FRST 2: Code:
2015-01-08 14:07 - 2009-04-11 07:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\wshext.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\msctfp.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\iassvcs.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\propdefs.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\iashlpr.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\SLUINotify.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\xmlfilter.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingProxy.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msstrc.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\rtffilt.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\msscb.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\wsepno.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\hidserv.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\spcmsg.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2015-01-08 14:07 - 2009-04-11 07:28 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\fdBthProxy.dll
2015-01-08 14:07 - 2009-04-11 07:27 - 01122304 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2015-01-08 14:07 - 2009-04-11 07:27 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2015-01-08 14:07 - 2009-04-11 07:27 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2015-01-08 14:07 - 2009-04-11 07:27 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2015-01-08 14:07 - 2009-04-11 07:27 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2015-01-08 14:07 - 2009-04-11 07:27 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2015-01-08 14:07 - 2009-04-11 07:27 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2015-01-08 14:07 - 2009-04-11 07:27 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-01-08 14:07 - 2009-04-11 07:27 - 00241128 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2015-01-08 14:07 - 2009-04-11 07:27 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
2015-01-08 14:07 - 2009-04-11 07:27 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2015-01-08 14:07 - 2009-04-11 07:27 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-01-08 14:07 - 2009-04-11 07:27 - 00130024 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2015-01-08 14:07 - 2009-04-11 07:27 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2015-01-08 14:07 - 2009-04-11 07:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
2015-01-08 14:07 - 2009-04-11 07:27 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-08 14:07 - 2009-04-11 07:27 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2015-01-08 14:07 - 2009-04-11 07:27 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-01-08 14:07 - 2009-04-11 07:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\reg.exe
2015-01-08 14:07 - 2009-04-11 07:27 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
2015-01-08 14:07 - 2009-04-11 07:27 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\compcln.exe
2015-01-08 14:07 - 2009-04-11 07:27 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-01-08 14:07 - 2009-04-11 07:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2015-01-08 14:07 - 2009-04-11 07:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2015-01-08 14:07 - 2009-04-11 07:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2015-01-08 14:07 - 2009-04-11 07:22 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2015-01-08 14:07 - 2009-04-11 07:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2015-01-08 14:07 - 2009-04-11 07:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2015-01-08 14:07 - 2009-04-11 05:48 - 00344698 _____ () C:\Windows\system32\eaphost.tmf
2015-01-08 14:07 - 2009-04-11 05:45 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2015-01-08 14:07 - 2009-04-11 05:43 - 00392170 _____ () C:\Windows\system32\onex.tmf
2015-01-08 14:07 - 2009-04-11 05:14 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2015-01-08 14:07 - 2009-04-11 05:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-08 14:07 - 2009-02-18 19:39 - 00092918 _____ () C:\Windows\system32\slmgr.vbs
2015-01-08 14:07 - 2009-02-18 19:38 - 00035168 _____ (Microsoft Corporation) C:\Windows\system32\infocardcpl.cpl
2015-01-08 14:06 - 2009-04-11 07:28 - 06103040 _____ (Microsoft Corporation) C:\Windows\system32\chtbrkr.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 03072000 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 02515968 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 02153472 _____ (Microsoft Corporation) C:\Windows\system32\oobefldr.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 01645568 _____ (Microsoft Corporation) C:\Windows\system32\connect.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 01224192 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 01152000 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00777216 _____ (Microsoft Corporation) C:\Windows\system32\slcc.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00657408 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2015-01-08 14:06 - 2009-04-11 07:28 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\pnpui.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00532992 _____ (Microsoft Corporation) C:\Windows\system32\wpcao.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00516608 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00481792 _____ (Microsoft Corporation) C:\Windows\system32\cmdial32.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\thawbrkr.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\modemui.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\SnippingTool.exe
2015-01-08 14:06 - 2009-04-11 07:28 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\mscandui.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\SLLUA.exe
2015-01-08 14:06 - 2009-04-11 07:28 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\rasmontr.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wpcsvc.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\dsprop.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\softkbd.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\ntmarta.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\dmsynth.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\dmusic.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\msctfui.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mstlsapi.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00083456 _____ (Microsoft) C:\Windows\system32\SMBHelperClass.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\wlgpclnt.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\PNPXAssoc.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\mpr.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Storprop.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\feclient.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\mmci.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\l2nacp.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\bthci.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\slcinst.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\networkitemfactory.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\TSTheme.exe
2015-01-08 14:06 - 2009-04-11 07:28 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\perfdisk.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\bitsigd.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\whealogr.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\msimtf.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\ifmon.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\uxsms.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\version.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\winrnr.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\NcdProp.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\MsCtfMonitor.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wscisvif.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\vdmdbg.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\midimap.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mmcico.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\spwinsat.dll
2015-01-08 14:06 - 2009-04-11 07:28 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\CHxReadingStringIME.dll
2015-01-08 14:06 - 2009-04-11 07:27 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2015-01-08 14:06 - 2009-04-11 07:27 - 01102848 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2015-01-08 14:06 - 2009-04-11 07:27 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00407040 _____ (Microsoft Corporation) C:\Windows\system32\dpapimig.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2015-01-08 14:06 - 2009-04-11 07:27 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\certreq.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2015-01-08 14:06 - 2009-04-11 07:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\gpresult.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2015-01-08 14:06 - 2009-04-11 07:27 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\hdwwiz.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\newdev.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\conime.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\cipher.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\cmmon32.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\csrstub.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cbsra.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\rekeywiz.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\bthudtask.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\PnPutil.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ipconfig.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEject.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\msacm32.drv
2015-01-08 14:06 - 2009-04-11 07:27 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\fc.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\rasdial.exe
2015-01-08 14:06 - 2009-04-11 07:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\gpupdate.exe
2015-01-08 14:06 - 2009-04-11 07:23 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2015-01-08 14:06 - 2009-04-11 07:23 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2015-01-08 14:06 - 2009-04-11 07:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2015-01-08 14:06 - 2009-04-11 06:42 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2015-01-08 14:06 - 2009-04-11 05:46 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2015-01-08 14:06 - 2009-04-11 05:46 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys
2015-01-08 14:06 - 2009-04-11 05:46 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys
2015-01-08 14:06 - 2009-04-11 05:46 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-01-08 14:06 - 2009-04-11 05:45 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-01-08 14:06 - 2009-04-11 05:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-08 14:06 - 2009-04-11 05:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2015-01-08 14:06 - 2009-04-11 05:45 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys
2015-01-08 14:06 - 2009-04-11 05:43 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2015-01-08 14:06 - 2009-04-11 05:43 - 00062208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ohci1394.sys
2015-01-08 14:06 - 2009-04-11 05:42 - 00052992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-01-08 14:06 - 2009-04-11 05:42 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
2015-01-08 14:06 - 2009-04-11 05:42 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys
2015-01-08 14:06 - 2009-04-11 05:39 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2015-01-08 14:06 - 2009-04-11 05:39 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-01-08 14:06 - 2009-04-11 05:39 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll
2015-01-08 14:06 - 2009-04-11 05:38 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2015-01-08 14:06 - 2009-04-11 05:27 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-01-08 14:06 - 2009-04-11 05:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys
2015-01-08 14:06 - 2009-04-11 05:22 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys
2015-01-08 14:06 - 2009-04-11 05:19 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-01-08 14:06 - 2009-04-11 05:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2015-01-08 14:06 - 2009-04-11 05:13 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-01-08 14:06 - 2009-04-11 05:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2015-01-08 14:06 - 2009-02-20 01:20 - 00009212 _____ () C:\Windows\system32\RacUR.xml
2015-01-08 14:05 - 2009-04-11 07:28 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2015-01-08 14:05 - 2009-04-11 07:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2015-01-08 14:05 - 2009-04-11 07:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\wdscore.dll
2015-01-08 14:05 - 2009-04-11 07:27 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2015-01-08 11:31 - 2009-11-08 10:55 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2015-01-08 11:31 - 2009-11-08 10:55 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2015-01-08 11:31 - 2009-11-08 10:55 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2015-01-08 11:31 - 2009-11-08 10:55 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2015-01-08 11:28 - 2010-09-06 17:20 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2015-01-08 11:28 - 2010-09-06 17:19 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-01-08 01:48 - 2015-01-08 01:48 - 00000000 ____D () C:\Windows\system32\WindowsPowerShell
2015-01-08 00:29 - 2008-05-27 05:59 - 00018904 _____ () C:\Windows\system32\StructuredQuerySchemaTrivial.bin
2015-01-08 00:29 - 2007-11-08 10:04 - 11967524 _____ () C:\Windows\system32\korwbrkr.lex
2015-01-08 00:21 - 2015-01-06 04:36 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-08 00:04 - 2015-01-08 00:05 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-07 23:43 - 2015-01-07 23:43 - 00278054 _____ () C:\Windows\msxml4-KB954430-deu.LOG
2015-01-07 23:43 - 2010-02-21 00:06 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll
2015-01-07 23:43 - 2010-02-21 00:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2015-01-07 23:43 - 2010-02-20 21:53 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-01-07 23:42 - 2015-01-07 23:42 - 00282896 _____ () C:\Windows\msxml4-KB973688-deu.LOG
2015-01-07 23:40 - 2009-10-09 22:56 - 01181696 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-07 23:40 - 2009-10-09 22:56 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-01-07 23:40 - 2009-10-09 22:56 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\winrscmd.dll
2015-01-07 23:40 - 2009-10-09 22:56 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-01-07 23:40 - 2009-10-09 22:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-01-07 23:40 - 2009-10-09 22:56 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\pwrshplugin.dll
2015-01-07 23:40 - 2009-10-09 22:56 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\winrs.exe
2015-01-07 23:40 - 2009-10-09 22:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\winrshost.exe
2015-01-07 23:40 - 2009-10-09 22:56 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2015-01-07 23:40 - 2009-10-09 22:56 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2015-01-07 23:40 - 2009-10-09 22:56 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\winrssrv.dll
2015-01-07 23:40 - 2009-10-09 22:56 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\winrsmgr.dll
2015-01-07 23:40 - 2009-10-09 22:55 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-07 23:40 - 2009-10-09 22:55 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\wecsvc.dll
2015-01-07 23:40 - 2009-10-09 22:55 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\wevtfwd.dll
2015-01-07 23:40 - 2009-10-09 22:55 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\wecutil.exe
2015-01-07 23:40 - 2009-10-09 22:55 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wecapi.dll
2015-01-07 23:40 - 2009-10-09 22:55 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2015-01-07 23:40 - 2009-08-01 07:27 - 00201184 _____ () C:\Windows\system32\winrm.vbs
2015-01-07 23:40 - 2009-07-16 18:30 - 00004675 _____ () C:\Windows\system32\wsmanconfig_schema.xml
2015-01-07 23:40 - 2009-07-16 18:30 - 00002426 _____ () C:\Windows\system32\WsmTxt.xsl
2015-01-07 23:38 - 2011-05-02 18:16 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-01-07 23:38 - 2011-03-10 18:03 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-01-07 23:38 - 2011-03-10 18:03 - 01136640 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-01-07 23:38 - 2011-02-18 15:03 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-01-07 23:36 - 2011-03-03 16:40 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\Apphlpdm.dll
2015-01-07 23:36 - 2011-03-03 14:35 - 04240384 _____ (Microsoft) C:\Windows\system32\GameUXLegacyGDFs.dll
2015-01-07 23:36 - 2010-12-28 16:55 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2015-01-07 23:36 - 2010-08-31 16:46 - 00954752 _____ (Microsoft Corporation) C:\Windows\system32\mfc40.dll
2015-01-07 23:36 - 2010-08-31 16:46 - 00954288 _____ (Microsoft Corporation) C:\Windows\system32\mfc40u.dll
2015-01-07 23:36 - 2010-08-26 17:34 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-01-07 23:36 - 2009-09-10 17:48 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-01-07 23:36 - 2009-07-10 12:47 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2015-01-07 23:35 - 2010-09-13 16:46 - 10628096 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-01-07 23:35 - 2010-09-13 14:56 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-01-07 23:35 - 2010-02-18 14:30 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-01-07 23:35 - 2010-02-18 12:28 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-01-07 23:35 - 2009-08-14 14:49 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\NETSTAT.EXE
2015-01-07 23:35 - 2009-08-14 14:49 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\ARP.EXE
2015-01-07 23:35 - 2009-08-14 14:49 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\ROUTE.EXE
2015-01-07 23:35 - 2009-08-14 14:49 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\MRINFO.EXE
2015-01-07 23:35 - 2009-08-14 14:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\finger.exe
2015-01-07 23:35 - 2009-08-14 14:49 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\TCPSVCS.EXE
2015-01-07 23:35 - 2009-08-14 14:49 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\HOSTNAME.EXE
2015-01-07 23:35 - 2009-08-14 14:48 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2015-01-07 23:35 - 2009-07-15 13:39 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-01-07 23:35 - 2009-07-15 13:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-01-07 23:35 - 2009-07-15 13:39 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-01-07 23:35 - 2009-06-15 15:54 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-01-07 23:35 - 2009-06-10 12:41 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2015-01-07 23:35 - 2009-04-11 07:27 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-07 23:35 - 2009-04-11 07:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-07 23:35 - 2009-04-11 05:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-07 23:34 - 2011-03-02 16:44 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-01-07 23:34 - 2011-03-02 16:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-01-07 23:34 - 2010-12-29 19:28 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2015-01-07 23:34 - 2010-12-29 19:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\sbeio.dll
2015-01-07 23:34 - 2010-12-29 19:26 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2015-01-07 23:34 - 2010-11-04 19:56 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2015-01-07 23:34 - 2010-11-04 19:55 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-01-07 23:34 - 2010-11-04 19:55 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2015-01-07 23:34 - 2010-11-04 19:55 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2015-01-07 23:34 - 2010-11-04 17:34 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-01-07 23:34 - 2010-08-20 17:05 - 00867328 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-01-07 23:34 - 2010-06-16 16:30 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-01-07 23:34 - 2009-07-11 20:01 - 00513536 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-01-07 23:34 - 2009-07-11 20:01 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2015-01-07 23:34 - 2009-07-11 20:01 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2015-01-07 23:34 - 2009-07-11 20:01 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2015-01-07 23:34 - 2009-07-11 18:03 - 02501921 _____ () C:\Windows\system32\wlan.tmf
2015-01-07 23:34 - 2009-07-11 18:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\L2SecHC.dll
2015-01-07 23:34 - 2009-06-15 15:52 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-01-07 23:34 - 2009-06-15 15:51 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-01-07 23:34 - 2009-05-04 10:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2015-01-07 23:34 - 2009-04-11 07:28 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2015-01-07 23:33 - 2011-07-06 16:31 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-01-07 23:33 - 2011-04-29 14:25 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-01-07 23:33 - 2011-04-29 14:25 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-01-07 23:33 - 2011-04-29 14:24 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-01-07 23:33 - 2011-04-29 14:24 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-01-07 23:33 - 2011-04-14 15:59 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2015-01-07 23:33 - 2011-02-22 14:23 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2015-01-07 23:33 - 2010-12-14 15:49 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2015-01-07 23:33 - 2010-08-26 17:37 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2015-01-07 23:33 - 2010-08-17 15:11 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-01-07 23:33 - 2010-06-28 18:00 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-01-07 23:33 - 2010-06-18 18:31 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2015-01-07 23:33 - 2010-05-27 21:08 - 00081920 _____ (Radius Inc.) C:\Windows\system32\iccvid.dll
2015-01-07 23:33 - 2010-04-05 18:02 - 00317952 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2015-01-07 23:33 - 2010-04-05 18:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2015-01-07 23:33 - 2010-01-21 16:05 - 00062464 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codeca.acm
2015-01-07 23:33 - 2009-12-04 19:30 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2015-01-07 23:33 - 2009-12-04 19:28 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\msvfw32.dll
2015-01-07 23:33 - 2009-12-04 19:28 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
2015-01-07 23:33 - 2009-12-04 19:28 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2015-01-07 23:33 - 2009-12-04 19:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2015-01-07 23:33 - 2009-12-04 19:28 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2015-01-07 23:33 - 2009-12-04 19:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2015-01-07 23:33 - 2009-12-04 19:27 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
2015-01-07 23:33 - 2009-10-23 18:10 - 00714240 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-01-07 23:33 - 2009-07-17 14:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\atl.dll
2015-01-07 23:33 - 2009-06-10 12:42 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2015-01-07 23:33 - 2009-04-11 07:27 - 00220672 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codecp.acm
2015-01-07 23:32 - 2009-09-10 15:58 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\unregmp2.exe
2015-01-07 23:31 - 2010-01-25 13:00 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-01-07 23:31 - 2010-01-25 13:00 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-01-07 23:31 - 2010-01-25 13:00 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-01-07 23:31 - 2010-01-25 13:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-01-07 23:31 - 2010-01-25 12:58 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-01-07 23:31 - 2010-01-25 09:21 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-01-07 23:31 - 2010-01-25 09:21 - 00518144 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-01-07 23:31 - 2010-01-25 09:21 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-01-07 23:31 - 2010-01-25 09:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-01-07 23:31 - 2009-07-15 13:39 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2015-01-07 23:31 - 2009-07-15 11:21 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.tlb
2015-01-07 23:31 - 2009-07-15 11:21 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\amcompat.tlb
2015-01-07 23:18 - 2015-01-07 23:24 - 00000000 ____D () C:\Users\***\AppData\Local\Microsoft Games
2015-01-07 23:18 - 2010-12-17 14:54 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-01-07 23:18 - 2010-01-13 18:34 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2015-01-07 23:18 - 2009-12-08 18:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-01-07 23:18 - 2009-10-07 12:36 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-01-07 23:18 - 2009-09-04 12:41 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2015-01-07 23:18 - 2009-08-10 13:35 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-01-07 23:18 - 2009-05-08 13:53 - 00604672 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2015-01-07 23:18 - 2009-04-11 07:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-01-07 23:18 - 2009-04-11 07:28 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tscupgrd.exe
2015-01-07 23:18 - 2009-04-11 07:28 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-01-07 22:52 - 2015-01-09 15:34 - 00000000 ____D () C:\Users\***\AppData\Local\Adobe
2015-01-07 22:27 - 2015-01-07 22:27 - 00000000 ____D () C:\Users\***\AppData\Roaming\AVAST Software
2015-01-07 22:26 - 2015-01-08 13:34 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-01-07 22:26 - 2015-01-08 13:34 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-01-07 22:26 - 2015-01-08 13:33 - 00070384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-01-07 22:26 - 2015-01-07 22:26 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-01-07 22:26 - 2015-01-07 22:26 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-01-07 22:26 - 2015-01-07 22:26 - 00057928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2015-01-07 22:26 - 2015-01-07 22:26 - 00055240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2015-01-07 22:26 - 2015-01-07 22:26 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-01-07 22:26 - 2015-01-07 22:26 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-01-07 22:26 - 2015-01-07 22:26 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-01-07 22:26 - 2015-01-07 22:26 - 00001876 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-01-07 22:26 - 2015-01-07 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-01-07 22:25 - 2015-01-07 22:25 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-07 22:25 - 2015-01-07 22:25 - 00000000 ____D () C:\Program Files\AVAST Software
2015-01-07 22:19 - 2014-11-30 20:27 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\***\Desktop\spybot-2.4.exe
2015-01-07 22:03 - 2015-01-07 22:03 - 00000000 ____D () C:\Users\***\AppData\Roaming\ATI
2015-01-07 22:03 - 2015-01-07 22:03 - 00000000 ____D () C:\Users\***\AppData\Local\Toshiba
2015-01-07 22:03 - 2015-01-07 22:03 - 00000000 ____D () C:\Users\***\AppData\Local\Google
2015-01-07 22:03 - 2015-01-07 22:03 - 00000000 ____D () C:\Users\***\AppData\Local\ATI
2015-01-07 22:03 - 2015-01-07 22:03 - 00000000 ____D () C:\ProgramData\ATI
2015-01-07 22:02 - 2015-01-09 12:43 - 00083288 _____ () C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-07 22:02 - 2015-01-08 21:29 - 00000949 _____ () C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-01-07 22:02 - 2015-01-08 17:48 - 00000954 _____ () C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-07 22:02 - 2015-01-07 22:02 - 00000000 ____D () C:\Program Files\Jumpstart
2015-01-07 22:02 - 2007-08-31 17:43 - 00020352 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\jswpslwf.sys
2015-01-07 22:01 - 2015-01-08 14:34 - 00000920 _____ () C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2015-01-07 22:01 - 2015-01-07 22:02 - 00000000 ____D () C:\Users\***\AppData\Local\VirtualStore
2015-01-07 22:00 - 2015-01-07 22:02 - 00000000 ____D () C:\ProgramData\Atheros
2015-01-07 22:00 - 2015-01-07 22:01 - 00000000 ____D () C:\Program Files\Atheros
2015-01-07 22:00 - 2015-01-07 22:00 - 00000000 ____D () C:\Windows\system32\nn-NO
2015-01-07 22:00 - 2008-04-18 00:54 - 00909824 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athr.sys
2015-01-07 22:00 - 2008-04-14 02:30 - 00376832 _____ (Atheros) C:\Windows\system32\S64CPA.exe
2015-01-07 22:00 - 2008-04-14 02:30 - 00053248 _____ (Atheros) C:\Windows\system32\athihvui.dll
2015-01-07 22:00 - 2008-04-14 02:29 - 00393216 _____ (Atheros) C:\Windows\system32\athihvs.dll
2015-01-07 21:59 - 2015-01-07 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA DVD PLAYER
2015-01-07 21:59 - 2015-01-07 22:00 - 00000000 ____D () C:\Program Files\Common Files\Toshiba Shared
2015-01-07 21:59 - 2015-01-07 21:59 - 00030502 _____ () C:\Windows\DirectX.log
2015-01-07 21:59 - 2008-07-18 18:52 - 00279376 _____ (TOSHIBA Corporation) C:\Windows\system32\Drivers\tos_sps32.sys
2015-01-07 21:59 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-01-07 21:58 - 2015-01-07 21:58 - 00000000 ____D () C:\Users\***\AppData\Roaming\InstallShield
2015-01-07 21:56 - 2015-01-10 19:03 - 00000000 ____D () C:\Users\***
2015-01-07 21:56 - 2015-01-07 21:56 - 00000020 ___SH () C:\Users\***\ntuser.ini
2015-01-07 21:56 - 2015-01-07 21:56 - 00000000 _SHDL () C:\Users\***\Startmenü
2015-01-07 21:56 - 2015-01-07 21:56 - 00000000 _SHDL () C:\Users\***\Netzwerkumgebung
2015-01-07 21:56 - 2015-01-07 21:56 - 00000000 _SHDL () C:\Users\***\Druckumgebung
2015-01-07 21:56 - 2015-01-07 21:56 - 00000000 _SHDL () C:\Users\***\Documents\Eigene Musik
2015-01-07 21:56 - 2015-01-07 21:56 - 00000000 _SHDL () C:\Users\***\Documents\Eigene Bilder
2015-01-07 21:56 - 2015-01-07 21:56 - 00000000 _SHDL () C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-07 21:56 - 2015-01-07 21:56 - 00000000 _SHDL () C:\Users\***\AppData\Local\Verlauf
2015-01-07 21:56 - 2015-01-07 21:56 - 00000000 ____D () C:\ProgramData\ToshibaEurope
2015-01-07 21:56 - 2008-01-21 03:42 - 00000000 ___RD () C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-07 21:56 - 2008-01-21 03:42 - 00000000 ___RD () C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-07 21:52 - 2015-01-07 21:52 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-01-07 21:52 - 2015-01-07 21:52 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-01-07 21:52 - 2015-01-07 21:52 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-01-07 21:52 - 2015-01-07 21:52 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-01-07 21:52 - 2015-01-07 21:52 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-01-07 21:52 - 2015-01-07 21:52 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-01-07 21:52 - 2015-01-07 21:52 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-01-07 21:52 - 2015-01-07 21:52 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-07 21:52 - 2015-01-07 21:52 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-01-07 21:52 - 2015-01-07 21:52 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-01-07 21:52 - 2015-01-07 21:52 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-01-07 21:52 - 2015-01-07 21:52 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-07 21:52 - 2015-01-07 21:52 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-01-07 21:52 - 2015-01-07 21:52 - 00000000 _SHDL () C:\Programme
2015-01-07 21:52 - 2015-01-07 21:52 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-01-07 21:52 - 2015-01-07 21:52 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-01-07 21:52 - 2015-01-07 21:52 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-01-07 19:48 - 2015-01-07 19:48 - 00000000 __RSH () C:\Windows\system32\Drivers\TOSHIBA_Satellite A300_08011-GR_PSAGCE-08D01.MRK
2015-01-07 19:47 - 2015-01-07 19:47 - 00000000 _____ () C:\Windows\ativpsrm.bin
2015-01-07 19:45 - 2015-01-07 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera Assistant Software
2015-01-07 19:45 - 2015-01-07 19:45 - 00000000 ____D () C:\Program Files\Camera Assistant Software for Toshiba
2015-01-07 19:45 - 2007-12-17 11:45 - 00018432 _____ (Chicony Electronics Co., Ltd.) C:\Windows\system32\Drivers\UVCFTR_S.SYS
2015-01-07 19:44 - 2015-01-07 19:44 - 00000000 ____D () C:\Program Files\Realtek
2015-01-07 19:44 - 2008-04-15 09:05 - 00118784 _____ (Realtek Corporation ) C:\Windows\system32\Drivers\Rtlh86.sys
2015-01-07 19:44 - 2008-04-09 17:00 - 02095512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2015-01-07 19:44 - 2008-04-09 10:15 - 00694272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2015-01-07 19:44 - 2008-04-08 14:14 - 06037504 _____ (Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
2015-01-07 19:44 - 2008-03-28 13:36 - 00140288 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\FMAPO.dll
2015-01-07 19:44 - 2008-03-28 09:59 - 00285216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2015-01-07 19:44 - 2008-03-05 17:07 - 00520192 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-01-07 19:44 - 2007-11-20 17:15 - 01826816 _____ (Realtek Semiconductor Corp.) C:\Windows\SkyTel.exe
2015-01-07 19:44 - 2007-11-14 14:18 - 00000553 _____ () C:\Windows\USetup.iss
2015-01-07 19:44 - 2007-11-13 11:35 - 00532480 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2015-01-07 19:44 - 2007-07-30 17:26 - 00126976 _____ (Waves Audio Ltd.) C:\Windows\system32\maxxaudioapo.dll
2015-01-07 19:44 - 2007-07-25 08:33 - 00135168 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2015-01-07 19:44 - 2007-05-17 10:26 - 00185776 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2015-01-07 19:44 - 2007-04-16 16:09 - 00167936 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2015-01-07 19:44 - 2006-12-13 09:30 - 00339968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2015-01-07 19:43 - 2015-01-07 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2015-01-07 19:43 - 2015-01-07 19:43 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-01-07 19:43 - 2015-01-07 19:43 - 00000000 ____D () C:\Program Files\ATI
2015-01-07 19:41 - 2015-01-10 19:04 - 02083936 _____ () C:\Windows\WindowsUpdate.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-10 19:01 - 2006-11-02 13:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-10 19:01 - 2006-11-02 13:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-10 19:00 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-09 18:15 - 2006-11-02 14:01 - 00017150 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-09 12:46 - 2008-01-21 08:16 - 01565124 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-09 12:38 - 2008-01-21 03:47 - 00064014 _____ () C:\Windows\PFRO.log
2015-01-09 00:42 - 2008-07-03 14:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-09 00:37 - 2008-07-03 14:01 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-01-09 00:26 - 2008-07-03 09:50 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-01-09 00:09 - 2006-11-02 13:47 - 00320944 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-09 00:05 - 2008-07-03 14:10 - 00001063 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works-Start.lnk
2015-01-09 00:05 - 2008-07-03 14:10 - 00001051 _____ () C:\Users\Public\Desktop\Microsoft Works.lnk
2015-01-09 00:05 - 2008-07-03 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2015-01-09 00:05 - 2008-07-03 14:04 - 00000000 ____D () C:\Program Files\Microsoft Works
2015-01-09 00:00 - 2006-11-02 12:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-01-08 21:54 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2015-01-08 21:34 - 2008-07-03 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-01-08 19:09 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-08 17:37 - 2008-01-21 08:15 - 00000000 ____D () C:\Windows\system32\Drivers\de-DE
2015-01-08 17:37 - 2006-11-02 13:37 - 00000000 ____D () C:\Windows\system32\XPSViewer
2015-01-08 17:37 - 2006-11-02 13:37 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ___RD () C:\Windows\Offline Web Pages
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\zh-TW
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\zh-CN
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\uk-UA
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\th-TH
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\sv-SE
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\sl-SI
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\sk-SK
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\ru-RU
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\ro-RO
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\pt-PT
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\pt-BR
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\pl-PL
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\nl-NL
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\nb-NO
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\lv-LV
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\lt-LT
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\ko-KR
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\ja-JP
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\it-IT
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\hu-HU
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\hr-HR
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\he-IL
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\fr-FR
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\fi-FI
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\et-EE
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\el-GR
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\de-DE
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\bg-BG
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-01-08 17:37 - 2006-11-02 12:18 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-08 17:36 - 2008-07-03 09:51 - 00000000 ____D () C:\Windows\system32\RTCOM
2015-01-08 16:19 - 2006-11-02 07:32 - 00008798 _____ () C:\Windows\system32\icrav03.rat
2015-01-08 16:19 - 2006-11-02 07:32 - 00001988 _____ () C:\Windows\system32\ticrf.rat
2015-01-08 14:38 - 2006-11-02 13:50 - 00001661 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-01-08 14:26 - 2006-11-02 13:37 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-01-08 14:26 - 2006-11-02 13:37 - 00000000 ____D () C:\Program Files\Windows Photo Gallery
2015-01-08 14:26 - 2006-11-02 13:37 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-08 14:26 - 2006-11-02 13:37 - 00000000 ____D () C:\Program Files\Windows Collaboration
2015-01-08 14:26 - 2006-11-02 13:37 - 00000000 ____D () C:\Program Files\Windows Calendar
2015-01-08 14:26 - 2006-11-02 13:37 - 00000000 ____D () C:\Program Files\Movie Maker
2015-01-08 14:26 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\IME
2015-01-08 14:25 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\SLUI
2015-01-08 14:25 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-01-08 11:51 - 2008-07-03 14:03 - 00000000 ____D () C:\Program Files\Microsoft.NET
2015-01-08 01:48 - 2006-11-02 12:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-08 01:04 - 2008-07-03 10:17 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-01-08 01:04 - 2008-07-03 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
2015-01-07 23:00 - 2008-07-03 10:25 - 00000000 ____D () C:\Program Files\Google
2015-01-07 22:53 - 2008-07-03 10:24 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-07 22:51 - 2008-07-03 10:27 - 00000000 ____D () C:\Windows\system32\MAGIX
2015-01-07 22:51 - 2008-07-03 10:27 - 00000000 ____D () C:\Program Files\MAGIX
2015-01-07 22:50 - 2008-07-03 10:28 - 00000000 ____D () C:\ProgramData\MAGIX
2015-01-07 22:49 - 2008-07-03 10:25 - 00000000 ____D () C:\ProgramData\Google
2015-01-07 22:20 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\config\Journal
2015-01-07 22:12 - 2006-11-02 12:18 - 00000000 ___RD () C:\Users\Public
2015-01-07 22:03 - 2008-07-03 07:42 - 00000000 ____D () C:\Toshiba
2015-01-07 21:59 - 2008-07-03 10:13 - 00000000 ____D () C:\ProgramData\Toshiba
2015-01-07 21:59 - 2008-07-03 10:00 - 00000000 ____D () C:\Program Files\Toshiba
2015-01-07 21:52 - 2006-11-02 12:18 - 00000000 __RHD () C:\Users\Default
2015-01-07 21:52 - 2006-11-02 12:18 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-07 19:49 - 2006-11-02 13:37 - 00000000 ____D () C:\Windows\system32\restore
2015-01-07 19:48 - 2008-07-03 10:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2015-01-07 19:47 - 2008-07-03 08:37 - 00000000 ____D () C:\Windows\Panther
2015-01-07 19:45 - 2008-07-03 10:14 - 00000000 ____D () C:\Windows\system32\tr
2015-01-07 19:45 - 2008-07-03 10:14 - 00000000 ____D () C:\Windows\system32\sv
2015-01-07 19:45 - 2008-07-03 10:14 - 00000000 ____D () C:\Windows\system32\sk
2015-01-07 19:45 - 2008-07-03 10:14 - 00000000 ____D () C:\Windows\system32\ru
2015-01-07 19:45 - 2008-07-03 10:14 - 00000000 ____D () C:\Windows\system32\pt
2015-01-07 19:45 - 2008-07-03 10:14 - 00000000 ____D () C:\Windows\system32\pl
2015-01-07 19:45 - 2008-07-03 10:14 - 00000000 ____D () C:\Windows\system32\no
2015-01-07 19:45 - 2008-07-03 10:14 - 00000000 ____D () C:\Windows\system32\nl
2015-01-07 19:45 - 2008-07-03 10:14 - 00000000 ____D () C:\Windows\system32\it
2015-01-07 19:45 - 2008-07-03 10:14 - 00000000 ____D () C:\Windows\system32\hu
2015-01-07 19:45 - 2008-07-03 10:14 - 00000000 ____D () C:\Windows\system32\fr
2015-01-07 19:45 - 2008-07-03 10:14 - 00000000 ____D () C:\Windows\system32\fi
2015-01-07 19:45 - 2008-07-03 10:14 - 00000000 ____D () C:\Windows\system32\es
2015-01-07 19:45 - 2008-07-03 10:14 - 00000000 ____D () C:\Windows\system32\el
2015-01-07 19:45 - 2008-07-03 10:14 - 00000000 ____D () C:\Windows\system32\da
2015-01-07 19:45 - 2008-07-03 10:14 - 00000000 ____D () C:\Windows\system32\cs
2015-01-07 19:45 - 2008-01-21 08:15 - 00000000 ____D () C:\Windows\system32\de
2015-01-07 19:45 - 2006-11-02 13:52 - 00127249 _____ () C:\Windows\setupact.log
2015-01-07 19:44 - 2008-07-03 09:51 - 00319456 _____ (Microsoft Corporation) C:\Windows\DIFxAPI.dll
2015-01-07 19:44 - 2008-07-03 09:50 - 00000651 _____ () C:\RHDSetup.log
2015-01-07 19:42 - 2008-07-03 09:36 - 00000000 ____D () C:\Program Files\Intel
2015-01-07 19:42 - 2008-07-03 08:39 - 00008246 _____ () C:\Windows\TSSysprep.log
2015-01-07 19:39 - 2006-11-02 13:48 - 00006257 _____ () C:\Windows\DtcInstall.log
Some content of TEMP:
====================
C:\Users\***\AppData\Local\Temp\unwise.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-10 19:06
==================== End Of Log ============================
Addition: Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-01-2015
Ran by *** at 2015-01-10 19:05:58
Running from C:\Users\***\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.0 - Atheros)
Atheros Wi-Fi Protected Setup Library (HKLM\...\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}) (Version: - Atheros)
ATI Catalyst Install Manager (HKLM\...\{E257B0A7-3B49-4943-7455-F2E7B09137C8}) (Version: 3.0.664.0 - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2206 - AVAST Software)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v6.10.07.2(T) - TOSHIBA CORPORATION)
Camera Assistant Software for Toshiba (HKLM\...\{37C866E4-AA67-4725-9E95-A39968DD7960}) (Version: 1.7.193.0508L - Chicony Electronics Co.,Ltd.)
Catalyst Control Center - Branding (HKLM\...\{69E5255D-9D43-4CFF-8984-843ABD7753B7}) (Version: 1.00.0000 - ATI)
ccc-core-static (Version: 2008.0407.2139.36897 - Ihr Firmenname) Hidden
CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 2.02.03 - TOSHIBA)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Devil May Cry 3 Special Edition (HKLM\...\{D4A8FCAB-9D30-4509-A3F1-D0B7E1BE9F00}) (Version: 1.00.000 - CAPCOM)
DVD MovieFactory for TOSHIBA (HKLM\...\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}) (Version: 5.51 - Ulead Systems, Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
myphotobook 3.5 (HKLM\...\myphotobook) (Version: 3.5 - myphotobook)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5599 - Realtek Semiconductor Corp.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.54.02 - )
Skins (Version: 2008.0407.2139.36897 - ATI) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.1.8.0 - Synaptics)
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.04 - TOSHIBA)
TOSHIBA Benutzerhandbücher (HKLM\...\{1C971EE3-B4C4-4367-9676-57549919C6CE}) (Version: 7.40 - TOSHIBA)
TOSHIBA ConfigFree (HKLM\...\{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}) (Version: 7.2.13 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.0.1.3 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 1.31.14 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - Toshiba)
TOSHIBA Face Recognition (HKLM\...\InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}) (Version: 2.0.2.32 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM\...\{2883F6F5-0509-43F3-868C-D50330DD9DD3}) (Version: 2.00.08 - )
Toshiba Online Product Information (HKLM\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 1.00.0012 - TOSHIBA)
TOSHIBA Recovery Disc Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.0.0.1b - TOSHIBA)
TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.8.1.3 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM\...\{4B1E87C3-00DE-4898-8E39-E390AAEF2391}) (Version: 2.00.04 - )
Toshiba TEMPRO (HKLM\...\{03FAA727-E2B7-471C-AC41-2E1C7F29C7EA}) (Version: 1.1 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.1.19 - TOSHIBA Corporation)
TRDCReminder (HKLM\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0015 - TOSHIBA)
TRDCReminder (Version: 1.00.0015 - TOSHIBA) Hidden
TRORDCLauncher (HKLM\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: 1.0.0.1 - TOSHIBA)
TRORDCLauncher (Version: 1.0.0.1 - TOSHIBA) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Media Encoder 9-Reihe (HKLM\...\Windows Media Encoder 9) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
08-01-2015 11:39:26 Windows Update
08-01-2015 11:49:59 Windows Update
08-01-2015 13:27:10 Windows Update
08-01-2015 13:38:11 Windows Update
08-01-2015 14:09:47 Windows Update
08-01-2015 14:37:11 Windows Update
08-01-2015 15:23:21 Windows Update
08-01-2015 17:25:49 Windows Update
08-01-2015 17:59:28 Windows Update
08-01-2015 21:20:13 Gerätetreiber-Paketinstallation: Elaborate Bytes AG Speichercontroller
08-01-2015 21:31:34 Configured Microsoft Office Home and Student 2007
08-01-2015 23:56:01 Windows Update
09-01-2015 00:25:42 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {CCB11445-EF08-422D-8201-53B75EB43832} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-07] (AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Loaded Modules (whitelisted) =============
2015-01-09 12:45 - 2015-01-09 12:45 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010900\algo.dll
2008-04-24 18:25 - 2008-04-24 18:25 - 00126976 _____ () C:\Windows\system32\SmartFaceVCtrl.dll
2008-04-24 18:25 - 2008-04-24 18:25 - 06701056 _____ () C:\Windows\system32\FaceHI.dll
2008-04-24 18:25 - 2008-04-24 18:25 - 00995328 _____ () C:\Windows\system32\FaceRec.dll
2008-07-03 09:48 - 2008-04-07 20:59 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2008-03-06 10:14 - 2008-03-06 10:14 - 05121912 _____ () C:\Program Files\Toshiba\FlashCards\BlackPng.dll
2007-12-14 21:40 - 2007-12-14 21:40 - 00090112 _____ () C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
2008-07-03 10:13 - 2006-10-10 10:44 - 00009728 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2007-12-25 12:03 - 2007-12-25 12:03 - 00015184 _____ () C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
2006-10-07 11:57 - 2006-10-07 11:57 - 00053248 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2015-01-07 22:26 - 2015-01-07 22:26 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\***\Desktop\spybot-2.4.exe:BDU
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Camera Assistant Software => "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
MSCONFIG\startupreg: Google EULA Launcher => c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA
MSCONFIG\startupreg: topi => C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup
MSCONFIG\startupreg: Toshiba Registration => C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
MSCONFIG\startupreg: Toshiba TEMPO => C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-2564636308-856618226-1616705740-500 - Administrator - Disabled)
Gast (S-1-5-21-2564636308-856618226-1616705740-501 - Limited - Disabled)
*** (S-1-5-21-2564636308-856618226-1616705740-1000 - Administrator - Enabled) => C:\Users\***
*** (S-1-5-21-2564636308-856618226-1616705740-1001 - Limited - Enabled) => C:\Users\***
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/10/2015 07:01:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/09/2015 06:15:34 PM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (01/09/2015 00:39:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/09/2015 01:09:32 AM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (01/09/2015 00:10:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/09/2015 00:07:04 AM) (Source: EventSystem) (EventID: 4621) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}
Error: (01/09/2015 00:02:50 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\USERS\***\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\5GV7ZUGN.DEFAULT\SAFEBROWSING-TO_DELETE> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (01/08/2015 09:31:34 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {85bea5f3-f716-4719-8262-3780f6576300}
Error: (01/08/2015 06:30:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16599, Zeitstempel 0x5473964b, fehlerhaftes Modul OLEAUT32.dll, Version 6.0.6002.19216, Zeitstempel 0x5441bd96, Ausnahmecode 0xc0000005, Fehleroffset 0x000042d8,
Prozess-ID 0x1558, Anwendungsstartzeit iexplore.exe0.
Error: (01/08/2015 06:16:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (01/10/2015 07:01:51 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\igfxext.exe -Embedding2{7160A13D-73DA-4CEA-95B9-37356478588A}
Error: (01/10/2015 07:01:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: TOSHIBA Bluetooth Service%%2
Error: (01/09/2015 00:43:34 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\igfxext.exe -Embedding2{7160A13D-73DA-4CEA-95B9-37356478588A}
Error: (01/09/2015 00:41:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {49BD2028-1523-11D1-AD79-00C04FD8FDFF}
Error: (01/09/2015 00:40:59 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\igfxext.exe -Embedding2{7160A13D-73DA-4CEA-95B9-37356478588A}
Error: (01/09/2015 00:39:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: TOSHIBA Bluetooth Service%%2
Error: (01/09/2015 00:42:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053
Error: (01/09/2015 00:42:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search
Error: (01/09/2015 00:41:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Search%%1053
Error: (01/09/2015 00:41:29 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Search
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2015-01-10 19:05:47.238
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-10 19:05:46.879
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-10 19:05:46.583
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-10 19:05:46.255
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-10 19:05:45.740
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-10 19:05:45.444
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-10 19:05:45.148
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-10 19:05:44.851
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-09 17:34:06.151
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-01-09 17:34:05.823
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz
Percentage of memory in use: 34%
Total physical RAM: 3069.06 MB
Available physical RAM: 2010.08 MB
Total Pagefile: 6340.39 MB
Available Pagefile: 5337.68 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.07 MB
==================== Drives ================================
Drive c: (Vista) (Fixed) (Total:116.21 GB) (Free:69.75 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Data) (Fixed) (Total:115.21 GB) (Free:105.29 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: FFD0FCF4)
Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Active) - (Size=116.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=115.2 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Gmer: Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-01-10 19:21:51
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_MK2552GSX rev.LV010M 232,89GB
Running: Gmer-19357.exe; Driver: C:\Users\***\AppData\Local\Temp\fgddapod.sys
---- System - GMER 2.1 ----
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwAddBootEntry [0x8F4B0AC4]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwAllocateVirtualMemory [0x8F56C0BA]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwAssignProcessToJobObject [0x8F4B15A2]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateEvent [0x8F4BD63C]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateEventPair [0x8F4BD688]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateIoCompletion [0x8F4BD822]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateMutant [0x8F4BD5AA]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwCreateSection [0x8F56C494]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateSemaphore [0x8F4BD5F2]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwCreateThread [0x8F56C724]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwCreateTimer [0x8F4BD7DC]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwDebugActiveProcess [0x8F4B2390]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwDeleteBootEntry [0x8F4B0B2A]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwDuplicateObject [0x8F4B5B86]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwLoadDriver [0x8F4B0716]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwMapViewOfSection [0x8F56C574]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwModifyBootEntry [0x8F4B0B90]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwNotifyChangeKey [0x8F4B5F7C]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwNotifyChangeMultipleKeys [0x8F4B2E78]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenEvent [0x8F4BD666]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenEventPair [0x8F4BD6AA]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenIoCompletion [0x8F4BD846]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenMutant [0x8F4BD5D0]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenProcess [0x8F4B547E]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenSection [0x8F4BD75A]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenSemaphore [0x8F4BD61A]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenThread [0x8F4B586A]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwOpenTimer [0x8F4BD800]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwProtectVirtualMemory [0x8F56C312]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwQueryObject [0x8F4B2CEC]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwQueueApcThread [0x8F4B2842]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetBootEntryOrder [0x8F4B0BF6]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetBootOptions [0x8F4B0C5C]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwSetContextThread [0x8F56C670]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetSystemInformation [0x8F4B07B0]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSetSystemPowerState [0x8F4B0982]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwShutdownSystem [0x8F4B0910]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSuspendProcess [0x8F4B255A]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSuspendThread [0x8F4B26BC]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwSystemDebugControl [0x8F4B0A0A]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwTerminateProcess [0x8F56C3E0]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwTerminateThread [0x8F4B21EA]
SSDT \SystemRoot\system32\drivers\aswSnx.sys ZwVdmControl [0x8F4B0CC2]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwWriteVirtualMemory [0x8F56C244]
SSDT \SystemRoot\system32\drivers\aswSP.sys ZwCreateThreadEx [0x8F56C80E]
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!KeSetEvent + 10D 824AF758 4 Bytes [C4, 0A, 4B, 8F]
.text ntkrnlpa.exe!KeSetEvent + 131 824AF77C 4 Bytes [BA, C0, 56, 8F]
.text ntkrnlpa.exe!KeSetEvent + 191 824AF7DC 4 Bytes [A2, 15, 4B, 8F]
.text ntkrnlpa.exe!KeSetEvent + 1D1 824AF81C 8 Bytes [3C, D6, 4B, 8F, 88, D6, 4B, ...]
.text ntkrnlpa.exe!KeSetEvent + 1DD 824AF828 4 Bytes [22, D8, 4B, 8F]
.text ...
PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 110 8263D00F 4 Bytes CALL 8F4B355F \SystemRoot\system32\drivers\aswSnx.sys
PAGE ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 121 82640C83 4 Bytes CALL 8F4B3575 \SystemRoot\system32\drivers\aswSnx.sys
.text C:\Windows\system32\DRIVERS\tos_sps32.sys section is writeable [0x8A94F480, 0x3C939, 0xE8000020]
.dsrt C:\Windows\system32\DRIVERS\tos_sps32.sys unknown last section [0x8A990900, 0x3CA, 0x48000040]
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x8E803000, 0x1FB0FA, 0xE8000020]
---- User code sections - GMER 2.1 ----
.text C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1840] kernel32.dll!SetUnhandledExceptionFilter 761DA9BD 8 Bytes [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP }
.text C:\Program Files\AVAST Software\Avast\avastui.exe[2148] kernel32.dll!SetUnhandledExceptionFilter 761DA9BD 8 Bytes [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP }
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.sys
AttachedDevice \Driver\tdx \Device\Udp aswTdi.sys
---- EOF - GMER 2.1 ----
|
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.