program Files\DIFX
2013-05-24 22:46 - 2013-06-06 22:39 - 00354840 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-24 13:45 - 2013-05-24 13:45 - 00000000 ____D C:\Users\Heinz\AppData\Local\Adobe
2013-05-23 16:19 - 2013-05-23 16:19 - 00001628 ____A C:\Users\Heinz\Desktop\Medien_Generator.lnk
2013-05-23 16:18 - 2013-05-23 16:18 - 00001520 ____A C:\Users\Heinz\Desktop\Medien.lnk
2013-05-23 16:02 - 2013-05-23 16:48 - 00000000 ____D C:\Windows\AutoKMS
2013-05-23 16:00 - 2013-05-23 16:00 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2013-05-23 15:53 - 2013-05-23 15:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-23 15:51 - 2013-05-23 15:51 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-05-23 15:51 - 2013-05-23 15:51 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-05-23 15:50 - 2013-05-23 15:51 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-05-23 15:50 - 2013-05-23 15:50 - 00000000 ____D C:\Windows\PCHEALTH
2013-05-23 15:48 - 2013-05-23 15:50 - 00000000 ____D C:\Program Files\Microsoft Office
2013-05-23 15:48 - 2013-05-23 15:48 - 00000000 __RHD C:\MSOCache
2013-05-23 15:48 - 2013-05-23 15:48 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-05-23 15:48 - 2013-05-23 15:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-05-23 15:48 - 2013-05-23 15:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-05-23 15:36 - 2013-05-23 15:36 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\WinRAR
2013-05-23 14:59 - 2013-05-23 14:59 - 00000956 ____A C:\Users\Heinz\Desktop\Dubstep.lnk
2013-05-23 14:40 - 2013-06-07 18:10 - 00007600 ____A C:\Users\Heinz\AppData\Local\Resmon.ResmonCfg
2013-05-23 14:22 - 2013-05-23 14:22 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Auslogics
2013-05-23 14:22 - 2013-05-23 14:22 - 00000000 ____D C:\Program Files (x86)\Auslogics
2013-05-23 13:42 - 2012-10-12 08:13 - 00109568 ____A (Microsoft Corporation) C:\Windows\System32\dskquota.dll
2013-05-23 13:42 - 2012-10-12 07:39 - 00082944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dskquota.dll
2013-05-23 13:41 - 2012-10-24 06:54 - 00396008 ____A (Microsoft Corporation) C:\Windows\System32\hal.dll
2013-05-23 13:41 - 2012-10-17 06:32 - 01172992 ____A (Microsoft Corporation) C:\Windows\System32\mfnetsrc.dll
2013-05-23 13:41 - 2012-10-17 06:32 - 00677888 ____A (Microsoft Corporation) C:\Windows\System32\mfnetcore.dll
2013-05-23 13:41 - 2012-10-17 06:32 - 00673280 ____A (Microsoft Corporation) C:\Windows\System32\mfmpeg2srcsnk.dll
2013-05-23 13:41 - 2012-10-17 05:57 - 00929792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2013-05-23 13:41 - 2012-10-17 05:57 - 00568832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2013-05-23 13:41 - 2012-10-17 05:57 - 00513024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2013-05-23 13:41 - 2012-10-11 09:47 - 00793200 ____A (Microsoft Corporation) C:\Windows\System32\mfplat.dll
2013-05-23 13:41 - 2012-10-11 09:35 - 02380944 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2013-05-23 13:41 - 2012-10-11 07:56 - 02115952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-05-23 13:41 - 2012-10-11 07:46 - 01395712 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll
2013-05-23 13:41 - 2012-10-11 07:45 - 00590848 ____A (Microsoft Corporation) C:\Windows\System32\SHCore.dll
2013-05-23 13:41 - 2012-10-11 07:45 - 00579584 ____A (Microsoft Corporation) C:\Windows\System32\StructuredQuery.dll
2013-05-23 13:41 - 2012-10-11 07:44 - 01265152 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-05-23 13:41 - 2012-10-11 07:44 - 00904192 ____A (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll
2013-05-23 13:41 - 2012-10-11 07:43 - 02206208 ____A (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2013-05-23 13:41 - 2012-10-11 07:42 - 00612416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2013-05-23 13:41 - 2012-10-11 07:07 - 01226752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2013-05-23 13:41 - 2012-10-11 07:06 - 01841152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-05-23 13:41 - 2012-10-11 02:45 - 00478424 ____A C:\Windows\SysWOW64\locale.nls
2013-05-23 13:41 - 2012-10-11 02:44 - 00478424 ____A C:\Windows\System32\locale.nls
2013-05-23 13:40 - 2012-10-11 09:25 - 00056552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sdstor.sys
2013-05-23 13:40 - 2012-10-11 09:23 - 00441576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2013-05-23 13:40 - 2012-10-11 09:18 - 00172264 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-05-23 13:40 - 2012-10-11 09:13 - 00058088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dam.sys
2013-05-23 13:40 - 2012-10-11 09:13 - 00033512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\battc.sys
2013-05-23 13:40 - 2012-10-11 09:08 - 00562392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-05-23 13:40 - 2012-10-11 07:46 - 00517120 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2013-05-23 13:40 - 2012-10-11 07:46 - 00154112 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Storage.Compression.dll
2013-05-23 13:40 - 2012-10-11 07:46 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\BdeUISrv.exe
2013-05-23 13:40 - 2012-10-11 07:46 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\wfapigp.dll
2013-05-23 13:40 - 2012-10-11 07:45 - 01045504 ____A (Microsoft Corporation) C:\Windows\System32\usercpl.dll
2013-05-23 13:40 - 2012-10-11 07:45 - 00505344 ____A (Microsoft Corporation) C:\Windows\System32\SpaceControl.dll
2013-05-23 13:40 - 2012-10-11 07:45 - 00370176 ____A (Microsoft Corporation) C:\Windows\System32\SysFxUI.dll
2013-05-23 13:40 - 2012-10-11 07:45 - 00055808 ____A (Microsoft Corporation) C:\Windows\System32\PCPKsp.dll
2013-05-23 13:40 - 2012-10-11 07:44 - 00561152 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2013-05-23 13:40 - 2012-10-11 07:44 - 00355328 ____A (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2013-05-23 13:40 - 2012-10-11 07:44 - 00264704 ____A (Microsoft Corporation) C:\Windows\System32\ListSvc.dll
2013-05-23 13:40 - 2012-10-11 07:44 - 00259584 ____A (Microsoft Corporation) C:\Windows\System32\input.dll
2013-05-23 13:40 - 2012-10-11 07:44 - 00105984 ____A (Microsoft Corporation) C:\Windows\System32\icfupgd.dll
2013-05-23 13:40 - 2012-10-11 07:43 - 01836032 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-23 13:40 - 2012-10-11 07:43 - 01294336 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-05-23 13:40 - 2012-10-11 07:43 - 01280000 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-23 13:40 - 2012-10-11 07:43 - 00757760 ____A (Microsoft Corporation) C:\Windows\System32\FirewallAPI.dll
2013-05-23 13:40 - 2012-10-11 07:43 - 00331776 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll
2013-05-23 13:40 - 2012-10-11 07:43 - 00244224 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2013-05-23 13:40 - 2012-10-11 07:43 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\bdesvc.dll
2013-05-23 13:40 - 2012-10-11 07:43 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\AppxSip.dll
2013-05-23 13:40 - 2012-10-11 07:43 - 00081920 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc.dll
2013-05-23 13:40 - 2012-10-11 07:43 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2013-05-23 13:40 - 2012-10-11 07:23 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\microsoft-windows-pdc.dll
2013-05-23 13:40 - 2012-10-11 07:23 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\kbdhebl3.dll
2013-05-23 13:40 - 2012-10-11 07:19 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys
2013-05-23 13:40 - 2012-10-11 07:18 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2013-05-23 13:40 - 2012-10-11 07:16 - 00286208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2013-05-23 13:40 - 2012-10-11 07:15 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys
2013-05-23 13:40 - 2012-10-11 07:07 - 00962560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2013-05-23 13:40 - 2012-10-11 07:07 - 00460800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2013-05-23 13:40 - 2012-10-11 07:07 - 00414720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2013-05-23 13:40 - 2012-10-11 07:07 - 00116224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Compression.dll
2013-05-23 13:40 - 2012-10-11 07:07 - 00047616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2013-05-23 13:40 - 2012-10-11 07:07 - 00019968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2013-05-23 13:40 - 2012-10-11 07:06 - 01420800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-23 13:40 - 2012-10-11 07:06 - 00550912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2013-05-23 13:40 - 2012-10-11 07:06 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-05-23 13:40 - 2012-10-11 07:06 - 00289280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-05-23 13:40 - 2012-10-11 07:06 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2013-05-23 13:40 - 2012-10-11 07:06 - 00219648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2013-05-23 13:40 - 2012-10-11 07:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-05-23 13:40 - 2012-10-11 07:06 - 00060416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2013-05-23 13:40 - 2012-10-11 07:06 - 00051712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-05-23 13:40 - 2012-10-11 07:05 - 00099840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2013-05-23 13:40 - 2012-10-11 06:42 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kbdhebl3.dll
2013-05-23 13:40 - 2012-10-11 05:11 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-05-23 13:37 - 2012-11-29 07:05 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2013-05-23 13:37 - 2012-11-29 07:05 - 00707584 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2013-05-23 13:37 - 2012-11-27 08:39 - 01122768 ____A (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
2013-05-23 13:37 - 2012-11-27 06:49 - 01027152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2013-05-23 13:37 - 2012-11-27 06:20 - 01217536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2013-05-23 13:37 - 2012-11-27 06:20 - 01048064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-05-23 13:37 - 2012-11-27 06:20 - 00798208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2013-05-23 13:37 - 2012-11-27 06:20 - 00680960 ____A (Microsoft Corporation) C:\Windows\System32\vds.exe
2013-05-23 13:37 - 2012-11-27 06:20 - 00560128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2013-05-23 13:37 - 2012-11-27 06:20 - 00179200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2013-05-23 13:37 - 2012-11-27 06:19 - 03245568 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2013-05-23 13:37 - 2012-11-27 06:19 - 01536512 ____A (Microsoft Corporation) C:\Windows\System32\storagewmi.dll
2013-05-23 13:37 - 2012-11-27 06:19 - 00955904 ____A (Microsoft Corporation) C:\Windows\System32\WebcamUi.dll
2013-05-23 13:37 - 2012-11-27 06:19 - 00631808 ____A (Microsoft Corporation) C:\Windows\System32\UserLanguagesCpl.dll
2013-05-23 13:37 - 2012-11-27 06:19 - 00244736 ____A (Microsoft Corporation) C:\Windows\System32\wpnapps.dll
2013-05-23 13:37 - 2012-11-27 06:18 - 01071104 ____A (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2013-05-23 13:37 - 2012-11-27 06:17 - 00718848 ____A (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2013-05-23 13:37 - 2012-11-20 07:24 - 01164800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2013-05-23 13:37 - 2012-11-20 07:17 - 01184256 ____A (Microsoft Corporation) C:\Windows\System32\Display.dll
2013-05-23 13:37 - 2012-11-20 07:02 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL
2013-05-23 13:37 - 2012-11-20 06:59 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDKURD.DLL
2013-05-23 13:37 - 2012-11-08 06:25 - 00523776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-05-23 13:37 - 2012-11-08 06:25 - 00143872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-05-23 13:37 - 2012-11-08 06:25 - 00124928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-05-23 13:37 - 2012-11-08 06:22 - 00641536 ____A (Microsoft Corporation) C:\Windows\System32\WSShared.dll
2013-05-23 13:37 - 2012-11-08 06:22 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.dll
2013-05-23 13:37 - 2012-11-08 06:22 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-05-23 13:37 - 2012-10-12 10:08 - 00027880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2013-05-23 13:36 - 2012-12-04 06:21 - 00368640 ____A (Microsoft Corporation) C:\Windows\System32\sppwinob.dll
2013-05-23 13:36 - 2012-11-27 06:20 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2013-05-23 13:36 - 2012-11-27 06:20 - 00702464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-05-23 13:36 - 2012-11-27 06:20 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll
2013-05-23 13:36 - 2012-11-27 06:19 - 00245248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-05-23 13:36 - 2012-11-27 06:18 - 00888832 ____A (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2013-05-23 13:36 - 2012-11-27 06:18 - 00378880 ____A (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2013-05-23 13:36 - 2012-10-12 08:14 - 00036352 ____A (Microsoft Corporation) C:\Windows\System32\rfxvmt.dll
2013-05-23 13:36 - 2012-10-12 07:50 - 00235520 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2013-05-23 13:36 - 2012-09-11 07:28 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\vdsldr.exe
2013-05-23 13:36 - 2012-09-11 07:27 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\vdsutil.dll
2013-05-23 13:36 - 2012-09-11 07:27 - 00120832 ____A (Microsoft Corporation) C:\Windows\System32\vds_ps.dll
2013-05-23 13:35 - 2012-11-06 09:52 - 00277736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2013-05-23 13:35 - 2012-11-06 09:33 - 01566432 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
2013-05-23 13:35 - 2012-11-06 06:48 - 01150160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2013-05-23 13:35 - 2012-11-06 06:20 - 00883712 ____A (Microsoft Corporation) C:\Windows\HelpPane.exe
2013-05-23 13:35 - 2012-11-06 06:20 - 00516608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2013-05-23 13:35 - 2012-11-06 06:20 - 00386560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2013-05-23 13:35 - 2012-11-06 06:20 - 00375296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2013-05-23 13:35 - 2012-11-06 06:20 - 00314880 ____A (Microsoft Corporation) C:\Windows\System32\rdpclip.exe
2013-05-23 13:35 - 2012-11-06 06:20 - 00202240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2013-05-23 13:35 - 2012-11-06 06:20 - 00093696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2013-05-23 13:35 - 2012-11-06 06:20 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 08552448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 01451520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 01386496 ____A (Microsoft Corporation) C:\Windows\System32\wlansvc.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 00710656 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 00470016 ____A (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 00466944 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 00446464 ____A (Microsoft Corporation) C:\Windows\System32\wlansec.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 00273408 ____A (Microsoft Corporation) C:\Windows\System32\wlanapi.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\WcnApi.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 00126464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\wfdprov.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapPeerProxy.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapAuthProxy.dll
2013-05-23 13:35 - 2012-11-06 06:18 - 11459584 ____A (Microsoft Corporation) C:\Windows\System32\glcndFilter.dll
2013-05-23 13:35 - 2012-11-06 06:18 - 01526784 ____A (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2013-05-23 13:35 - 2012-11-06 06:18 - 01037312 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2013-05-23 13:35 - 2012-11-06 06:18 - 00976384 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-05-23 13:35 - 2012-11-06 06:18 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2013-05-23 13:35 - 2012-11-06 06:18 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-05-23 13:35 - 2012-11-06 06:18 - 00189440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2013-05-23 13:35 - 2012-11-06 06:18 - 00172032 ____A (Microsoft Corporation) C:\Windows\System32\MFCaptureEngine.dll
2013-05-23 13:35 - 2012-11-06 06:18 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\fdWCN.dll
2013-05-23 13:35 - 2012-11-06 06:18 - 00084992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2013-05-23 13:35 - 2012-11-06 06:17 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\bthprops.cpl
2013-05-23 13:35 - 2012-11-06 06:17 - 00110080 ____A (Microsoft Corporation) C:\Windows\System32\dafWCN.dll
2013-05-23 13:35 - 2012-11-06 06:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\iscsilog.dll
2013-05-23 13:35 - 2012-11-06 05:58 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\wlanhlp.dll
2013-05-23 13:35 - 2012-11-06 05:56 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2013-05-23 13:35 - 2012-11-06 05:55 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys
2013-05-23 13:35 - 2012-11-06 05:55 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys
2013-05-23 13:35 - 2012-11-06 05:55 - 00088064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys
2013-05-23 13:35 - 2012-11-06 05:55 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys
2013-05-23 13:35 - 2012-11-06 05:55 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fxppm.sys
2013-05-23 13:35 - 2012-11-06 05:53 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-05-23 13:35 - 2012-11-06 05:51 - 00665600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-05-23 13:13 - 2013-05-24 11:38 - 00000000 ____D C:\Users\Heinz\.android
2013-05-23 12:23 - 2013-06-07 18:08 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Media Player Classic
2013-05-23 12:20 - 2013-06-07 18:20 - 00133120 __ASH C:\Users\Heinz\Desktop\Thumbs.db
2013-05-23 12:20 - 2013-05-23 12:20 - 00000640 ____A C:\Users\Heinz\Desktop\Thomas.lnk
2013-05-23 12:16 - 2013-05-23 12:16 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2013-05-23 11:38 - 2013-05-23 11:38 - 00000000 ___HD C:\ProgramData\CanonBJ
2013-05-23 11:10 - 2013-05-23 11:10 - 00000000 ____D C:\ProgramData\Creative
2013-05-23 04:54 - 2013-05-07 22:07 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-23 04:54 - 2013-05-07 22:07 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-23 04:49 - 2013-05-23 11:09 - 00000000 ___RD C:\Windows\BrowserChoice
2013-05-23 04:00 - 2013-05-03 17:15 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-22 21:04 - 2013-01-10 01:26 - 01611776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2013-05-22 21:04 - 2013-01-10 01:26 - 00890880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-05-22 21:04 - 2013-01-10 01:23 - 02094592 ____A (Microsoft Corporation) C:\Windows\System32\mmc.exe
2013-05-22 21:04 - 2013-01-10 01:23 - 01964544 ____A (Microsoft Corporation) C:\Windows\System32\wlidsvc.dll
2013-05-22 21:04 - 2013-01-10 01:22 - 01120768 ____A (Microsoft Corporation) C:\Windows\System32\msctf.dll
2013-05-22 21:04 - 2012-08-31 02:53 - 00017888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2013-05-22 21:04 - 2012-08-31 02:52 - 00017888 ____A (Microsoft Corporation) C:\Windows\System32\msvcr100_clr0400.dll
2013-05-22 21:03 - 2013-04-09 06:51 - 14267904 ____A (Microsoft Corporation) C:\Windows\System32\wmp.dll
2013-05-22 21:03 - 2013-04-09 06:51 - 13648384 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-05-22 21:03 - 2013-04-09 06:51 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-05-22 21:03 - 2013-04-09 06:51 - 03552768 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2013-05-22 21:03 - 2013-04-09 06:50 - 02107904 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2013-05-22 21:03 - 2013-04-09 04:35 - 04038144 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-22 21:03 - 2013-04-08 23:52 - 11878912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-05-22 21:03 - 2013-04-08 23:51 - 10789888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-05-22 21:03 - 2013-04-08 23:51 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-05-22 21:03 - 2013-03-02 13:02 - 00058288 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-05-22 21:03 - 2013-03-02 12:57 - 00337128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
2013-05-22 21:03 - 2013-03-02 12:57 - 00332520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2013-05-22 21:03 - 2013-03-02 12:57 - 00077544 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storahci.sys
2013-05-22 21:03 - 2013-03-02 12:45 - 00194792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2013-05-22 21:03 - 2013-03-02 12:45 - 00148712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tpm.sys
2013-05-22 21:03 - 2013-03-02 12:45 - 00125160 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2013-05-22 21:03 - 2013-03-02 12:39 - 00495336 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2013-05-22 21:03 - 2013-03-02 12:39 - 00327912 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2013-05-22 21:03 - 2013-03-02 11:59 - 02231528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-05-22 21:03 - 2013-03-02 11:59 - 00411880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-05-22 21:03 - 2013-03-02 10:24 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-05-22 21:03 - 2013-03-02 10:23 - 01338880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-22 21:03 - 2013-03-02 10:23 - 00893952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2013-05-22 21:03 - 2013-03-02 10:23 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-05-22 21:03 - 2013-03-02 10:23 - 00601088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2013-05-22 21:03 - 2013-03-02 10:23 - 00504320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2013-05-22 21:03 - 2013-03-02 10:23 - 00356352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-05-22 21:03 - 2013-03-02 10:23 - 00246784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-05-22 21:03 - 2013-03-02 10:23 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-05-22 21:03 - 2013-03-02 10:23 - 00100864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2013-05-22 21:03 - 2013-03-02 10:23 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-05-22 21:03 - 2013-03-02 10:22 - 05091840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-05-22 21:03 - 2013-03-02 10:22 - 00850944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-05-22 21:03 - 2013-03-02 10:22 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2013-05-22 21:03 - 2013-03-02 10:21 - 00550912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2013-05-22 21:03 - 2013-03-02 10:21 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-05-22 21:03 - 2013-03-02 10:21 - 00145408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2013-05-22 21:03 - 2013-03-02 10:21 - 00036352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 03240448 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 01627648 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 01161728 ____A (Microsoft Corporation) C:\Windows\System32\sppobjs.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 01149952 ____A (Microsoft Corporation) C:\Windows\System32\winmde.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 01101824 ____A (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00951808 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Globalization.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00760320 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00645120 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\usbmon.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00240640 ____A (Microsoft Corporation) C:\Windows\System32\fsquirt.exe
2013-05-22 21:03 - 2013-03-02 04:45 - 00180224 ____A (Microsoft Corporation) C:\Windows\System32\SystemEventsBrokerServer.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00171008 ____A (Microsoft Corporation) C:\Windows\System32\TimeBrokerServer.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\wpdbusenum.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00077824 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2013-05-22 21:03 - 2013-03-02 04:45 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\taskhostex.exe
2013-05-22 21:03 - 2013-03-02 04:45 - 00071168 ____A (Microsoft Corporation) C:\Windows\System32\WSDPrintProxy.DLL
2013-05-22 21:03 - 2013-03-02 04:45 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-05-22 21:03 - 2013-03-02 04:44 - 05978624 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-05-22 21:03 - 2013-03-02 04:44 - 01048576 ____A (Microsoft Corporation) C:\Windows\System32\mfasfsrcsnk.dll
2013-05-22 21:03 - 2013-03-02 04:44 - 00703488 ____A (Microsoft Corporation) C:\Windows\System32\drvstore.dll
2013-05-22 21:03 - 2013-03-02 04:44 - 00455168 ____A (Microsoft Corporation) C:\Windows\System32\netcfgx.dll
2013-05-22 21:03 - 2013-03-02 04:44 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\SettingSync.dll
2013-05-22 21:03 - 2013-03-02 04:44 - 00150016 ____A (Microsoft Corporation) C:\Windows\System32\discan.dll
2013-05-22 21:03 - 2013-03-02 04:44 - 00128512 ____A (Microsoft Corporation) C:\Windows\System32\SettingSyncInfo.dll
2013-05-22 21:03 - 2013-03-02 04:44 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\NdisImPlatform.dll
2013-05-22 21:03 - 2013-03-02 04:44 - 00049152 ____A (Microsoft Corporation) C:\Windows\System32\DevDispItemProvider.dll
2013-05-22 21:03 - 2013-03-02 04:43 - 00389120 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll
2013-05-22 21:03 - 2013-03-02 04:43 - 00156160 ____A (Microsoft Corporation) C:\Windows\System32\powercfg.cpl
2013-05-22 21:03 - 2013-03-02 04:15 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mouhid.sys
2013-05-22 21:03 - 2013-03-01 06:56 - 00156672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rfcomm.sys
2013-05-22 21:03 - 2013-03-01 06:56 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\monitor.sys
2013-05-22 21:03 - 2013-03-01 06:55 - 01175040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2013-05-22 21:03 - 2013-01-10 03:53 - 00028904 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msgpiowin32.sys
2013-05-22 21:03 - 2013-01-10 03:29 - 00785504 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2013-05-22 21:03 - 2013-01-10 03:29 - 00091880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2013-05-22 21:03 - 2013-01-10 01:26 - 01752064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2013-05-22 21:03 - 2013-01-10 01:26 - 00436736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2013-05-22 21:03 - 2013-01-10 01:26 - 00261120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2013-05-22 21:03 - 2013-01-10 01:26 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe
2013-05-22 21:03 - 2013-01-10 01:26 - 00067584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-05-22 21:03 - 2013-01-10 01:23 - 01886208 ____A (Microsoft Corporation) C:\Windows\System32\setupapi.dll
2013-05-22 21:03 - 2013-01-10 01:23 - 00728064 ____A (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2013-05-22 21:03 - 2013-01-10 01:23 - 00406016 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Media.dll
2013-05-22 21:03 - 2013-01-10 01:23 - 00256000 ____A (Microsoft Corporation) C:\Windows\System32\WSDMon.dll
2013-05-22 21:03 - 2013-01-10 01:23 - 00095232 ____A (Microsoft Corporation) C:\Windows\System32\wiaacmgr.exe
2013-05-22 21:03 - 2013-01-10 01:22 - 00894464 ____A (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2013-05-22 21:03 - 2013-01-10 01:22 - 00666112 ____A (Microsoft Corporation) C:\Windows\System32\MP4SDECD.DLL
2013-05-22 21:03 - 2013-01-10 01:22 - 00438272 ____A (Microsoft Corporation) C:\Windows\System32\lsm.dll
2013-05-22 21:03 - 2013-01-10 01:22 - 00159232 ____A (Microsoft Corporation) C:\Windows\System32\inetpp.dll
2013-05-22 21:03 - 2013-01-09 05:59 - 00341504 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\HdAudio.sys
2013-05-22 21:03 - 2013-01-09 05:59 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BTHUSB.SYS
2013-05-22 21:03 - 2013-01-09 05:58 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
2013-05-22 21:03 - 2012-11-06 06:20 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-05-22 21:03 - 2012-11-06 06:20 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\wuaext.dll
2013-05-22 21:03 - 2012-11-06 06:00 - 00099328 ____A (Microsoft Corporation) C:\Windows\System32\wushareduxresources.dll
2013-05-22 21:03 - 2012-11-02 07:20 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2013-05-22 21:03 - 2012-11-02 07:19 - 00171520 ____A (Microsoft Corporation) C:\Windows\System32\ncbservice.dll
2013-05-22 21:03 - 2012-11-02 07:18 - 00107520 ____A (Microsoft Corporation) C:\Windows\System32\httpprxm.dll
2013-05-22 21:03 - 2012-11-02 07:18 - 00062464 ____A (Microsoft Corporation) C:\Windows\System32\adhsvc.dll
2013-05-22 21:03 - 2012-11-02 07:18 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\adhapi.dll
2013-05-22 21:03 - 2012-11-02 07:18 - 00017920 ____A (Microsoft Corporation) C:\Windows\System32\httpprxp.dll
2013-05-22 21:03 - 2012-11-02 07:18 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\keepaliveprovider.dll
2013-05-22 21:02 - 2013-04-16 04:34 - 01455368 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-22 21:02 - 2013-04-10 01:17 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-22 21:02 - 2013-04-10 01:16 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-22 21:02 - 2013-04-10 01:16 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-22 21:02 - 2013-04-10 00:29 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-22 21:02 - 2013-04-10 00:29 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-22 21:02 - 2013-04-09 07:33 - 00489576 ____A (Microsoft Corporation) C:\Windows\System32\AudioEng.dll
2013-05-22 21:02 - 2013-04-09 07:33 - 00446792 ____A (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2013-05-22 21:02 - 2013-04-09 07:33 - 00253544 ____A (Microsoft Corporation) C:\Windows\System32\audiodg.exe
2013-05-22 21:02 - 2013-04-09 07:27 - 00284424 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-05-22 21:02 - 2013-04-09 07:20 - 00306952 ____A (Microsoft Corporation) C:\Windows\System32\kd_02_10ec.dll
2013-05-22 21:02 - 2013-04-09 07:20 - 00086280 ____A (Microsoft Corporation) C:\Windows\System32\kdnet.dll
2013-05-22 21:02 - 2013-04-09 07:18 - 00077960 ____A (Microsoft Corporation) C:\Windows\System32\kdvm.dll
2013-05-22 21:02 - 2013-04-09 07:17 - 01829408 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-05-22 21:02 - 2013-04-09 06:52 - 00816128 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2013-05-22 21:02 - 2013-04-09 06:52 - 00804352 ____A (Microsoft Corporation) C:\Windows\System32\RecoveryDrive.exe
2013-05-22 21:02 - 2013-04-09 06:52 - 00373760 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2013-05-22 21:02 - 2013-04-09 06:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2013-05-22 21:02 - 2013-04-09 06:52 - 00126464 ____A (Microsoft Corporation) C:\Windows\System32\Robocopy.exe
2013-05-22 21:02 - 2013-04-09 06:51 - 00595456 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.dll
2013-05-22 21:02 - 2013-04-09 06:51 - 00523264 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-22 21:02 - 2013-04-09 06:51 - 00456704 ____A (Microsoft Corporation) C:\Windows\System32\wpncore.dll
2013-05-22 21:02 - 2013-04-09 06:51 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
2013-05-22 21:02 - 2013-04-09 06:51 - 00367616 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-05-22 21:02 - 2013-04-09 06:51 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wscsvc.dll
2013-05-22 21:02 - 2013-04-09 06:50 - 01285632 ____A (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2013-05-22 21:02 - 2013-04-09 06:50 - 00745984 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2013-05-22 21:02 - 2013-04-09 06:50 - 00435200 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2013-05-22 21:02 - 2013-04-09 06:50 - 00422400 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-05-22 21:02 - 2013-04-09 06:50 - 00414720 ____A (Microsoft Corporation) C:\Windows\System32\GenuineCenter.dll
2013-05-22 21:02 - 2013-04-09 06:50 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\mssprxy.dll
2013-05-22 21:02 - 2013-04-09 06:50 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2013-05-22 21:02 - 2013-04-09 06:50 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\msshooks.dll
2013-05-22 21:02 - 2013-04-09 06:49 - 01444864 ____A (Microsoft Corporation) C:\Windows\System32\MSAudDecMFT.dll
2013-05-22 21:02 - 2013-04-09 06:49 - 00817152 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2013-05-22 21:02 - 2013-04-09 06:49 - 00468992 ____A (Microsoft Corporation) C:\Windows\System32\MFMediaEngine.dll
2013-05-22 21:02 - 2013-04-09 06:49 - 00281088 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2013-05-22 21:02 - 2013-04-09 06:49 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\fhengine.dll
2013-05-22 21:02 - 2013-04-09 06:49 - 00210432 ____A (Microsoft Corporation) C:\Windows\System32\iuilp.dll
2013-05-22 21:02 - 2013-04-09 06:49 - 00196096 ____A (Microsoft Corporation) C:\Windows\System32\dmvdsitf.dll
2013-05-22 21:02 - 2013-04-09 06:49 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\dwmredir.dll
2013-05-22 21:02 - 2013-04-09 06:49 - 00050176 ____A (Microsoft Corporation) C:\Windows\System32\fmifs.dll
2013-05-22 21:02 - 2013-04-09 06:48 - 02303488 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-22 21:02 - 2013-04-09 06:48 - 00785408 ____A (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2013-05-22 21:02 - 2013-04-09 06:48 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2013-05-22 21:02 - 2013-04-09 06:48 - 00169472 ____A (Microsoft Corporation) C:\Windows\System32\AudioEndpointBuilder.dll
2013-05-22 21:02 - 2013-04-09 04:34 - 00095744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2013-05-22 21:02 - 2013-04-09 04:34 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-05-22 21:02 - 2013-04-09 04:34 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-05-22 21:02 - 2013-04-09 04:33 - 00623104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2013-05-22 21:02 - 2013-04-09 04:33 - 00060416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2013-05-22 21:02 - 2013-04-09 04:32 - 00805376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\PEAuth.sys
2013-05-22 21:02 - 2013-04-09 04:31 - 00247808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2013-05-22 21:02 - 2013-04-09 04:31 - 00083456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2013-05-22 21:02 - 2013-04-09 01:44 - 00123880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2013-05-22 21:02 - 2013-04-09 01:39 - 01408896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-05-22 21:02 - 2013-04-09 01:37 - 00426024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2013-05-22 21:02 - 2013-04-09 01:37 - 00324368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2013-05-22 21:02 - 2013-04-08 23:52 - 00670208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2013-05-22 21:02 - 2013-04-08 23:52 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-22 21:02 - 2013-04-08 23:52 - 00302592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2013-05-22 21:02 - 2013-04-08 23:52 - 00171008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2013-05-22 21:02 - 2013-04-08 23:52 - 00106496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2013-05-22 21:02 - 2013-04-08 23:51 - 02767360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 02035200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 01593344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 01113600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00659456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00656896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00403968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-05-22 21:02 - 2013-04-08 23:51 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00324096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00268800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00214528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00186880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00155648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fmifs.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00035328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2013-05-22 21:02 - 2013-04-05 01:30 - 00503080 ____A (Microsoft Corporation) C:\Windows\System32\ci.dll
2013-05-22 21:02 - 2013-04-03 00:08 - 00387688 ____A C:\Windows\System32\ApnDatabase.xml
2013-05-22 21:02 - 2013-03-30 20:16 - 01403784 ____A (Microsoft Corporation) C:\Windows\System32\winload.efi
2013-05-22 21:02 - 2013-03-30 20:16 - 01267424 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
2013-05-22 21:02 - 2013-03-29 00:09 - 01217328 ____A (Microsoft Corporation) C:\Windows\System32\winresume.efi
2013-05-22 21:02 - 2013-03-29 00:09 - 01093880 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
2013-05-22 21:02 - 2013-03-16 00:05 - 00298456 ____A (Microsoft Corporation) C:\Windows\System32\rsaenh.dll
2013-05-22 21:02 - 2013-03-16 00:05 - 00252928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2013-05-22 21:02 - 2013-03-02 12:39 - 00069864 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pdc.sys
2013-05-22 21:02 - 2013-03-02 04:43 - 02146304 ____A (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2013-05-22 21:02 - 2013-02-07 03:33 - 00754176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2013-05-22 21:02 - 2013-02-02 10:40 - 00155136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2013-05-22 21:02 - 2013-02-02 10:23 - 00228352 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
2013-05-22 21:02 - 2013-01-10 03:40 - 00303848 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-22 21:02 - 2012-12-13 06:00 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-05-22 21:02 - 2012-12-13 05:59 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-05-22 21:02 - 2012-11-20 06:54 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidi2c.sys
2013-05-22 21:02 - 2012-11-10 06:23 - 00148480 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2013-05-22 21:02 - 2012-11-10 06:23 - 00132608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-05-22 21:02 - 2012-11-10 06:22 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\tssdisai.dll
2013-05-22 21:02 - 2012-11-10 06:22 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\RDWebAI.dll
2013-05-22 21:02 - 2012-11-10 06:22 - 00122880 ____A (Microsoft Corporation) C:\Windows\System32\VmHostAI.dll
2013-05-22 21:02 - 2012-11-10 06:20 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\appserverai.dll
2013-05-22 21:02 - 2012-11-06 09:33 - 00522640 ____A (Microsoft Corporation) C:\Windows\System32\AUDIOKSE.dll
2013-05-22 21:02 - 2012-11-06 07:00 - 00463768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2013-05-22 21:02 - 2012-11-06 06:18 - 00267264 ____A (Microsoft Corporation) C:\Windows\System32\EncDump.dll
2013-05-22 21:02 - 2012-10-11 07:44 - 00246272 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2013-05-22 21:02 - 2012-10-11 07:44 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\mssitlb.dll
2013-05-22 21:02 - 2012-10-11 07:06 - 00094208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2013-05-22 21:02 - 2012-10-11 07:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2013-05-22 21:02 - 2012-10-10 09:04 - 00094208 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2013-05-22 21:02 - 2012-10-10 08:31 - 00072192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-05-22 21:01 - 2013-04-11 08:40 - 06987528 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-05-22 21:01 - 2013-04-10 01:17 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-22 21:01 - 2013-04-10 01:17 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-22 21:01 - 2013-04-10 01:17 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-05-22 21:01 - 2013-04-10 01:17 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-22 21:01 - 2013-04-10 01:17 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-22 21:01 - 2013-04-10 01:16 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-22 21:01 - 2013-04-10 01:16 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-22 21:01 - 2013-04-10 00:30 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-22 21:01 - 2013-04-10 00:30 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-22 21:01 - 2013-04-10 00:29 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-22 21:01 - 2013-04-10 00:29 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-22 21:01 - 2013-04-10 00:29 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-22 21:01 - 2013-04-10 00:29 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-22 21:01 - 2013-02-21 12:29 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-22 21:01 - 2013-02-21 12:29 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-22 21:01 - 2013-02-21 12:29 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-22 21:01 - 2013-02-21 12:29 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-22 21:01 - 2013-02-21 12:14 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-22 21:01 - 2013-02-21 12:14 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-22 21:01 - 2013-02-19 11:53 - 00534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-05-22 21:01 - 2013-02-12 03:30 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-05-22 21:01 - 2013-02-12 02:56 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-05-22 21:01 - 2013-01-29 03:57 - 00035232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdBoot.sys
2013-05-22 21:01 - 2013-01-29 01:08 - 00230904 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdFilter.sys
2013-05-22 21:01 - 2013-01-04 07:32 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-22 21:01 - 2013-01-04 06:19 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-22 21:01 - 2012-11-26 06:21 - 00071168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2013-05-22 21:01 - 2012-11-26 06:20 - 00086016 ____A (Microsoft Corporation) C:\Windows\System32\ncryptsslp.dll
2013-05-22 21:01 - 2012-11-08 06:20 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-22 21:01 - 2012-11-08 06:20 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-22 21:00 - 2013-02-02 13:19 - 00496872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2013-05-22 21:00 - 2013-02-02 13:19 - 00446184 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2013-05-22 21:00 - 2013-02-02 13:19 - 00061672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\crashdmp.sys
2013-05-22 21:00 - 2013-02-02 12:54 - 01933544 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-05-22 21:00 - 2013-02-02 12:28 - 00993512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2013-05-22 21:00 - 2013-02-02 10:40 - 00410624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
2013-05-22 21:00 - 2013-02-02 10:40 - 00370688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2013-05-22 21:00 - 2013-02-02 10:40 - 00197632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2013-05-22 21:00 - 2013-02-02 10:40 - 00080896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tasklist.exe
2013-05-22 21:00 - 2013-02-02 10:40 - 00079360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskkill.exe
2013-05-22 21:00 - 2013-02-02 10:39 - 00157696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2013-05-22 21:00 - 2013-02-02 10:39 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-05-22 21:00 - 2013-02-02 10:39 - 00055296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-05-22 21:00 - 2013-02-02 10:39 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-05-22 21:00 - 2013-02-02 10:39 - 00015872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlmproxy.dll
2013-05-22 21:00 - 2013-02-02 10:39 - 00012288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlmsprep.dll
2013-05-22 21:00 - 2013-02-02 10:38 - 00567808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2013-05-22 21:00 - 2013-02-02 10:24 - 00107520 ____A (Microsoft Corporation) C:\Windows\System32\taskkill.exe
2013-05-22 21:00 - 2013-02-02 10:24 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\tasklist.exe
2013-05-22 21:00 - 2013-02-02 10:23 - 00731648 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-05-22 21:00 - 2013-02-02 10:23 - 00611840 ____A (Microsoft Corporation) C:\Windows\System32\wpd_ci.dll
2013-05-22 21:00 - 2013-02-02 10:23 - 00543232 ____A (Microsoft Corporation) C:\Windows\System32\wlroamextension.dll
2013-05-22 21:00 - 2013-02-02 10:23 - 00475136 ____A (Microsoft Corporation) C:\Windows\System32\WWanAPI.dll
2013-05-22 21:00 - 2013-02-02 10:23 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Connectivity.dll
2013-05-22 21:00 - 2013-02-02 10:23 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\wersvc.dll
2013-05-22 21:00 - 2013-02-02 10:21 - 00467456 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll
2013-05-22 21:00 - 2013-02-02 10:21 - 00385024 ____A (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2013-05-22 21:00 - 2013-02-02 10:21 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\mbsmsapi.dll
2013-05-22 21:00 - 2013-02-02 10:20 - 00729600 ____A (Microsoft Corporation) C:\Windows\System32\duser.dll
2013-05-22 21:00 - 2013-02-02 10:20 - 00260096 ____A (Microsoft Corporation) C:\Windows\System32\hotspotauth.dll
2013-05-22 21:00 - 2013-02-02 09:25 - 00297984 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2013-05-22 21:00 - 2013-02-02 09:25 - 00037632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BthAvrcpTg.sys
2013-05-22 21:00 - 2012-11-27 05:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BtaMPM.sys
2013-05-22 21:00 - 2012-11-27 05:55 - 00029952 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BthhfHid.sys
2013-05-22 21:00 - 2012-11-20 06:56 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2013-05-22 21:00 - 2012-11-03 07:26 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\dpnsvr.exe
2013-05-22 21:00 - 2012-11-03 07:26 - 00032256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2013-05-22 21:00 - 2012-11-03 07:24 - 00463872 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2013-05-22 21:00 - 2012-11-03 07:24 - 00375808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-05-22 21:00 - 2012-11-03 07:24 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\dpnathlp.dll
2013-05-22 21:00 - 2012-11-03 07:24 - 00058880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2013-05-22 21:00 - 2012-11-03 07:24 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dpnhupnp.dll
2013-05-22 21:00 - 2012-11-03 07:24 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dpnhpast.dll
2013-05-22 21:00 - 2012-11-03 07:24 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2013-05-22 21:00 - 2012-11-03 07:24 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2013-05-22 21:00 - 2012-11-03 07:04 - 00004096 ____A (Microsoft Corporation) C:\Windows\System32\dpnlobby.dll
2013-05-22 21:00 - 2012-11-03 07:04 - 00003584 ____A (Microsoft Corporation) C:\Windows\System32\dpnaddr.dll
2013-05-22 21:00 - 2012-11-03 07:00 - 00003072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2013-05-22 21:00 - 2012-11-03 07:00 - 00002560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2013-05-22 21:00 - 2012-11-01 06:41 - 01802240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-05-22 21:00 - 2012-11-01 06:41 - 01438720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-05-22 21:00 - 2012-11-01 06:40 - 02361344 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-05-22 21:00 - 2012-11-01 06:40 - 01836032 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2013-05-22 21:00 - 2012-11-01 06:21 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml6r.dll
2013-05-22 21:00 - 2012-11-01 06:21 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2013-05-22 21:00 - 2012-11-01 06:20 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2013-05-22 21:00 - 2012-11-01 06:20 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2013-05-22 21:00 - 2012-10-24 05:25 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\pcalua.exe
2013-05-22 21:00 - 2012-10-24 05:24 - 00405504 ____A (Microsoft Corporation) C:\Windows\System32\pcasvc.dll
2013-05-22 21:00 - 2012-10-24 05:24 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\pcadm.dll
2013-05-22 21:00 - 2012-10-24 05:05 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\pcaevts.dll
2013-05-22 20:59 - 2013-03-22 05:49 - 02382336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2013-05-22 20:59 - 2013-03-22 00:47 - 02851840 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll
2013-05-22 20:59 - 2013-03-15 02:17 - 00861184 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2013-05-22 20:59 - 2013-03-06 09:10 - 00112872 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-22 20:59 - 2013-03-06 08:31 - 19758592 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-22 20:59 - 2013-03-06 08:31 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-22 20:59 - 2013-03-06 08:29 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-22 20:59 - 2013-03-06 07:03 - 17561600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-22 20:59 - 2013-03-06 07:03 - 00199168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-22 20:59 - 2013-03-02 10:23 - 00375808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2013-05-22 20:59 - 2013-03-02 04:44 - 01011200 ____A (Microsoft Corporation) C:\Windows\System32\reseteng.dll
2013-05-22 20:59 - 2013-02-12 02:17 - 00020992 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023x.sys
2013-05-22 20:59 - 2013-02-12 02:17 - 00020992 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-05-22 20:59 - 2013-02-06 00:29 - 00370688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2013-05-22 20:59 - 2013-02-06 00:28 - 00215552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2013-05-22 20:59 - 2013-02-02 07:41 - 01437184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2013-05-22 20:59 - 2013-02-02 07:31 - 01690624 ____A (Microsoft Corporation) C:\Windows\System32\GdiPlus.dll
2013-05-22 20:59 - 2012-12-16 10:28 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2013-05-22 20:59 - 2012-12-16 10:20 - 00035328 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-05-22 20:59 - 2012-12-16 10:08 - 00362496 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2013-05-22 20:59 - 2012-12-16 09:57 - 00300032 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-05-22 20:59 - 2012-12-15 06:55 - 00443392 ____A (Microsoft Corporation) C:\Windows\System32\ReAgent.dll
2013-05-22 20:59 - 2012-11-08 06:24 - 00075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-05-22 20:59 - 2012-11-08 06:24 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-05-22 20:59 - 2012-11-08 06:20 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2013-05-22 20:59 - 2012-11-08 06:20 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2013-05-22 20:59 - 2012-11-08 06:02 - 00003072 ____A (Microsoft Corporation) C:\Windows\System32\lpk.dll
2013-05-22 20:59 - 2012-11-08 06:01 - 00003072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-05-22 20:59 - 2012-11-03 07:26 - 00132096 ____A (Microsoft Corporation) C:\Windows\System32\sysreset.exe
2013-05-22 20:59 - 2012-11-03 07:25 - 00945152 ____A (Microsoft Corporation) C:\Windows\System32\resetengmig.dll
2013-05-22 20:59 - 2012-10-24 05:25 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\ReAgentc.exe
2013-05-22 20:59 - 2012-10-24 04:48 - 00024064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2013-05-22 15:28 - 2013-05-22 15:28 - 00000000 ____D C:\sources
2013-05-22 15:13 - 2013-05-23 13:08 - 00000000 ____D C:\Program Files\Java
2013-05-22 15:13 - 2013-05-22 15:13 - 01092512 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-05-22 15:13 - 2013-05-22 15:13 - 00971680 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-05-22 15:13 - 2013-05-22 15:13 - 00311200 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-05-22 15:13 - 2013-05-22 15:13 - 00188832 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-05-22 15:13 - 2013-05-22 15:13 - 00188320 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-05-22 15:13 - 2013-05-22 15:13 - 00108448 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-05-22 15:13 - 2013-05-22 15:13 - 00000000 ____D C:\Program Files\7-Zip
2013-05-22 15:09 - 2013-06-07 14:09 - 00000000 ____D C:\Users\Heinz\AppData\Local\Paint.NET
2013-05-22 15:09 - 2013-05-22 15:14 - 00000000 ____D C:\Program Files\Paint.NET
2013-05-22 15:05 - 2013-05-26 11:12 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-05-22 14:59 - 2013-06-08 07:18 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Yontoo
2013-05-22 14:59 - 2013-05-22 14:59 - 00000000 ____D C:\Program Files (x86)\Yontoo
2013-05-22 14:53 - 2013-05-23 15:57 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-22 14:53 - 2013-05-22 14:53 - 00000000 ____D C:\Users\Heinz\AppData\Local\Microsoft Help
2013-05-22 14:51 - 2013-05-22 14:51 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-05-22 14:51 - 2013-05-22 14:51 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-05-22 14:51 - 2013-04-29 20:00 - 00112640 ____A C:\Windows\SysWOW64\ff_vfw.dll
2013-05-22 14:51 - 2013-03-17 18:21 - 03649536 ____A (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2013-05-22 14:51 - 2012-06-09 19:21 - 00178688 ____A C:\Windows\SysWOW64\unrar.dll
2013-05-22 14:51 - 2011-12-21 19:14 - 00151552 ____A (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2013-05-22 14:51 - 2011-12-07 19:32 - 00216064 ____A ( ) C:\Windows\SysWOW64\lagarith.dll
2013-05-22 14:51 - 2011-06-24 16:44 - 00243200 ____A C:\Windows\SysWOW64\xvidvfw.dll
2013-05-22 14:51 - 2011-06-24 16:28 - 00650752 ____A C:\Windows\SysWOW64\xvidcore.dll
2013-05-22 14:50 - 2013-02-22 09:17 - 01490656 ____A (Microsoft Corporation) C:\Windows\System32\WdfCoInstaller01007.dll
2013-05-22 14:50 - 2013-02-22 09:17 - 00708168 ____A (Microsoft Corporation) C:\Windows\System32\WinUSBCoInstaller.dll
2013-05-22 14:49 - 2013-06-07 18:01 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-05-22 14:49 - 2013-06-06 11:06 - 00000000 ____D C:\ProgramData\Samsung
2013-05-22 14:49 - 2011-03-03 00:58 - 04659712 ____A (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2013-05-22 14:49 - 2011-03-03 00:57 - 00821824 ____A (Devguru Co., Ltd.) C:\Windows\SysWOW64\dgderapi.dll
2013-05-22 14:48 - 2013-05-22 14:48 - 00000000 ____D C:\Users\Heinz\AppData\Local\Downloaded Installations
2013-05-22 14:47 - 2013-05-26 13:38 - 00000000 ____D C:\ProgramData\Adobe
2013-05-22 14:45 - 2013-05-22 14:45 - 00000000 ___HD C:\Program Files (x86)\Creative Installation Information
2013-05-22 14:44 - 2010-07-22 17:46 - 00237056 ____A C:\Windows\System32\APOMgr64.DLL
2013-05-22 14:44 - 2010-07-22 17:45 - 00181760 ____A C:\Windows\SysWOW64\APOMngr.DLL
2013-05-22 14:44 - 2010-05-26 12:56 - 00044795 ___RA C:\Windows\System32\kschimp.ini
2013-05-22 14:44 - 2009-12-29 17:52 - 00089088 ____A C:\Windows\System32\CmdRtr64.DLL
2013-05-22 14:44 - 2009-12-29 17:50 - 00073728 ____A C:\Windows\SysWOW64\CmdRtr.DLL
2013-05-22 14:43 - 2013-05-22 14:45 - 00000286 __RAH C:\Windows\ctfile.rfc
2013-05-22 14:43 - 2010-07-30 03:35 - 01588608 ____A (Creative Technology Ltd.) C:\Windows\System32\Drivers\ksaud.sys
2013-05-22 14:43 - 2010-07-29 13:44 - 00262656 ____A (Creative Technology Ltd.) C:\Windows\System32\KSVSPI64.dll
2013-05-22 14:43 - 2010-07-29 13:44 - 00195584 ____A (Creative Technology Ltd.) C:\Windows\SysWOW64\KSVSPI32.dll
2013-05-22 14:43 - 2010-07-29 13:36 - 00115712 ____A (Creative Technology Ltd.) C:\Windows\System32\SBAVMon.dll
2013-05-22 14:43 - 2010-07-29 12:28 - 00057856 ____A (Creative Technology Ltd.) C:\Windows\System32\KSppld64.dll
2013-05-22 14:43 - 2010-07-29 12:27 - 00866816 ____A (Creative Technology Ltd.) C:\Windows\System32\KSAPO64.dll
2013-05-22 14:43 - 2010-07-29 12:26 - 00728576 ____A (Creative Technology Ltd.) C:\Windows\SysWOW64\KSAPO32.dll
2013-05-22 14:43 - 2010-07-22 12:13 - 00631428 ____A (Creative Technology Ltd) C:\Windows\KSAIM64.exe
2013-05-22 14:43 - 2010-07-08 03:42 - 00053760 ____A (Creative Technology Ltd.) C:\Windows\System32\KSPPCn64.dll
2013-05-22 14:43 - 2010-07-08 03:41 - 00074240 ____A (Creative Technology Ltd.) C:\Windows\System32\KSWrap64.dll
2013-05-22 14:43 - 2010-06-29 09:04 - 00001772 ____A C:\ProgramData\cfSB1095.ini
2013-05-22 14:43 - 2010-06-23 08:54 - 00012344 ____A C:\Windows\System32\MixerDefault.reg
2013-05-22 14:43 - 2010-05-26 12:56 - 00034637 ____A C:\Windows\System32\ksaud.ini
2013-05-22 14:43 - 2010-05-06 05:16 - 00067584 ____A (Creative Technology Ltd.) C:\Windows\System32\KSDGFX64.dll
2013-05-22 14:43 - 2009-11-11 07:43 - 00235520 ____A (Creative Technology Limited) C:\Windows\System32\KsDvInst.dll
2013-05-22 14:43 - 2009-11-10 04:42 - 00479232 ____A (Creative Technology Ltd.) C:\Windows\System32\JDetect.exe
2013-05-22 14:43 - 2009-05-26 09:59 - 00026768 ___RA C:\Windows\ksaudENG.reg
2013-05-22 14:43 - 2007-07-05 04:27 - 00002630 ___RA C:\Windows\MixerName.reg
2013-05-22 14:42 - 2013-05-23 11:11 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Creative
2013-05-22 14:42 - 2013-05-22 14:42 - 00466520 ____A (Creative Labs) C:\Windows\System32\wrap_oal.dll
2013-05-22 14:42 - 2013-05-22 14:42 - 00445016 ____A (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2013-05-22 14:42 - 2013-05-22 14:42 - 00123480 ____A (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\System32\OpenAL32.dll
2013-05-22 14:42 - 2013-05-22 14:42 - 00109144 ____A (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2013-05-22 14:42 - 2010-06-09 18:46 - 01940992 ____N (Creative) C:\Windows\System32\Sens_oal.dll
2013-05-22 14:42 - 2010-06-09 18:43 - 02902496 ____N (Creative) C:\Windows\SysWOW64\Sens_oal.dll
2013-05-22 14:42 - 2009-12-24 04:49 - 00809560 ___RA (Creative Labs Inc.) C:\Windows\SysWOW64\tmp3939.tmp
2013-05-22 14:42 - 2009-12-24 04:49 - 00809560 ___RA (Creative Labs Inc.) C:\Windows\SysWOW64\tmp3929.tmp
2013-05-22 14:41 - 2010-06-14 15:00 - 00005594 ____N C:\Windows\System32\CTOPT399.cat
2013-05-22 14:41 - 2010-06-14 14:55 - 00005498 ____N C:\Windows\SysWOW64\CTOPT399.cat
2013-05-22 14:41 - 2010-05-08 18:20 - 00079360 ____N (Creative Technology Ltd) C:\Windows\SysWOW64\CTOPT399.dll
2013-05-22 14:41 - 2010-05-08 18:19 - 00088576 ____N (Creative Technology Ltd) C:\Windows\System32\CTOPT399.dll
2013-05-22 14:41 - 2008-12-22 21:13 - 00061440 ____N (Creative Technology Ltd) C:\Windows\SysWOW64\CTChkAud.dll
2013-05-22 14:41 - 2008-12-22 21:13 - 00049664 ____N (Creative Technology Ltd) C:\Windows\System32\CTChkAud.dll
2013-05-22 14:41 - 2006-12-05 14:53 - 00042496 ____N (Creative Technology Ltd.) C:\Windows\SysWOW64\AddCat.exe
2013-05-22 14:41 - 2006-12-05 14:53 - 00042496 ____N (Creative Technology Ltd.) C:\Windows\System32\AddCat.exe
2013-05-22 14:41 - 2006-10-06 08:17 - 00053248 ____N (Creative Technology Ltd ) C:\Windows\Ctregrun.exe
2013-05-22 14:41 - 2000-05-22 10:58 - 00647872 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Mscomct2.ocx
2013-05-22 14:40 - 2003-06-13 00:25 - 00007062 ____A C:\Windows\SysWOW64\audiopid.vxd
2013-05-22 14:34 - 2013-05-22 14:45 - 00000000 ____D C:\Program Files\Creative
2013-05-22 14:33 - 2013-05-22 14:45 - 00000000 ____D C:\Program Files (x86)\Creative
2013-05-22 14:30 - 2013-05-22 14:31 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Nero
2013-05-22 14:30 - 2012-06-09 19:21 - 00206336 ____A C:\Windows\System32\unrar64.dll
2013-05-22 14:30 - 2011-12-07 19:37 - 00148992 ____A ( ) C:\Windows\System32\lagarith.dll
2013-05-22 14:29 - 2013-05-22 14:30 - 00000000 ____D C:\Program Files\K-Lite Codec Pack x64
2013-05-22 14:28 - 2013-05-22 14:30 - 00000000 ____D C:\Users\Heinz\AppData\Local\Nero
2013-05-22 14:15 - 2013-05-22 14:15 - 00000355 ____A C:\Users\Heinz\Desktop\Computer.lnk
2013-05-22 14:14 - 2013-06-08 02:44 - 00000000 ___SD C:\Users\Heinz\Google Drive
2013-05-22 14:14 - 2013-05-22 14:14 - 00000000 ____D C:\Program Files\Classic Shell
2013-05-22 14:12 - 2013-05-22 14:12 - 00000000 ____D C:\Users\Heinz\AppData\LocalGoogle
2013-05-22 14:10 - 2013-05-22 14:10 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-05-22 14:10 - 2013-05-09 10:59 - 01025808 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-05-22 14:10 - 2013-05-09 10:59 - 00378432 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-05-22 14:10 - 2013-05-09 10:59 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-05-22 14:10 - 2013-05-09 10:59 - 00080816 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-05-22 14:10 - 2013-05-09 10:59 - 00072016 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2013-05-22 14:10 - 2013-05-09 10:59 - 00065336 ____A C:\Windows\System32\Drivers\aswRvrt.sys
2013-05-22 14:10 - 2013-05-09 10:59 - 00064288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-05-22 14:10 - 2013-05-09 10:59 - 00033400 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-05-22 14:10 - 2013-05-09 10:58 - 00287840 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-05-22 14:09 - 2013-05-22 14:09 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-05-22 14:09 - 2013-05-22 14:09 - 00000000 ____D C:\Program Files\CCleaner
2013-05-22 14:09 - 2013-05-22 14:09 - 00000000 ____D C:\Program Files\AVAST Software
2013-05-22 14:09 - 2013-05-09 10:58 - 00041664 ____A (AVAST Software) C:\Windows\avastSS.scr
2013-05-22 14:07 - 2013-05-22 14:09 - 00000000 ____D C:\ProgramData\AVAST Software
2013-05-21 20:49 - 2013-05-23 11:10 - 00000000 ____D C:\Users\Heinz\AppData\Local\TOSHIBA
2013-05-21 20:49 - 2013-05-21 20:49 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\ATI
2013-05-21 20:49 - 2013-05-21 20:49 - 00000000 ____D C:\Users\Heinz\AppData\Local\ATI
2013-05-21 20:48 - 2013-06-08 11:53 - 00001136 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-05-21 20:47 - 2013-06-07 19:52 - 00001132 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-05-21 20:47 - 2013-05-31 13:57 - 00000000 ____D C:\Users\Heinz\AppData\Local\Google
2013-05-21 20:47 - 2013-05-22 14:12 - 00000000 ____D C:\Program Files (x86)\Google
2013-05-21 20:47 - 2013-05-21 20:47 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Macromedia
2013-05-21 20:47 - 2013-05-21 20:47 - 00000000 ____D C:\Users\Heinz\AppData\Local\Deployment
2013-05-21 20:47 - 2013-05-21 20:47 - 00000000 ____D C:\Users\Heinz\AppData\Local\Apps\2.0
2013-05-21 20:44 - 2013-05-21 20:44 - 00000000 ____D C:\Users\Heinz\AppData\Local\SRS Labs
2013-05-21 20:44 - 2013-05-21 20:44 - 00000000 ____D C:\ProgramData\ToshibaEurope
2013-05-21 20:43 - 2013-05-24 13:45 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Adobe
2013-05-21 20:42 - 2013-06-07 22:01 - 01500003 ____A C:\Windows\WindowsUpdate.log
2013-05-21 20:42 - 2013-06-05 13:28 - 00000000 ____D C:\Users\Heinz\AppData\Local\Packages
2013-05-21 20:42 - 2013-05-21 20:42 - 00000000 ____D C:\Users\Heinz\AppData\Local\VirtualStore
2013-05-21 20:41 - 2013-05-24 11:41 - 00000000 ____D C:\users\Heinz
2013-05-21 20:41 - 2013-05-21 20:41 - 00000020 ___SH C:\Users\Heinz\ntuser.ini
==================== One Month Modified Files and Folders =======
2013-06-08 12:39 - 2013-06-08 12:39 - 00000000 ____D C:\FRST
2013-06-08 12:02 - 2013-05-31 13:57 - 00000956 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2594244226-710932845-2937545045-1001UA.job
2013-06-08 12:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\sru
2013-06-08 11:53 - 2013-05-21 20:48 - 00001136 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-08 07:18 - 2013-05-22 14:59 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Yontoo
2013-06-08 02:44 - 2013-05-22 14:14 - 00000000 ___SD C:\Users\Heinz\Google Drive
2013-06-07 22:01 - 2013-05-21 20:42 - 01500003 ____A C:\Windows\WindowsUpdate.log
2013-06-07 19:52 - 2013-05-21 20:47 - 00001132 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-07 18:43 - 2012-07-26 09:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-07 18:20 - 2013-05-23 12:20 - 00133120 __ASH C:\Users\Heinz\Desktop\Thumbs.db
2013-06-07 18:10 - 2013-05-23 14:40 - 00007600 ____A C:\Users\Heinz\AppData\Local\Resmon.ResmonCfg
2013-06-07 18:08 - 2013-06-07 13:02 - 00000000 ____D C:\Windows\Minidump
2013-06-07 18:08 - 2013-05-23 12:23 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Media Player Classic
2013-06-07 18:08 - 2012-11-14 19:56 - 00000000 ____D C:\Windows\Panther
2013-06-07 18:01 - 2013-06-07 18:01 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Malwarebytes
2013-06-07 18:01 - 2013-06-07 18:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-07 18:01 - 2013-06-07 18:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-07 18:01 - 2013-05-22 14:49 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-06-07 18:01 - 2012-11-13 19:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-07 17:28 - 2012-07-26 09:28 - 00848230 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-07 14:09 - 2013-05-22 15:09 - 00000000 ____D C:\Users\Heinz\AppData\Local\Paint.NET
2013-06-07 14:01 - 2013-05-31 13:56 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2594244226-710932845-2937545045-1001Core.job
2013-06-07 11:09 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\BBI
2013-06-06 23:11 - 2013-06-06 23:11 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-06-06 22:39 - 2013-05-24 22:46 - 00354840 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-06 11:09 - 2013-06-06 11:09 - 00000000 ____D C:\Program Files (x86)\Samsung Magician
2013-06-06 11:09 - 2013-06-06 11:06 - 00001114 ____A C:\Users\Public\Desktop\Samsung Magician.lnk
2013-06-06 11:06 - 2013-05-22 14:49 - 00000000 ____D C:\ProgramData\Samsung
2013-06-05 13:28 - 2013-05-21 20:42 - 00000000 ____D C:\Users\Heinz\AppData\Local\Packages
2013-06-05 11:10 - 2013-06-05 11:10 - 00000000 ____D C:\ProgramData\Synaptics
2013-06-04 09:15 - 2013-06-04 09:15 - 00203672 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
2013-06-04 09:15 - 2013-06-04 09:15 - 00103448 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys
2013-06-04 08:27 - 2013-06-04 08:27 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Unified Remote
2013-06-04 08:27 - 2013-06-04 08:27 - 00000000 ____D C:\Program Files (x86)\Unified Remote
2013-06-04 06:42 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-06-03 13:23 - 2013-05-26 11:07 - 00000048 ____A C:\Users\Heinz\Desktop\W8.txt
2013-06-02 15:34 - 2013-06-02 15:34 - 00001055 ____A C:\Users\Heinz\Desktop\eclipse.lnk
2013-06-01 16:51 - 2013-06-01 16:51 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-05-31 13:57 - 2013-05-21 20:47 - 00000000 ____D C:\Users\Heinz\AppData\Local\Google
2013-05-26 16:14 - 2013-05-26 16:14 - 00000000 ____D C:\ProgramData\TOSHIBA Tempro
2013-05-26 16:14 - 2013-05-26 16:14 - 00000000 ____D C:\ProgramData\IsolatedStorage
2013-05-26 13:38 - 2013-05-22 14:47 - 00000000 ____D C:\ProgramData\Adobe
2013-05-26 12:48 - 2013-05-26 12:48 - 00000000 ____D C:\Program Files (x86)\XMedia Recode
2013-05-26 11:12 - 2013-05-22 15:05 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-05-25 22:10 - 2013-05-25 22:10 - 00000000 ____D C:\Program Files\DIFX
2013-05-25 01:41 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-05-24 22:32 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-05-24 13:45 - 2013-05-24 13:45 - 00000000 ____D C:\Users\Heinz\AppData\Local\Adobe
2013-05-24 13:45 - 2013-05-21 20:43 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Adobe
2013-05-24 11:41 - 2013-05-21 20:41 - 00000000 ____D C:\users\Heinz
2013-05-24 11:38 - 2013-05-23 13:13 - 00000000 ____D C:\Users\Heinz\.android
2013-05-23 16:48 - 2013-05-23 16:02 - 00000000 ____D C:\Windows\AutoKMS
2013-05-23 16:19 - 2013-05-23 16:19 - 00001628 ____A C:\Users\Heinz\Desktop\Medien_Generator.lnk
2013-05-23 16:18 - 2013-05-23 16:18 - 00001520 ____A C:\Users\Heinz\Desktop\Medien.lnk
2013-05-23 16:00 - 2013-05-23 16:00 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2013-05-23 15:57 - 2013-05-22 14:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-23 15:53 - 2013-05-23 15:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-23 15:51 - 2013-05-23 15:51 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-05-23 15:51 - 2013-05-23 15:51 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-05-23 15:51 - 2013-05-23 15:50 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-05-23 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-05-23 15:50 - 2013-05-23 15:50 - 00000000 ____D C:\Windows\PCHEALTH
2013-05-23 15:50 - 2013-05-23 15:48 - 00000000 ____D C:\Program Files\Microsoft Office
2013-05-23 15:48 - 2013-05-23 15:48 - 00000000 __RHD C:\MSOCache
2013-05-23 15:48 - 2013-05-23 15:48 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-05-23 15:48 - 2013-05-23 15:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-05-23 15:48 - 2013-05-23 15:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-05-23 15:48 - 2012-07-26 09:52 - 00000000 ____D C:\Windows\ShellNew
2013-05-23 15:36 - 2013-05-23 15:36 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\WinRAR
2013-05-23 14:59 - 2013-05-23 14:59 - 00000956 ____A C:\Users\Heinz\Desktop\Dubstep.lnk
2013-05-23 14:22 - 2013-05-23 14:22 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Auslogics
2013-05-23 14:22 - 2013-05-23 14:22 - 00000000 ____D C:\Program Files (x86)\Auslogics
2013-05-23 13:08 - 2013-05-22 15:13 - 00000000 ____D C:\Program Files\Java
2013-05-23 12:20 - 2013-05-23 12:20 - 00000640 ____A C:\Users\Heinz\Desktop\Thomas.lnk
2013-05-23 12:16 - 2013-05-23 12:16 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2013-05-23 12:13 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\NDF
2013-05-23 11:38 - 2013-05-23 11:38 - 00000000 ___HD C:\ProgramData\CanonBJ
2013-05-23 11:38 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\spool
2013-05-23 11:11 - 2013-05-22 14:42 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Creative
2013-05-23 11:10 - 2013-05-23 11:10 - 00000000 ____D C:\ProgramData\Creative
2013-05-23 11:10 - 2013-05-21 20:49 - 00000000 ____D C:\Users\Heinz\AppData\Local\TOSHIBA
2013-05-23 11:09 - 2013-05-23 04:49 - 00000000 ___RD C:\Windows\BrowserChoice
2013-05-23 11:09 - 2012-11-13 19:14 - 00000000 ____D C:\ProgramData\PRICache
2013-05-23 04:52 - 2012-11-13 19:52 - 00000000 ____D C:\Program Files\mcafee.com
2013-05-23 04:49 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\oobe
2013-05-23 04:47 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-05-23 04:46 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-05-23 04:46 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-05-23 04:45 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-05-23 04:45 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-05-23 04:45 - 2012-07-26 09:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-05-23 04:44 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-05-23 04:44 - 2012-07-26 09:49 - 00000000 ____D C:\Windows\SysWOW64\winrm
2013-05-23 04:44 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-05-23 04:43 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-05-23 04:43 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-05-23 04:43 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\Com
2013-05-23 04:43 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\migwiz
2013-05-23 04:43 - 2012-07-26 09:49 - 00000000 ____D C:\Windows\SysWOW64\WCN
2013-05-23 04:43 - 2012-07-26 09:49 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2013-05-23 04:43 - 2012-07-26 09:49 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2013-05-23 04:43 - 2012-07-26 09:49 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2013-05-23 04:43 - 2012-07-26 09:49 - 00000000 ____D C:\Windows\System32\winrm
2013-05-23 04:43 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-05-23 04:40 - 2012-07-26 09:49 - 00000000 ____D C:\Windows\System32\WCN
2013-05-23 04:40 - 2012-07-26 09:49 - 00000000 ____D C:\Windows\System32\slmgr
2013-05-23 04:40 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Sysprep
2013-05-23 04:40 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Dism
2013-05-23 04:39 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\SystemResetPlatform
2013-05-23 04:39 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\Com
2013-05-23 04:39 - 2012-07-26 09:49 - 00000000 ____D C:\Windows\System32\Printing_Admin_Scripts
2013-05-22 15:58 - 2012-11-13 19:52 - 00000000 ____D C:\ProgramData\McAfee
2013-05-22 15:57 - 2012-11-13 19:52 - 00000000 ____D C:\Program Files\Common Files\mcafee
2013-05-22 15:53 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-05-22 15:28 - 2013-05-22 15:28 - 00000000 ____D C:\sources
2013-05-22 15:14 - 2013-05-22 15:09 - 00000000 ____D C:\Program Files\Paint.NET
2013-05-22 15:13 - 2013-05-22 15:13 - 01092512 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-05-22 15:13 - 2013-05-22 15:13 - 00971680 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-05-22 15:13 - 2013-05-22 15:13 - 00311200 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-05-22 15:13 - 2013-05-22 15:13 - 00188832 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-05-22 15:13 - 2013-05-22 15:13 - 00188320 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-05-22 15:13 - 2013-05-22 15:13 - 00108448 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-05-22 15:13 - 2013-05-22 15:13 - 00000000 ____D C:\Program Files\7-Zip
2013-05-22 14:59 - 2013-05-22 14:59 - 00000000 ____D C:\Program Files (x86)\Yontoo
2013-05-22 14:53 - 2013-05-22 14:53 - 00000000 ____D C:\Users\Heinz\AppData\Local\Microsoft Help
2013-05-22 14:51 - 2013-05-22 14:51 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-05-22 14:51 - 2013-05-22 14:51 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-05-22 14:48 - 2013-05-22 14:48 - 00000000 ____D C:\Users\Heinz\AppData\Local\Downloaded Installations
2013-05-22 14:45 - 2013-05-22 14:45 - 00000000 ___HD C:\Program Files (x86)\Creative Installation Information
2013-05-22 14:45 - 2013-05-22 14:43 - 00000286 __RAH C:\Windows\ctfile.rfc
2013-05-22 14:45 - 2013-05-22 14:34 - 00000000 ____D C:\Program Files\Creative
2013-05-22 14:45 - 2013-05-22 14:33 - 00000000 ____D C:\Program Files (x86)\Creative
2013-05-22 14:42 - 2013-05-22 14:42 - 00466520 ____A (Creative Labs) C:\Windows\System32\wrap_oal.dll
2013-05-22 14:42 - 2013-05-22 14:42 - 00445016 ____A (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2013-05-22 14:42 - 2013-05-22 14:42 - 00123480 ____A (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\System32\OpenAL32.dll
2013-05-22 14:42 - 2013-05-22 14:42 - 00109144 ____A (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2013-05-22 14:31 - 2013-05-22 14:30 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Nero
2013-05-22 14:30 - 2013-05-22 14:29 - 00000000 ____D C:\Program Files\K-Lite Codec Pack x64
2013-05-22 14:30 - 2013-05-22 14:28 - 00000000 ____D C:\Users\Heinz\AppData\Local\Nero
2013-05-22 14:15 - 2013-05-22 14:15 - 00000355 ____A C:\Users\Heinz\Desktop\Computer.lnk
2013-05-22 14:14 - 2013-05-22 14:14 - 00000000 ____D C:\Program Files\Classic Shell
2013-05-22 14:12 - 2013-05-22 14:12 - 00000000 ____D C:\Users\Heinz\AppData\LocalGoogle
2013-05-22 14:12 - 2013-05-21 20:47 - 00000000 ____D C:\Program Files (x86)\Google
2013-05-22 14:11 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-05-22 14:10 - 2013-05-22 14:10 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-05-22 14:09 - 2013-05-22 14:09 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-05-22 14:09 - 2013-05-22 14:09 - 00000000 ____D C:\Program Files\CCleaner
2013-05-22 14:09 - 2013-05-22 14:09 - 00000000 ____D C:\Program Files\AVAST Software
2013-05-22 14:09 - 2013-05-22 14:07 - 00000000 ____D C:\ProgramData\AVAST Software
2013-05-22 05:56 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\restore
2013-05-22 00:49 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\ELAM
2013-05-21 20:49 - 2013-05-21 20:49 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\ATI
2013-05-21 20:49 - 2013-05-21 20:49 - 00000000 ____D C:\Users\Heinz\AppData\Local\ATI
2013-05-21 20:47 - 2013-05-21 20:47 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Macromedia
2013-05-21 20:47 - 2013-05-21 20:47 - 00000000 ____D C:\Users\Heinz\AppData\Local\Deployment
2013-05-21 20:47 - 2013-05-21 20:47 - 00000000 ____D C:\Users\Heinz\AppData\Local\Apps\2.0
2013-05-21 20:45 - 2012-11-13 19:46 - 00000000 ____D C:\ProgramData\Toshiba
2013-05-21 20:44 - 2013-05-21 20:44 - 00000000 ____D C:\Users\Heinz\AppData\Local\SRS Labs
2013-05-21 20:44 - 2013-05-21 20:44 - 00000000 ____D C:\ProgramData\ToshibaEurope
2013-05-21 20:42 - 2013-05-21 20:42 - 00000000 ____D C:\Users\Heinz\AppData\Local\VirtualStore
2013-05-21 20:41 - 2013-05-21 20:41 - 00000020 ___SH C:\Users\Heinz\ntuser.ini
2013-05-09 10:59 - 2013-05-22 14:10 - 01025808 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-05-09 10:59 - 2013-05-22 14:10 - 00378432 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-05-09 10:59 - 2013-05-22 14:10 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-05-09 10:59 - 2013-05-22 14:10 - 00080816 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-05-09 10:59 - 2013-05-22 14:10 - 00072016 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2013-05-09 10:59 - 2013-05-22 14:10 - 00065336 ____A C:\Windows\System32\Drivers\aswRvrt.sys
2013-05-09 10:59 - 2013-05-22 14:10 - 00064288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-05-09 10:59 - 2013-05-22 14:10 - 00033400 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-05-09 10:58 - 2013-05-22 14:10 - 00287840 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-05-09 10:58 - 2013-05-22 14:09 - 00041664 ____A (AVAST Software) C:\Windows\avastSS.scr
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-06-02 03:00
==================== End Of Log ============================
|
|
08.06.2013, 11:41
| #14 |
| | Windows System immer bei 20% Systemauslastung, Virus vermutetCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-06-2013 Ran by Thomas Terpelle at 2013-06-08 12:40:06 Run: Running from E:\Thomas\Downloads\Setups Boot Mode: Normal ========================================================== ==================== Installed Programs ======================= 7-Zip 9.20 (x64 edition) (Version: 9.20.00.0) Adobe Reader XI (11.0.03) - Deutsch (Version: 11.0.03) Aloha TriPeaks (Version: 2.2.0.98) AMD Accelerated Video Transcoding (Version: 12.5.100.20918) AMD APP SDK Runtime (Version: 10.0.938.2) AMD Catalyst Install Manager (Version: 8.0.881.0) Atheros Bluetooth Filter Driver Package (Version: 2.0.0.3) Atheros Driver Installation Program (Version: 10.0) Auslogics Disk Defrag (Version: 3.6) avast! Free Antivirus (Version: 8.0.1489.0) Bejeweled 3 (Version: 2.2.0.98) Catalyst Control Center - Branding (Version: 1.00.0000) Catalyst Control Center (Version: 2012.0918.260.3365) Catalyst Control Center Graphics Previews Common (Version: 2012.0918.260.3365) Catalyst Control Center InstallProxy (Version: 2012.0918.260.3365) Catalyst Control Center Localization All (Version: 2012.0918.260.3365) CCC Help Chinese Standard (Version: 2012.0918.0259.3365) CCC Help Chinese Traditional (Version: 2012.0918.0259.3365) CCC Help Czech (Version: 2012.0918.0259.3365) CCC Help Danish (Version: 2012.0918.0259.3365) CCC Help Dutch (Version: 2012.0918.0259.3365) CCC Help English (Version: 2012.0918.0259.3365) CCC Help Finnish (Version: 2012.0918.0259.3365) CCC Help French (Version: 2012.0918.0259.3365) CCC Help German (Version: 2012.0918.0259.3365) CCC Help Greek (Version: 2012.0918.0259.3365) CCC Help Hungarian (Version: 2012.0918.0259.3365) CCC Help Italian (Version: 2012.0918.0259.3365) CCC Help Japanese (Version: 2012.0918.0259.3365) CCC Help Korean (Version: 2012.0918.0259.3365) CCC Help Norwegian (Version: 2012.0918.0259.3365) CCC Help Polish (Version: 2012.0918.0259.3365) CCC Help Portuguese (Version: 2012.0918.0259.3365) CCC Help Russian (Version: 2012.0918.0259.3365) CCC Help Spanish (Version: 2012.0918.0259.3365) CCC Help Swedish (Version: 2012.0918.0259.3365) CCC Help Thai (Version: 2012.0918.0259.3365) CCC Help Turkish (Version: 2012.0918.0259.3365) ccc-utility64 (Version: 2012.0918.260.3365) CCleaner (Version: 4.01) Chuzzle Deluxe (Version: 2.2.0.95) Classic Shell (Version: 3.6.7) Creative System Information (Version: 1.10) Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition Dolby Digital Live Pack (Version: 3.01) Empress of the Deep - The Darkest Secret (Version: 2.2.0.98) Google Chrome (Version: 27.0.1453.110) Google Drive (Version: 1.9.4536.8202) Google Update Helper (Version: 1.3.21.145) Intel AppUp(SM) center (Version: 3.6.1.33268.15) Intel(R) Management Engine Components (Version: 8.1.0.1252) Intel(R) Rapid Storage Technology (Version: 11.5.2.1001) Intel® Trusted Connect Service Client (Version: 1.24.388.1) Island Tribe (Version: 2.2.0.98) Java 7 Update 21 (64-bit) (Version: 7.0.210) JDownloader 0.9 (Version: 0.9) Jewel Quest Solitaire 2 (Version: 2.2.0.98) K-Lite Codec Pack 9.9.0 (64-bit) (Version: 9.9.0) K-Lite Mega Codec Pack 9.9.0 (Version: 9.9.0) Magic Academy (Version: 2.2.0.98) Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300) Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017) Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017) Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017) Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017) Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017) Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017) Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017) Music Manager Nero 12 Essentials Toshiba (Version: 12.0.00600) Nero BackItUp (Version: 12.0.3000) Nero BackItUp Help (CHM) (Version: 12.0.3000) Nero Blu-ray Player (Version: 12.0.17500) Nero Blu-ray Player Help (CHM) (Version: 12.0.4000) Nero BurnRights (Version: 12.0.5000) Nero BurnRights Help (CHM) (Version: 12.0.5000) Nero ControlCenter (Version: 11.0.15300) Nero ControlCenter Help (CHM) (Version: 12.0.5000) Nero Core Components (Version: 11.0.18200) Nero Express (Version: 12.0.20000) Nero Express Help (CHM) (Version: 12.0.5000) Nero Kwik Media (Version: 1.18.18900) Nero Kwik Media Help (CHM) (Version: 12.0.4000) Nero Kwik Themes Basic (Version: 12.0.11500) Nero Launcher (Version: 12.2.6000) Nero RescueAgent (Version: 12.0.9000) Nero RescueAgent Help (CHM) (Version: 12.0.3000) Nero SharedVideoCodecs (Version: 1.0.12100.2.0) Nero Update (Version: 11.0.11800.31.0) Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017) Paint.NET v3.5.10 (Version: 3.60.0) Peggle Nights (Version: 2.2.0.98) Plants vs. Zombies - Game of the Year (Version: 2.2.0.98) Polar Bowler (Version: 2.2.0.97) Premium Sound HD (Version: 1.12.5000) Prerequisite installer (Version: 12.0.0002) Realtek Ethernet Controller Driver (Version: 8.3.730.2012) Realtek High Definition Audio Driver (Version: 6.0.1.6738) Realtek USB 2.0 Card Reader (Version: 6.1.8400.30136) Samsung Kies (Version: 2.5.3.13034_9) Samsung Magician (Version: 4.1.0) SAMSUNG USB Driver for Mobile Phones (Version: 1.5.22.0) Shared C Run-time for x64 (Version: 10.0.0) Sound Blaster X-Fi Surround 5.1 Pro (Version: 1.0) Synaptics Pointing Device Driver (Version: 16.2.10.5) TOSHIBA Desktop Assist (Version: 1.00.08.6402) TOSHIBA eco Utility (Version: 2.0.0.6415) TOSHIBA Function Key (Version: 1.00.6626.6406) TOSHIBA Manuals (Version: 10.10) Toshiba Password Utility (Version: 2.00.972) TOSHIBA PC Health Monitor (Version: 1.8.17.640104) TOSHIBA Recovery Media Creator (Version: 2.2.1.54043006) TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.2.2.00) TOSHIBA Service Station (Version: 2.4.4) TOSHIBA System Driver (Version: 1.00.0015) TOSHIBA System Settings (Version: 1.00.0002.32002) Toshiba TEMPRO (Version: 4.2.2) TOSHIBA VIDEO PLAYER (Version: 5.1.0.12-A) Unified Remote (Version: 2.8.1.0) Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition Update for Microsoft Lync 2013 (KB2768004) 64-Bit Edition Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition Update for Microsoft Office 2013 (KB2726961) 64-Bit Edition Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition Update for Microsoft Office 2013 (KB2752025) 64-Bit Edition Update for Microsoft Office 2013 (KB2752094) 64-Bit Edition Update for Microsoft Office 2013 (KB2752101) 64-Bit Edition Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition Update for Microsoft Office 2013 (KB2760343) 64-Bit Edition Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition Update for Microsoft Office 2013 (KB2767860) 64-Bit Edition Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition Update for Microsoft Office 2013 (KB2768333) 64-Bit Edition Update for Microsoft Office 2013 (KB2768349) 64-Bit Edition Update for Microsoft Office 2013 (KB2768355) 64-Bit Edition Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition Update for Microsoft OneNote 2013 (KB2760334) 64-Bit Edition Update for Microsoft OneNote 2013 (KB2768011) 64-Bit Edition Update for Microsoft Outlook 2013 (KB2810015) 64-Bit Edition Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition Update for Microsoft PowerPoint 2013 (KB2727013) 64-Bit Edition Update for Microsoft SkyDrive Pro (KB2810019) 64-Bit Edition Update for Microsoft Visio 2013 (KB2810008) 64-Bit Edition Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition Update for Microsoft Word 2013 (KB2752073) 64-Bit Edition Update for Microsoft Word 2013 (KB2768007) 64-Bit Edition Update for Microsoft Word 2013 (KB2768337) 64-Bit Edition Update Installer for WildTangent Games App Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.98) Welcome App (Start-up experience) (Version: 12.0.14000) WildTangent Games (Version: 1.0.3.0) WildTangent Games App (Toshiba Games) (Version: 4.0.9.7) Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net (03/11/2013 10.0.0.234) (Version: 03/11/2013 10.0.0.234) Windows Driver Package - Qualcomm Atheros Communications Inc. Net (03/11/2013 10.0.0.234) (Version: 03/11/2013 10.0.0.234) XMedia Recode version 3.1.6.0 (Version: 3.1.6.0) Yontoo 2.053 (Version: 2.053) ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/08/2013 03:06:42 AM) (Source: System Restore) (User: ) Description: Failed to create restore point (Process = C:\windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80070422). Error: (06/07/2013 06:43:31 PM) (Source: ESENT) (User: ) Description: taskhostex (2080) WebCacheLocal: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Users\Heinz\AppData\Local\Microsoft\Windows\WebCache\V010000D.log. Error: (06/07/2013 06:01:35 PM) (Source: System Restore) (User: ) Description: Failed to create restore point (Process = C:\Users\Heinz\AppData\Local\Temp\{83B65863-2DD4-4E7E-BCEB-0745C73A3EB8}\setup.exe -removeonly /z "UNINSTALL" -media_path:"C:\Program Files (x86)\InstallShield Installation Information\{D4DE3DB4-7734-47E5-8D92-B80146311406}\" -tempdisk1folder:"C:\Users\Heinz\AppData\Local\Temp\{83B65863-2DD4-4E7E-BCEB-0745C73A3EB8}\"; Description = Removed Samsung Data Migration; Error = 0x80070422). Error: (06/07/2013 01:29:59 PM) (Source: .NET Runtime) (User: ) Description: .NET Runtime version 4.0.30319.18046 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 5764. Message ID: [0x2509]. Error: (06/07/2013 01:21:20 PM) (Source: .NET Runtime) (User: ) Description: .NET Runtime version 4.0.30319.18046 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 6608. Message ID: [0x2509]. Error: (06/07/2013 01:18:06 PM) (Source: .NET Runtime) (User: ) Description: .NET Runtime version 4.0.30319.18046 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 6288. Message ID: [0x2509]. Error: (06/07/2013 01:16:58 PM) (Source: .NET Runtime) (User: ) Description: .NET Runtime version 4.0.30319.18046 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 1064. Message ID: [0x2509]. Error: (06/07/2013 01:14:11 PM) (Source: .NET Runtime) (User: ) Description: .NET Runtime version 4.0.30319.18046 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 3348. Message ID: [0x2509]. Error: (06/07/2013 01:03:50 PM) (Source: ESENT) (User: ) Description: SearchIndexer (4228) Windows: The database engine stopped the instance (0) with error (-510). Internal Timing Sequence: [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.016, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000, [11] 0.000, [12] 0.000, [13] 0.000, [14] 0.000, [15] 0.000. Error: (06/07/2013 01:03:50 PM) (Source: Windows Search Service) (User: ) Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt. Details: The content index catalog is corrupt. 0xc0041801 (0xc0041801) System errors: ============= Error: (06/07/2013 06:43:27 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY) Description: 0xc000014d0 Error: (06/07/2013 02:18:31 PM) (Source: Service Control Manager) (User: ) Description: The McAfee Boot Delay Start Service service failed to start due to the following error: %%2 Error: (06/07/2013 02:18:27 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY) Description: 0xc000014d0 Error: (06/07/2013 02:12:45 PM) (Source: Service Control Manager) (User: ) Description: The McAfee Boot Delay Start Service service failed to start due to the following error: %%2 Error: (06/07/2013 02:12:42 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY) Description: 0xc000014d0 Error: (06/07/2013 01:26:20 PM) (Source: Service Control Manager) (User: ) Description: The McAfee Boot Delay Start Service service failed to start due to the following error: %%2 Error: (06/07/2013 01:26:17 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY) Description: 0xc000014d0 Error: (06/07/2013 01:02:43 PM) (Source: Service Control Manager) (User: ) Description: The McAfee Boot Delay Start Service service failed to start due to the following error: %%2 Error: (06/07/2013 01:02:42 PM) (Source: BugCheck) (User: ) Description: 0x00000024 (0x000000b50019060b, 0xfffff8801aa2faf8, 0xfffff8801aa2f330, 0xfffff88001858b7c)C:\windows\MEMORY.DMP060713-4875-01 Error: (06/07/2013 01:02:41 PM) (Source: EventLog) (User: ) Description: The previous system shutdown at 12:49:52 PM on ?6/?7/?2013 was unexpected. Microsoft Office Sessions: ========================= Error: (06/08/2013 03:06:42 AM) (Source: System Restore)(User: ) Description: C:\windows\system32\srtasks.exe ExecuteScheduledSPPCreationScheduled Checkpoint0x80070422 Error: (06/07/2013 06:43:31 PM) (Source: ESENT)(User: ) Description: taskhostex2080WebCacheLocal: C:\Users\Heinz\AppData\Local\Microsoft\Windows\WebCache\V010000D.log-1811 (0xfffff8ed) Error: (06/07/2013 06:01:35 PM) (Source: System Restore)(User: ) Description: C:\Users\Heinz\AppData\Local\Temp\{83B65863-2DD4-4E7E-BCEB-0745C73A3EB8}\setup.exe -removeonly /z "UNINSTALL" -media_path:"C:\Program Files (x86)\InstallShield Installation Information\{D4DE3DB4-7734-47E5-8D92-B80146311406}\" -tempdisk1folder:"C:\Users\Heinz\AppData\Local\Temp\{83B65863-2DD4-4E7E-BCEB-0745C73A3EB8}\"Removed Samsung Data Migration0x80070422 Error: (06/07/2013 01:29:59 PM) (Source: .NET Runtime)(User: ) Description: .NET Runtime version 4.0.30319.18046 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 5764. Message ID: [0x2509]. Error: (06/07/2013 01:21:20 PM) (Source: .NET Runtime)(User: ) Description: .NET Runtime version 4.0.30319.18046 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 6608. Message ID: [0x2509]. Error: (06/07/2013 01:18:06 PM) (Source: .NET Runtime)(User: ) Description: .NET Runtime version 4.0.30319.18046 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 6288. Message ID: [0x2509]. Error: (06/07/2013 01:16:58 PM) (Source: .NET Runtime)(User: ) Description: .NET Runtime version 4.0.30319.18046 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 1064. Message ID: [0x2509]. Error: (06/07/2013 01:14:11 PM) (Source: .NET Runtime)(User: ) Description: .NET Runtime version 4.0.30319.18046 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 3348. Message ID: [0x2509]. Error: (06/07/2013 01:03:50 PM) (Source: ESENT)(User: ) Description: SearchIndexer4228Windows: 0-510[1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.016, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000, [11] 0.000, [12] 0.000, [13] 0.000, [14] 0.000, [15] 0.000. Error: (06/07/2013 01:03:50 PM) (Source: Windows Search Service)(User: ) Description: Details: The content index catalog is corrupt. 0xc0041801 (0xc0041801) The catalog is corrupt ==================== Memory info =========================== Percentage of memory in use: 22% Total physical RAM: 8143.22 MB Available physical RAM: 6306.03 MB Total Pagefile: 16335.22 MB Available Pagefile: 14211.86 MB Total Virtual: 8192 MB Available Virtual: 8191.76 MB ==================== Drives ================================ Drive c: (System) (Fixed) (Total:124.24 GB) (Free:80.11 GB) NTFS (Disk=0 Partition=4) Drive e: (Daten) (Fixed) (Total:89.61 GB) (Free:35.81 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 238 GB) (Disk ID: 6D00BD82) Partition: GPT Partition Type ==================== End Of Log ============================ Ich bin zwar froh, würde aber trotzdem gerne wissen wieso das was gebracht hat (also ob Sie sich daraus einen Reim machen können wo das Problem lag). Aber trotzdem  |
|
08.06.2013, 13:00
| #15 |
| /// the machine /// TB-Ausbilder | Windows System immer bei 20% Systemauslastung, Virus vermutet Teste das mal, die Logs sind sauber
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows System immer bei 20% Systemauslastung, Virus vermutet |
| acrobat update, auslastung, avast, avast!, dateien, einfach, erklären, freeware, https, keinerlei, laufe, laufen, maleware, malewarebytes, nichts, problem, programm, system, systemauslastung, verdächtige, vermute, vermutet, version, virenprogramm, virus, weiterhelfen, windows, windows system |
Linear-Darstellung
