Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows System immer bei 20% Systemauslastung, Virus vermutet

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.06.2013, 18:10   #1
Trancegott
 
Windows System immer bei 20% Systemauslastung, Virus vermutet - Standard

Windows System immer bei 20% Systemauslastung, Virus vermutet



Hallo,
ich habe ein Problem mit meinem PC. Undzwar ist dieser vom System (auch wenn ich nichts mache) immer 15-20% ausgelastet.

Ich habe schon ein Virenprogramm (avast! in der Freeware Version) laufen lassen und einen Full-Scan mit MalewareBytes, welcher auch zu keinerlei verdächtigen Dateien führte.

Code:
ATTFilter
Process	CPU	Private Bytes	Working Set	PID	Description	Company Name
System Idle Process	73.81	0 K	20 K	0		
System	12.44	124 K	324 K	4		
 Interrupts	1.18	0 K	0 K	n/a	Hardware Interrupts and DPCs	
 smss.exe		296 K	1.044 K	392		
csrss.exe	< 0.01	2.256 K	6.772 K	624		
wininit.exe		1.184 K	3.968 K	708		
 services.exe		5.192 K	9.100 K	824		
  svchost.exe	0.01	3.732 K	9.872 K	948	Host Process for Windows Services	Microsoft Corporation
   WmiPrvSE.exe		3.020 K	7.452 K	3332		
   unsecapp.exe		1.704 K	5.152 K	4108		
   dllhost.exe		2.240 K	7.164 K	6744		
   LiveComm.exe	Suspended	4.472 K	4.908 K	7472	Communications Service	Microsoft Corporation
   RuntimeBroker.exe		2.168 K	5.632 K	6800	Runtime Broker	Microsoft Corporation
   NotiMan.exe		1.448 K	5.276 K	5664	Notification Manager	Creative Technology Ltd.
  svchost.exe		5.244 K	8.872 K	140	Host Process for Windows Services	Microsoft Corporation
  atiesrxx.exe		912 K	2.928 K	336	AMD External Events Service Module	AMD
   atieclxx.exe		2.304 K	7.164 K	3952		
  svchost.exe	< 0.01	20.188 K	29.020 K	404	Host Process for Windows Services	Microsoft Corporation
  svchost.exe		24.976 K	41.656 K	424	Host Process for Windows Services	Microsoft Corporation
  svchost.exe	< 0.01	12.036 K	20.808 K	316	Host Process for Windows Services	Microsoft Corporation
  svchost.exe		13.620 K	31.572 K	1112	Host Process for Windows Services	Microsoft Corporation
   dasHost.exe		5.232 K	14.072 K	2996		
  CTAudSvc.exe		1.236 K	4.124 K	1304	Creative Audio Service	Creative Technology Ltd
  ClassicShellService.exe		812 K	3.284 K	1352	Classic Shell Service	IvoSoft
   ClassicStartMenu.exe		4.140 K	7.996 K	3324	Classic Start Menu	IvoSoft
  RTKAUDIOSERVICE64.EXE		1.492 K	4.872 K	1376	Realtek Audio Service	Realtek Semiconductor
   RAVBg64.exe		4.692 K	9.864 K	4496		
  svchost.exe		14.200 K	18.312 K	1432	Host Process for Windows Services	Microsoft Corporation
  AvastSvc.exe	0.24	101.416 K	5.596 K	1500	avast! Service	AVAST Software
  GFNEXSrv.exe	< 0.01	1.860 K	5.952 K	1592	GFNEXSrv	
  spoolsv.exe		5.156 K	13.596 K	1728	Spooler SubSystem App	Microsoft Corporation
  svchost.exe		23.356 K	25.744 K	1896	Host Process for Windows Services	Microsoft Corporation
  armsvc.exe		1.120 K	3.868 K	2388	Adobe Acrobat Update Service	Adobe Systems Incorporated
  HeciServer.exe		1.340 K	5.116 K	2508	Intel(R) Capability Licensing Service Interface	Intel(R) Corporation
  Jhi_service.exe		1.108 K	4.316 K	2560	Intel(R) Dynamic Application Loader Host Interface	Intel Corporation
  svchost.exe		2.896 K	9.016 K	2720	Host Process for Windows Services	Microsoft Corporation
  TODDSrv.exe	< 0.01	1.484 K	4.632 K	2848	TDCSrv Application	TOSHIBA Corporation
  Y2Desktop.Updater.exe	< 0.01	13.888 K	13.368 K	2964	Y2Desktop.Updater	Microsoft
  TecoService.exe	0.03	2.856 K	8.564 K	3184	TOSHIBA eco Utility Service	TOSHIBA Corporation
  svchost.exe	< 0.01	6.064 K	12.868 K	3704	Host Process for Windows Services	Microsoft Corporation
  SearchIndexer.exe		30.524 K	32.736 K	4532	Microsoft Windows Search Indexer	Microsoft Corporation
  svchost.exe	< 0.01	10.356 K	15.464 K	4140	Host Process for Windows Services	Microsoft Corporation
  IntelMeFWService.exe		1.204 K	3.960 K	4468	Intel(R) ME Service	Intel Corporation
  LMS.exe	0.01	1.752 K	5.028 K	7024	Local Manageability Service	Intel Corporation
  NASvc.exe		2.092 K	6.564 K	6980	NeroUpdate	Nero AG
  UNS.exe		3.876 K	11.432 K	7164	User Notification Service	Intel Corporation
  TPCHSrv.exe		2.860 K	7.652 K	7120	TOSHIBA PC Health Monitor	TOSHIBA Corporation
  TMachInfo.exe	< 0.01	25.652 K	33.696 K	2784	TSS TMachInfo Service	TOSHIBA Corporation
  TemproSvc.exe		16.276 K	20.328 K	3744	Toshiba TEMPRO	Toshiba Europe GmbH
  SynTPEnh.exe	< 0.01	3.820 K	816 K	5612	Synaptics TouchPad Enhancements	Synaptics Incorporated
  taskhostex.exe		7.896 K	12.928 K	5548	Host Process for Windows Tasks	Microsoft Corporation
  ToshibaServiceStation.exe		33.264 K	4.112 K	7264	TOSHIBA Service Station	TOSHIBA Corporation
 lsass.exe	< 0.01	6.636 K	14.228 K	836	Local Security Authority Process	Microsoft Corporation
GoogleCrashHandler.exe		1.476 K	1.148 K	2568		
GoogleCrashHandler64.exe		1.308 K	152 K	2628		
csrss.exe	0.21	3.724 K	9.444 K	4900		
winlogon.exe		1.768 K	5.620 K	7812		
 dwm.exe	0.09	22.308 K	30.356 K	7468		
explorer.exe	0.09	53.716 K	99.224 K	5892	Windows Explorer	Microsoft Corporation
 RAVCpl64.exe		4.108 K	10.560 K	2812	Realtek HD Audio Manager	Realtek Semiconductor
 TCrdMain_Win8.exe		3.764 K	13.200 K	7640	TCrdMain Application	
 TecoResident.exe		1.924 K	6.188 K	972	Resident module of eco Utility	TOSHIBA Corporation
 SRSPanel_64.exe	0.01	9.632 K	19.688 K	6028	SRS Control Panel	SRS Labs, Inc.
 rundll32.exe		5.172 K	8.300 K	4908	Windows host process (Rundll32)	Microsoft Corporation
 googledrivesync.exe		1.108 K	3.616 K	7540	Google Drive	Google
  googledrivesync.exe	0.01	47.200 K	61.896 K	7152	Google Drive	Google
 MusicManager.exe	0.01	12.392 K	23.868 K	4692	Music Manager	Google Inc.
 RemoteServer.exe	0.05	24.708 K	34.660 K	7320	Unified Remote Server	Unified Intents AB
 procexp.exe		2.544 K	7.944 K	4684	Sysinternals Process Explorer	Sysinternals - www.sysinternals.com
  procexp64.exe	0.34	22.404 K	45.648 K	6756	Sysinternals Process Explorer	Sysinternals - www.sysinternals.com
SynTPHelper.exe		1.236 K	340 K	7032		
TPCHWMsg.exe		2.048 K	7.028 K	6544	TOSHIBA PC Health Monitor	TOSHIBA Corporation
AvastUI.exe	0.01	15.564 K	7.524 K	6404	avast! Antivirus	AVAST Software
VolPanlu.exe	< 0.01	7.652 K	14.184 K	5932	VolPanlu.exe	Creative Technology Ltd
DLLML.exe		10.720 K	15.488 K	3032	DLL Module Loader	Creative Technology Ltd.
MOM.exe	0.01	27.188 K	3.688 K	7524	Catalyst Control Center: Monitoring program	Advanced Micro Devices Inc.
 CCC.exe	0.01	75.684 K	3.360 K	3448	Catalyst Control Center: Host application	ATI Technologies Inc.
chrome.exe	0.15	133.316 K	192.112 K	5668	Google Chrome	Google Inc.
 chrome.exe	< 0.01	57.936 K	78.376 K	1540	Google Chrome	Google Inc.
 chrome.exe	0.12	70.912 K	99.740 K	6832	Google Chrome	Google Inc.
 chrome.exe		22.664 K	49.956 K	8140	Google Chrome	Google Inc.
 chrome.exe		90.956 K	118.996 K	68	Google Chrome	Google Inc.
 chrome.exe	0.03	108.288 K	139.712 K	8156	Google Chrome	Google Inc.
mbam.exe	11.13	216.960 K	227.532 K	4876
         
Kann mir jemand weiterhelfen? übersehe ich etwas? oder ist das auch ganz einfach zu erklären?
zu meinem System: Core i7 3630QM, ATI 7670M, 8GB Ram

Mfg
Thomas T.

Alt 07.06.2013, 18:16   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows System immer bei 20% Systemauslastung, Virus vermutet - Standard

Windows System immer bei 20% Systemauslastung, Virus vermutet



Hi,

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden ).
  • Doppelklick auf die OTL.exe
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimal Ausgabe
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 07.06.2013, 18:27   #3
Trancegott
 
Windows System immer bei 20% Systemauslastung, Virus vermutet - Standard

Windows System immer bei 20% Systemauslastung, Virus vermutet



Okay. schonmal danke für die schnelle raktion
https://docs.google.com/file/d/0B0T-2P7o0EFsOUhCZ0dzZ0xNTnM/edit?usp=sharing
https://docs.google.com/file/d/0B0T-2P7o0EFsaHNCODhqMzR5MkU/edit?usp=sharing

wusste nicht wie man dinge als archiv anhängt :P
__________________

Alt 07.06.2013, 19:05   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows System immer bei 20% Systemauslastung, Virus vermutet - Standard

Windows System immer bei 20% Systemauslastung, Virus vermutet



So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.06.2013, 19:29   #5
Trancegott
 
Windows System immer bei 20% Systemauslastung, Virus vermutet - Standard

Windows System immer bei 20% Systemauslastung, Virus vermutet



So gibt er mir die error meldung aus, das der text zu lang sei


Alt 07.06.2013, 19:30   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Windows System immer bei 20% Systemauslastung, Virus vermutet - Standard

Windows System immer bei 20% Systemauslastung, Virus vermutet



Dann splitte ihn auf oder poste die Logs einzeln je Post
__________________
--> Windows System immer bei 20% Systemauslastung, Virus vermutet

Alt 07.06.2013, 19:38   #7
Trancegott
 
Windows System immer bei 20% Systemauslastung, Virus vermutet - Standard

Windows System immer bei 20% Systemauslastung, Virus vermutet



Code:
ATTFilter
OTL Extras logfile created on: 07.06.2013 18:21:46 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = E:\Thomas\Downloads\Setups
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16580)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
7,95 Gb Total Physical Memory | 5,21 Gb Available Physical Memory | 65,46% Memory free
15,95 Gb Paging File | 13,06 Gb Available in Paging File | 81,85% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 124,24 Gb Total Space | 80,10 Gb Free Space | 64,47% Space Free | Partition Type: NTFS
Drive E: | 89,61 Gb Total Space | 35,43 Gb Free Space | 39,54% Space Free | Partition Type: NTFS
 
Computer Name: TRANCEGOTT-PC | User Name: Thomas Terpelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{18DD28A0-953A-494F-9A92-60A619BF6914}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{1AAAE116-A8F7-48CF-8E04-7655E3F49669}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{225238CC-5005-4436-A01E-8C8D714D39F7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{27385EDD-1861-4D67-BF31-24706B78C987}" = rport=445 | protocol=6 | dir=out | app=system | 
"{66676DC6-07FF-4F7E-91C5-23FC01C50F17}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{7DE29ED9-32B3-4BDD-82C9-EC3DBE05CDD7}" = lport=139 | protocol=6 | dir=in | app=system | 
"{81B86CE1-42B3-4653-9719-C2B15381F811}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{8C757942-1743-4FF9-AF48-2182FBF1F30E}" = lport=137 | protocol=17 | dir=in | app=system | 
"{8D3FFA7A-F8D2-4ADF-BFE7-2B7E7553BDB5}" = rport=139 | protocol=6 | dir=out | app=system | 
"{91336B76-2D08-4958-AC72-8EF77BE8CB96}" = rport=138 | protocol=17 | dir=out | app=system | 
"{9F3573A1-DAD6-4D99-A2D2-75523386516F}" = lport=445 | protocol=6 | dir=in | app=system | 
"{A2259A23-07BC-4439-9357-C23CCB69408D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{BE0DDB2F-83F8-433D-B272-EEF590DBEE95}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{C74DFF48-8A48-4111-81E0-B4E5D8FB5F5B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{CD0F3A82-E9AC-44F8-B655-460C0025B7E2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{CE15CFC3-99FC-4A62-BC3E-2498A2141E1F}" = rport=137 | protocol=17 | dir=out | app=system | 
"{D55F70F7-3388-4320-AD18-EB02F7657C8C}" = lport=138 | protocol=17 | dir=in | app=system | 
"{E7EC72D3-715C-407E-9E51-2187878B8D23}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E83EBFE3-394C-4FE9-B6B0-877EF493D595}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{EC90D772-6C2F-4F11-8952-4CE256D190A9}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{F1186F68-CA24-4C7F-A412-8026C62B690A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{133902FF-3168-426D-AE2D-C71445B03C65}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{13F6A01A-E6C5-4A09-B393-AF4D669386CE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{15F0D0D9-F0BA-4B66-8F15-1E73495D97AE}" = dir=out | name=evernote | 
"{1CE9E11F-4DCE-42D9-8F23-38EAD8A75C74}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{2117DB62-53A5-40D0-9AD4-212161FAFACE}" = dir=in | name=ebay | 
"{2924068E-97D1-49C1-A5AD-7567C948C5D8}" = dir=out | name=microsoft solitaire collection | 
"{2D975BB1-5020-471E-8866-70DC87E13770}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{30CEE3AE-D1A1-4DC5-B9C7-32C1952D756A}" = dir=out | name=- games app - | 
"{3E5E9498-7002-4F25-8AC8-3BEA2B0AA038}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{4CFC1D16-C447-4B02-9DB0-1C50470DA803}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe | 
"{539577CA-6015-4647-98E6-AF4B9A400D99}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{5B097F75-AD01-4B98-A9B5-5916104E4E61}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{5CC74C17-8645-4531-8D06-E4853653B2C1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{5F5D174F-B751-4002-A3FB-4FB6037A727F}" = dir=out | name=mcafee security advisor for toshiba | 
"{6088DD84-F2F3-47FC-A646-224EB99AE8CD}" = dir=out | name=windows_ie_ac_001 | 
"{657F8C2A-0153-4CFF-9AA7-3D094D8B5C17}" = dir=out | name=skype | 
"{6888DF2D-3E4C-4648-A739-CDEBD4B6BC1F}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{69A2E103-3129-4F3C-A069-6D118D40D109}" = dir=in | name=toshiba media player by smedio truelink+ | 
"{6F51106F-229D-418A-8F8B-30FFC305BE89}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{6F7E3DD5-D392-4287-9D4C-99B9DB978DE2}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{74726519-19FE-459D-A047-BF9ACB9110E9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{77F5AC52-D30A-4026-8879-D3B7D303EFB7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{79EACC43-FC85-4220-ADC3-C13EEBB1328C}" = dir=out | name=skitch | 
"{7A3C3F1E-8676-434A-8A24-1FB9834351E5}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{7CF6FF05-C9F8-45E8-8851-FE53E06E795F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{7F9A3819-F1CC-474C-8A20-0A21E860F250}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{7FA3F2AE-E4F2-479B-99A3-49A18D86FDAA}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe | 
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{8580411F-0168-47ED-913A-858793A13966}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe | 
"{88F970A8-7923-4057-B9FE-BCF67DE2FC57}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{8D152937-C386-4A1D-B13A-D121F794054F}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{8E08C0C3-CD04-46B7-BE7E-AB803212A1CC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{90A4DC8E-6621-463B-8F5F-6EC8E894CA47}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{94E6441C-E5D4-4457-8A66-5CC0DDA2471D}" = dir=out | name=ebay | 
"{9C3DFE08-8144-4D0B-A797-B62A15A71032}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A1AF53BC-8B3C-4F66-A9A6-301876A25673}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe | 
"{A1EA0DCA-DB6A-4B49-BA94-578C04F5A10F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{A3884018-AB3F-4FB0-9B38-9BEB4E6F1990}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{A7964C94-2561-4E1B-9053-12575AEC288B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{ACACED64-5F1A-4457-BD16-CBFEDEFE9C06}" = dir=in | name=skype | 
"{B103F159-B8A3-4A31-B8A8-E5FBBB71735F}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{B63C5B8D-B7C3-437B-B98A-31759796736E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{B91C5C5B-2468-471A-BAA3-8C5BEA1680FD}" = dir=out | name=fresh paint | 
"{B935D4EB-16A5-4FE5-B935-2097F52A96E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BF6B9575-1D05-4029-99EB-A7F08AB2E0F8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{C2F42A4D-0D33-464A-B08D-DCEB0299CF35}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{C41EE77E-2C6A-4539-A696-D5E1DE02AD8F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{C4746A2D-491C-41BF-BF50-E88A61AF0A4C}" = dir=out | name=toshiba places | 
"{C51F1F57-262F-49AE-9A08-55B5F0973D54}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{C5BAF9B3-3A6A-4426-BFBA-EBC98F78DE50}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{C7E7DDA6-6D0E-46FC-857C-460F1CC05E6A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{CA3B74E6-3501-433F-B8E8-F01655130780}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{CB1A8287-5B67-4C22-A9BC-1B3FCEC91075}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{CE6A0CEE-A550-48AD-9F01-C7985CF8157D}" = protocol=6 | dir=out | app=system | 
"{CFC7E02D-0842-4B65-93AF-F1BE3EA158E7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D0045B30-DF68-415C-8C81-2BECE75179CD}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{D55379D6-D6FA-4F7D-9F10-D5F4999D31E2}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{D6D97615-01D9-4C5D-8C76-3D3F51D5CA1F}" = dir=in | name=evernote | 
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{E83EAF2A-B2D6-4808-910E-69A2AD435B33}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E8C46BE6-F40E-4BCB-ABCD-38E90BF9C0FC}" = dir=out | name=toshiba media player by smedio truelink+ | 
"{ED4F60E5-1FA8-4AB1-BC1C-7F5E52959EEF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F205F459-662B-48CF-A855-067BC47DAD07}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{FCDA8922-ADF4-4AD7-846F-B728BCECF8BA}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"TCP Query User{1EB12DF0-8992-4CED-805D-0D7872FD9F10}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | 
"TCP Query User{578A0777-2429-4BDE-8EE3-80D1A68130EA}C:\program files (x86)\unified remote\remoteserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe | 
"TCP Query User{72E27BF3-956A-4129-85DC-9A9733D0B6CC}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe | 
"UDP Query User{04810E35-CC39-437D-A7D8-B8021C4D8F9F}C:\program files (x86)\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader\jre\bin\javaw.exe | 
"UDP Query User{40D2EAAD-8711-4495-B7EA-3BDD6F33204D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe | 
"UDP Query User{62AE6851-4F0A-4FF3-8F75-6E5FD59D1203}C:\program files (x86)\unified remote\remoteserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\unified remote\remoteserver.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{026B819B-4D60-4C8B-892D-33A0D8666F60}" = Atheros Bluetooth Filter Driver Package
"{16562A90-71BC-41A0-B890-D91B0C267120}" = TOSHIBA Function Key
"{16A4E6F1-B22E-E53E-10C2-E6EF0B893797}" = ccc-utility64
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5944B9D4-3C2A-48DE-931E-26B31714A2F7}" = TOSHIBA eco Utility
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7F34ADBE-77C0-47A0-BBC6-B3DA16CE8E68}" = Classic Shell
"{80D83D9D-A83A-27DC-C9F6-B451FFBFAD06}" = AMD Accelerated Video Transcoding
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 2.053
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0407-1000-0000000FF1CE}" = Microsoft Access MUI (German) 2013
"{90150000-0016-0407-1000-0000000FF1CE}" = Microsoft Excel MUI (German) 2013
"{90150000-0018-0407-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (German) 2013
"{90150000-0019-0407-1000-0000000FF1CE}" = Microsoft Publisher MUI (German) 2013
"{90150000-001A-0407-1000-0000000FF1CE}" = Microsoft Outlook MUI (German) 2013
"{90150000-001B-0407-1000-0000000FF1CE}" = Microsoft Word MUI (German) 2013
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office*- Français
"{90150000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Italiano
"{90150000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2013
"{90150000-0044-0407-1000-0000000FF1CE}" = Microsoft InfoPath MUI (German) 2013
"{90150000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2013
"{90150000-0090-0407-1000-0000000FF1CE}" = Microsoft DCF MUI (German) 2013
"{90150000-00A1-0407-1000-0000000FF1CE}" = Microsoft OneNote MUI (German) 2013
"{90150000-00BA-0407-1000-0000000FF1CE}" = Microsoft Groove MUI (German) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2013
"{90150000-00E1-0407-1000-0000000FF1CE}" = Microsoft Office OSM MUI (German) 2013
"{90150000-00E2-0407-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (German) 2013
"{90150000-012B-0407-1000-0000000FF1CE}" = Microsoft Lync MUI (German) 2013
"{94F03B8E-CB73-4653-AFE9-79112C01FED2}" = Premium Sound HD
"{95CCACF0-010D-45F0-82BF-858643D8BC02}" = TOSHIBA Desktop Assist
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{B8C8422F-01F1-4791-B084-047AAFF9BFCC}" = TOSHIBA Service Station
"{C23F43A3-327E-2969-52F2-89ED83D99F48}" = AMD Catalyst Install Manager
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{FF07604E-C860-40E9-A230-E37FA41F103A}" = TOSHIBA VIDEO PLAYER
"78E642E5D6B0C34475621BAA7507EE5BEE614E56" = Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net  (03/11/2013 10.0.0.234)
"CCleaner" = CCleaner
"E1372496057C172077BF73361B176A2D63F397C6" = Windows Driver Package - Qualcomm Atheros Communications Inc. Net  (03/11/2013 10.0.0.234)
"KLiteCodecPack64_is1" = K-Lite Codec Pack 9.9.0 (64-bit)
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0071820F-09B0-4998-8320-F89629DCBC99}" = Nero BackItUp
"{052A1E34-A54B-458C-A4E3-24C3E054754A}" = Nero Kwik Media
"{05A55927-DB9B-4E26-BA44-828EBFF829F0}" = TOSHIBA System Settings
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{0A9DA353-D0CD-4922-A54B-2F5F4EC90986}" = Sound Blaster X-Fi Surround 5.1 Pro
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0E04AD66-9C5A-46DF-836B-29BD26194820}" = Unified Remote
"{0E33FCE0-4AA4-63FE-AB3F-C4AD57522BE1}" = CCC Help Norwegian
"{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}" = Nero Launcher
"{0F37A1A4-8B97-A488-9C83-703B54833180}" = Catalyst Control Center InstallProxy
"{1001266B-D4BB-46D9-B023-2612A8CE3A31}" = Nero BurnRights
"{156CA35F-4BC4-5E65-13AA-F1405833EBD7}" = CCC Help Greek
"{17C430DC-C629-D9F8-B2B7-18DFFA748571}" = CCC Help Spanish
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1C3DA126-D523-4089-BCCA-FA46FE34D6F8}" = Google Drive
"{1E6A96A1-2BAB-43EF-8087-30437593C66C}" = TOSHIBA System Driver
"{1F16820E-D0E7-4636-939E-45CBFEFB06E1}" = Nero Kwik Media Help (CHM)
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{24A088D6-705C-74B0-25DC-39762568C587}" = Catalyst Control Center
"{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1" = Samsung Magician
"{2D67CF11-66B2-38B0-5995-E3BF0CACEC39}" = CCC Help English
"{2EF76291-8647-46F0-89D8-0AA8B72A5420}" = Nero 12 Essentials Toshiba
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3398C858-451D-7B1B-DDAA-2C4D6F1E69A1}" = CCC Help Hungarian
"{38CE4C4B-21FE-E59C-2DCA-5659704AEC64}" = CCC Help Czech
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{5A5261FB-8366-AD7B-FFDF-02A63B2397B3}" = CCC Help Danish
"{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}" = Nero Blu-ray Player Help (CHM)
"{5B99CFC0-AA5D-6F95-8C4F-BCA01A014A99}" = CCC Help Finnish
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6591BFD7-DC89-4480-EF58-F8F765540D9E}" = CCC Help Chinese Traditional
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}" = TOSHIBA Resolution+ Plug-in for Windows Media Player
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba" = WildTangent Games App (Toshiba Games)
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{78931270-BC9E-441A-A52B-73ECD4ACFAB5}" = Toshiba Password Utility
"{80712216-D34B-085D-0952-7BE3215A4D3D}" = CCC Help Dutch
"{828175FA-7307-4DBF-95AD-9CEE086B6F45}" = Welcome App (Start-up experience)
"{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}" = Nero Express
"{86C23BA9-B797-B10F-FFF6-1AC494647DDE}" = CCC Help Italian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A74D395-1F88-4EA1-99DD-5D3F4CEC0D59}" = CCC Help Russian
"{8E7EABFA-BF37-4824-B792-4220C9E04233}" = Nero BurnRights Help (CHM)
"{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}" = TOSHIBA Manuals
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D2C8DC3-0FED-6B69-5AA1-1FA22FA76599}" = CCC Help Chinese Standard
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A6377BCB-10C1-6ED7-C635-54A6F758187C}" = Catalyst Control Center Localization All
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Media Creator
"{B953732D-B623-4E84-B369-CFFF7B1AE06F}" = Nero RescueAgent
"{BE0889B8-807C-9B09-1AE8-5F6ACF7D8317}" = CCC Help Swedish
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C3AB6747-75BD-5966-5C06-5CBE875A9E79}" = CCC Help Portuguese
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{CBFC9C1A-45B4-C0BE-8C7A-39502F17EBE7}" = CCC Help French
"{CD77DB4A-00A4-050D-64C1-746DDE10DD65}" = Catalyst Control Center Graphics Previews Common
"{CF1F9079-DCB5-4AA3-9015-CAA18A2CFF35}" = Catalyst Control Center - Branding
"{DDA3C325-47B2-4730-9672-BF3771C08799}_is1" = XMedia Recode version 3.1.6.0
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E078242F-4E82-5FF5-5ACD-2B06D7DBA3C6}" = CCC Help Turkish
"{E1E3876E-4D40-00C9-4097-64A023F95C83}" = CCC Help Polish
"{EE82F528-A1CF-B46B-A91A-A093288B6E55}" = CCC Help Thai
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F76F5214-83A8-4030-80C9-1EF57391D72A}" = Toshiba TEMPRO
"{F8FF3D85-5A7B-F64A-71EF-D581C0A780CC}" = CCC Help Japanese
"{FB755609-9F0E-B5D4-8091-155AAB543309}" = CCC Help Korean
"{FFF1A0B4-844A-FE20-FBEF-D8A7A698C7CD}" = CCC Help German
"5513-1208-7298-9440" = JDownloader 0.9
"avast" = avast! Free Antivirus
"Dolby Digital Live Pack" = Dolby Digital Live Pack
"Google Chrome" = Google Chrome
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}" = Toshiba Password Utility
"Intel AppUp(SM) center 33268" = Intel AppUp(SM) center
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.9.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"SysInfo" = Creative System Information
"WildTangent wildgames Master Uninstall" = WildTangent Games
"WTA-2a08834a-b847-4339-a949-7e56e5061f70" = Island Tribe
"WTA-2f91ae9a-abd6-4dfd-a710-3ffff9f09971" = Polar Bowler
"WTA-3a17f458-7129-4482-9c56-d7ecee8005e2" = Bejeweled 3
"WTA-4a8396bc-76ca-4a89-8b2f-f43bc86f2973" = Peggle Nights
"WTA-5cafbdec-4163-4dac-bbcb-53dd6ed10b1d" = Jewel Quest Solitaire 2
"WTA-6c4c8d1f-cb08-41ab-af0c-b07e25bdd3f8" = Plants vs. Zombies - Game of the Year
"WTA-8a2256f1-a25d-4106-935b-7a2b4037a79f" = Empress of the Deep - The Darkest Secret
"WTA-94a58f11-7f29-42d5-8b50-01b596e2fff6" = Virtual Villagers 4 - The Tree of Life
"WTA-9ca4eda1-b0d0-436c-8434-b5f37b27b0cf" = Chuzzle Deluxe
"WTA-c6b4506f-da5a-49fa-85e8-31463949d497" = Aloha TriPeaks
"WTA-e07a82d1-24a9-412b-a23c-1da6e645147f" = Magic Academy
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MusicManager" = Music Manager
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 30.05.2013 06:18:20 | Computer Name = Trancegott-PC | Source = .NET Runtime | ID = 1022
Description = 
 
Error - 30.05.2013 06:20:22 | Computer Name = Trancegott-PC | Source = .NET Runtime | ID = 1022
Description = 
 
Error - 30.05.2013 06:21:54 | Computer Name = Trancegott-PC | Source = .NET Runtime | ID = 1022
Description = 
 
Error - 30.05.2013 06:23:16 | Computer Name = Trancegott-PC | Source = .NET Runtime | ID = 1022
Description = 
 
Error - 30.05.2013 06:26:59 | Computer Name = Trancegott-PC | Source = .NET Runtime | ID = 1022
Description = 
 
Error - 30.05.2013 06:30:27 | Computer Name = Trancegott-PC | Source = .NET Runtime | ID = 1022
Description = 
 
Error - 30.05.2013 06:33:15 | Computer Name = Trancegott-PC | Source = .NET Runtime | ID = 1022
Description = 
 
Error - 30.05.2013 06:54:47 | Computer Name = Trancegott-PC | Source = .NET Runtime | ID = 1022
Description = 
 
Error - 01.06.2013 10:56:28 | Computer Name = Trancegott-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.2.9200.16433, 
time stamp: 0x50763312  Faulting module name: ntdll.dll, version: 6.2.9200.16579, 
time stamp: 0x51637f77  Exception code: 0xc0000374  Fault offset: 0x00000000000ebd59
Faulting
 process id: 0x150c  Faulting application start time: 0x01ce5d44dcfe84bf  Faulting application
 path: C:\windows\Explorer.EXE  Faulting module path: C:\windows\SYSTEM32\ntdll.dll
Report
 Id: 6ff3434b-cacb-11e2-be7f-2016d88a82cf  Faulting package full name:   Faulting package-relative
 application ID: 
 
Error - 03.06.2013 16:47:24 | Computer Name = Trancegott-PC | Source = Application Hang | ID = 1002
Description = The program mpc-hc.exe version 1.6.8.7123 stopped interacting with
 Windows and was closed. To see if more information about the problem is available,
 check the problem history in the Action Center control panel.    Process ID: 1b40    Start
 Time: 01ce60993cffd48c    Termination Time: 14    Application Path: C:\Program Files (x86)\K-Lite
 Codec Pack\Media Player Classic\mpc-hc.exe    Report Id: c4014dcd-cc8e-11e2-be7f-2016d88a82cf

Faulting
 package full name:     Faulting package-relative application ID:   
 
[ System Events ]
Error - 26.05.2013 10:02:50 | Computer Name = Trancegott-PC | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR13.
 
Error - 26.05.2013 10:06:59 | Computer Name = Trancegott-PC | Source = Microsoft-Windows-Kernel-General | ID = 6
Description = 
 
Error - 26.05.2013 10:07:21 | Computer Name = Trancegott-PC | Source = Service Control Manager | ID = 7000
Description = The McAfee Boot Delay Start Service service failed to start due to
 the following error:   %%2
 
Error - 27.05.2013 14:08:12 | Computer Name = Trancegott-PC | Source = Service Control Manager | ID = 7031
Description = The avast! Antivirus service terminated unexpectedly.  It has done
 this 1 time(s).  The following corrective action will be taken in 5000 milliseconds:
 Restart the service.
 
Error - 28.05.2013 08:28:06 | Computer Name = Trancegott-PC | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR14.
 
Error - 28.05.2013 08:28:07 | Computer Name = Trancegott-PC | Source = disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR14.
 
Error - 02.06.2013 07:26:54 | Computer Name = Trancegott-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 03.06.2013 04:57:30 | Computer Name = Trancegott-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 04.06.2013 10:25:26 | Computer Name = Trancegott-PC | Source = Microsoft-Windows-Kernel-General | ID = 6
Description = 
 
Error - 04.06.2013 10:26:05 | Computer Name = Trancegott-PC | Source = Service Control Manager | ID = 7000
Description = The McAfee Boot Delay Start Service service failed to start due to
 the following error:   %%2
 
 
< End of report >
         

Geändert von Trancegott (07.06.2013 um 19:44 Uhr)

Alt 07.06.2013, 19:40   #8
Trancegott
 
Windows System immer bei 20% Systemauslastung, Virus vermutet - Standard

Windows System immer bei 20% Systemauslastung, Virus vermutet



edit

Alt 07.06.2013, 19:41   #9
Trancegott
 
Windows System immer bei 20% Systemauslastung, Virus vermutet - Standard

Windows System immer bei 20% Systemauslastung, Virus vermutet



Code:
ATTFilter
OTL logfile created on: 07.06.2013 18:21:46 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = E:\Thomas\Downloads\Setups
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16580)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
7,95 Gb Total Physical Memory | 5,21 Gb Available Physical Memory | 65,46% Memory free
15,95 Gb Paging File | 13,06 Gb Available in Paging File | 81,85% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 124,24 Gb Total Space | 80,10 Gb Free Space | 64,47% Space Free | Partition Type: NTFS
Drive E: | 89,61 Gb Total Space | 35,43 Gb Free Space | 39,54% Space Free | Partition Type: NTFS
 
Computer Name: TRANCEGOTT-PC | User Name: Thomas Terpelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - E:\Thomas\Downloads\Setups\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe (Microsoft)
PRC - C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
PRC - c:\Program Files\Classic Shell\ClassicShellService.exe (IvoSoft)
PRC - C:\Program Files (x86)\Unified Remote\RemoteServer.exe (Unified Intents AB)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
PRC - C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe (Creative Technology Ltd.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\wx._core_.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\_ssl.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\wx._controls_.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\windows._cacheinvalidation.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\wx._windows_.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\wx._gdi_.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\wx._misc_.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\_hashlib.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\unicodedata.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\pysqlite2._sqlite.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\pythoncom27.dll ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32com.shell.shell.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\_elementtree.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\pyexpat.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\wx._wizard.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32file.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\pywintypes27.dll ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32security.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32api.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\_ctypes.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\wx._html2.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\_socket.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32inet.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32process.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\_multiprocessing.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32pdh.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32ts.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32event.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32profile.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\win32crypt.pyd ()
MOD - C:\Users\Heinz\AppData\Local\Temp\_MEI75402\select.pyd ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll ()
MOD - C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll ()
MOD - C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll ()
MOD - C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\libid3tag.dll ()
MOD - C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\libaacdec.dll ()
MOD - C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll ()
MOD - C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll ()
MOD - C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll ()
MOD - C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\QtGui4.dll ()
MOD - C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\QtCore4.dll ()
MOD - C:\Windows\SysWOW64\APOMngr.DLL ()
MOD - C:\Windows\SysWOW64\CmdRtr.DLL ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (ClassicShellService) -- c:\Program Files\Classic Shell\ClassicShellService.exe (IvoSoft)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Realtek Semiconductor)
SRV:64bit: - (TOSHIBA eco Utility Service) -- C:\Program Files\TOSHIBA\Teco\TecoService.exe (TOSHIBA Corporation)
SRV:64bit: - (TPCHSrv) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation)
SRV:64bit: - (TMachInfo) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (TODDSrv) -- C:\Windows\SysNative\TODDSrv.exe (TOSHIBA Corporation)
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TemproMonitoringService) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (Toshiba Europe GmbH)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (GFNEXSrv) -- C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe ()
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\Drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\Drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (aswSnx) -- C:\windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\Drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswTdi) -- C:\windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\Drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\Drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (tosrfec) -- C:\Windows\SysNative\Drivers\tosrfec.sys (TOSHIBA Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\Drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\Drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (Thotkey) -- C:\Windows\SysNative\Drivers\Thotkey.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\Drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek                                            )
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\Drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:64bit: - (tdcmdpst) -- C:\Windows\SysNative\Drivers\tdcmdpst.sys (TOSHIBA Corporation.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (TVALZFL) -- C:\Windows\SysNative\Drivers\TVALZFL.sys (TOSHIBA Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\Drivers\AtihdW86.sys (Advanced Micro Devices)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\Drivers\btfilter.sys (Atheros)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\Drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (RTL8192Ce) -- C:\Windows\SysNative\Drivers\rtwlane.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (igfx) -- C:\Windows\SysNative\Drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (tos_sps64) -- C:\Windows\SysNative\Drivers\tos_sps64.sys (TOSHIBA Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (ksaud) -- C:\Windows\SysNative\Drivers\ksaud.sys (Creative Technology Ltd.)
DRV - (PEGAGFN) -- C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys (PEGATRON)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {65AAC44C-F137-491E-B2E0-08FBBC6459A2}
IE:64bit: - HKLM\..\SearchScopes\{65AAC44C-F137-491E-B2E0-08FBBC6459A2}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {65AAC44C-F137-491E-B2E0-08FBBC6459A2}
IE - HKLM\..\SearchScopes\{65AAC44C-F137-491E-B2E0-08FBBC6459A2}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com
IE - HKCU\..\SearchScopes,DefaultScope = {65AAC44C-F137-491E-B2E0-08FBBC6459A2}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Heinz\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Heinz\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
 
[2013.02.13 21:08:22 | 000,033,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.Twitter.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
CHR - Extension: Easy Auto Refresh = C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc\2.8_0\
CHR - Extension: Angry Birds = C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Docs = C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\
CHR - Extension: Google Search = C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google+ = C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm\1.2.0.418_0\
CHR - Extension: Gmail = C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - c:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - c:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - c:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - c:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - c:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - c:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [Creative SB Monitoring Utility] C:\windows\SysNative\SBAVMon.dll (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SRS Premium Sound HD] C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe (SRS Labs, Inc.)
O4:64bit: - HKLM..\Run: [TCrdMain] C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe ()
O4:64bit: - HKLM..\Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe ()
O4:64bit: - HKLM..\Run: [TosWaitSrv] C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe (TOSHIBA Corporation)
O4:64bit: - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TPUReg] C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe (Pegatron Corporation)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [GoogleDriveSync] c:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [MusicManager] C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
O4 - HKCU..\Run: [Unified Remote v2] C:\Program Files (x86)\Unified Remote\RemoteServer.exe (Unified Intents AB)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk = C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9:64bit: - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - c:\Program Files\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O9 - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - c:\Program Files\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10855E85-1343-40AB-9780-645ED416C1FC}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3315C66-6776-4CD2-AA76-61DEFDA552DF}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E3450568-4A96-4A14-85BA-FC35541EAACD}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.07 18:01:54 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Malwarebytes
[2013.06.07 18:01:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.06.07 18:01:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.06.07 18:01:45 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013.06.07 18:01:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.06.07 13:08:05 | 000,000,000 | ---D | C] -- E:\Thomas\My Documents\Schule
[2013.06.07 13:08:04 | 000,000,000 | ---D | C] -- E:\Thomas\My Documents\pc zeugs
[2013.06.07 13:08:04 | 000,000,000 | ---D | C] -- E:\Thomas\My Documents\Benutzerdefinierte Office-Vorlagen
[2013.06.07 13:02:41 | 000,000,000 | ---D | C] -- C:\windows\Minidump
[2013.06.06 11:09:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
[2013.06.06 11:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung Magician
[2013.06.06 11:07:10 | 000,000,000 | ---D | C] -- C:\Temp
[2013.06.05 11:10:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Synaptics
[2013.06.04 09:15:02 | 000,103,448 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\windows\SysNative\drivers\ssudbus.sys
[2013.06.04 09:15:00 | 000,203,672 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\windows\SysNative\drivers\ssudmdm.sys
[2013.06.04 08:27:11 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Unified Remote
[2013.06.04 08:27:06 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unified Remote
[2013.06.04 08:27:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unified Remote
[2013.05.31 13:57:23 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager
[2013.05.26 16:14:40 | 000,000,000 | ---D | C] -- C:\ProgramData\TOSHIBA Tempro
[2013.05.26 16:14:40 | 000,000,000 | ---D | C] -- C:\ProgramData\IsolatedStorage
[2013.05.26 12:48:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
[2013.05.26 12:48:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XMedia Recode
[2013.05.25 22:10:24 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2013.05.24 13:45:58 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Adobe
[2013.05.23 16:08:18 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Identities
[2013.05.23 16:02:59 | 000,000,000 | ---D | C] -- C:\windows\AutoKMS
[2013.05.23 16:00:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Toolkit
[2013.05.23 15:53:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.05.23 15:52:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2013.05.23 15:51:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2013.05.23 15:51:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2013.05.23 15:51:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2013.05.23 15:50:50 | 000,000,000 | ---D | C] -- C:\windows\PCHEALTH
[2013.05.23 15:50:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2013.05.23 15:48:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2013.05.23 15:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013.05.23 15:48:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013.05.23 15:48:08 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013.05.23 15:48:02 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013.05.23 15:36:33 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\WinRAR
[2013.05.23 14:39:19 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\ElevatedDiagnostics
[2013.05.23 14:22:19 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Auslogics
[2013.05.23 14:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2013.05.23 14:22:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auslogics
[2013.05.23 13:42:13 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dskquota.dll
[2013.05.23 13:42:11 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dskquota.dll
[2013.05.23 13:41:58 | 000,396,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hal.dll
[2013.05.23 13:41:53 | 001,172,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfnetsrc.dll
[2013.05.23 13:41:53 | 000,929,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfnetsrc.dll
[2013.05.23 13:41:53 | 000,677,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfnetcore.dll
[2013.05.23 13:41:53 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfnetcore.dll
[2013.05.23 13:41:52 | 000,673,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfmpeg2srcsnk.dll
[2013.05.23 13:41:52 | 000,513,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfmpeg2srcsnk.dll
[2013.05.23 13:41:09 | 002,380,944 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2013.05.23 13:41:09 | 002,206,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmcore.dll
[2013.05.23 13:41:08 | 002,115,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\explorer.exe
[2013.05.23 13:41:08 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.UI.Immersive.dll
[2013.05.23 13:41:06 | 001,265,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2013.05.23 13:41:06 | 001,226,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.UI.Immersive.dll
[2013.05.23 13:41:05 | 000,793,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfplat.dll
[2013.05.23 13:41:05 | 000,579,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\StructuredQuery.dll
[2013.05.23 13:41:04 | 001,841,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dwmcore.dll
[2013.05.23 13:41:03 | 000,590,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SHCore.dll
[2013.05.23 13:41:00 | 000,612,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfplat.dll
[2013.05.23 13:40:59 | 000,517,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2013.05.23 13:40:58 | 000,561,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfmp4srcsnk.dll
[2013.05.23 13:40:58 | 000,441,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys
[2013.05.23 13:40:57 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\portcls.sys
[2013.05.23 13:40:56 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Storage.Compression.dll
[2013.05.23 13:40:54 | 001,045,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usercpl.dll
[2013.05.23 13:40:52 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfmp4srcsnk.dll
[2013.05.23 13:40:52 | 000,058,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dam.sys
[2013.05.23 13:40:51 | 000,962,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\usercpl.dll
[2013.05.23 13:40:51 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcore6.dll
[2013.05.23 13:40:50 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SpaceControl.dll
[2013.05.23 13:40:50 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dhcpcore6.dll
[2013.05.23 13:40:48 | 000,056,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\sdstor.sys
[2013.05.23 13:40:48 | 000,033,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\battc.sys
[2013.05.23 13:40:46 | 000,460,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SHCore.dll
[2013.05.23 13:40:46 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Storage.Compression.dll
[2013.05.23 13:40:45 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\input.dll
[2013.05.23 13:40:44 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\input.dll
[2013.05.23 13:40:43 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcsvc6.dll
[2013.05.23 13:40:41 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\microsoft-windows-pdc.dll
[2013.05.23 13:40:39 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PCPKsp.dll
[2013.05.23 13:40:35 | 001,294,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2013.05.23 13:40:34 | 000,757,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FirewallAPI.dll
[2013.05.23 13:40:33 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AppxSip.dll
[2013.05.23 13:40:31 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AppxSip.dll
[2013.05.23 13:40:30 | 001,836,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2013.05.23 13:40:30 | 000,370,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SysFxUI.dll
[2013.05.23 13:40:25 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icfupgd.dll
[2013.05.23 13:40:24 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BdeUISrv.exe
[2013.05.23 13:40:22 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PCPKsp.dll
[2013.05.23 13:40:12 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wfapigp.dll
[2013.05.23 13:40:12 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wfapigp.dll
[2013.05.23 13:40:05 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\drmk.sys
[2013.05.23 13:40:04 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kbdhebl3.dll
[2013.05.23 13:40:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\kbdhebl3.dll
[2013.05.23 13:37:37 | 001,184,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Display.dll
[2013.05.23 13:37:37 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Display.dll
[2013.05.23 13:37:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDKURD.DLL
[2013.05.23 13:37:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDKURD.DLL
[2013.05.23 13:37:34 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSShared.dll
[2013.05.23 13:37:33 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WSShared.dll
[2013.05.23 13:37:33 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.ApplicationModel.Store.dll
[2013.05.23 13:37:33 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2013.05.23 13:37:33 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.ApplicationModel.Store.dll
[2013.05.23 13:37:33 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2013.05.23 13:37:32 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AppXDeploymentServer.dll
[2013.05.23 13:37:32 | 000,707,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AppXDeploymentExtensions.dll
[2013.05.23 13:37:09 | 003,245,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll
[2013.05.23 13:37:07 | 001,536,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\storagewmi.dll
[2013.05.23 13:37:07 | 001,122,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Taskmgr.exe
[2013.05.23 13:37:07 | 001,027,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Taskmgr.exe
[2013.05.23 13:37:06 | 000,955,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WebcamUi.dll
[2013.05.23 13:37:06 | 000,798,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WebcamUi.dll
[2013.05.23 13:37:05 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UserLanguagesCpl.dll
[2013.05.23 13:37:05 | 000,244,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpnapps.dll
[2013.05.23 13:37:04 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UserLanguagesCpl.dll
[2013.05.23 13:37:03 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe
[2013.05.23 13:37:03 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wpnapps.dll
[2013.05.23 13:37:03 | 000,027,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\rdpvideominiport.sys
[2013.05.23 13:37:01 | 001,217,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\storagewmi.dll
[2013.05.23 13:36:57 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe
[2013.05.23 13:36:53 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nshwfp.dll
[2013.05.23 13:36:53 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshwfp.dll
[2013.05.23 13:36:52 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vdsutil.dll
[2013.05.23 13:36:51 | 000,378,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FWPUCLNT.DLL
[2013.05.23 13:36:51 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FWPUCLNT.DLL
[2013.05.23 13:36:51 | 000,120,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vds_ps.dll
[2013.05.23 13:36:51 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\vds_ps.dll
[2013.05.23 13:36:51 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rfxvmt.dll
[2013.05.23 13:36:51 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vdsldr.exe
[2013.05.23 13:36:50 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpudd.dll
[2013.05.23 13:36:45 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppwinob.dll
[2013.05.23 13:35:59 | 011,459,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\glcndFilter.dll
[2013.05.23 13:35:54 | 008,552,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\glcndFilter.dll
[2013.05.23 13:35:51 | 001,526,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfcore.dll
[2013.05.23 13:35:50 | 001,566,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ole32.dll
[2013.05.23 13:35:50 | 001,451,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfcore.dll
[2013.05.23 13:35:50 | 000,976,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2013.05.23 13:35:47 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2013.05.23 13:35:46 | 000,883,712 | ---- | C] (Microsoft Corporation) -- C:\windows\HelpPane.exe
[2013.05.23 13:35:36 | 000,501,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DevicePairing.dll
[2013.05.23 13:35:35 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bthprops.cpl
[2013.05.23 13:35:35 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dafWCN.dll
[2013.05.23 13:35:34 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanmsm.dll
[2013.05.23 13:35:34 | 000,386,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanmsm.dll
[2013.05.23 13:35:33 | 000,449,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DevicePairing.dll
[2013.05.23 13:35:33 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpclip.exe
[2013.05.23 13:35:33 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bthprops.cpl
[2013.05.23 13:35:33 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MFCaptureEngine.dll
[2013.05.23 13:35:30 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MFCaptureEngine.dll
[2013.05.23 13:35:28 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanapi.dll
[2013.05.23 13:35:25 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlansec.dll
[2013.05.23 13:35:25 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanapi.dll
[2013.05.23 13:35:25 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WcnApi.dll
[2013.05.23 13:35:25 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WcnApi.dll
[2013.05.23 13:35:24 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlansec.dll
[2013.05.23 13:35:23 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fdWCN.dll
[2013.05.23 13:35:23 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WcnEapAuthProxy.dll
[2013.05.23 13:35:22 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WcnEapPeerProxy.dll
[2013.05.23 13:35:21 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wfdprov.dll
[2013.05.23 13:35:20 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wfdprov.dll
[2013.05.23 13:35:17 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fxppm.sys
[2013.05.23 13:35:17 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlanhlp.dll
[2013.05.23 13:35:17 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlanhlp.dll
[2013.05.23 13:35:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iscsilog.dll
[2013.05.23 13:13:04 | 000,000,000 | ---D | C] -- C:\Users\Heinz\.android
[2013.05.23 12:23:00 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Media Player Classic
[2013.05.23 12:12:58 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Diagnostics
[2013.05.23 11:38:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2013.05.23 11:11:45 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Creative
[2013.05.23 11:10:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2013.05.23 04:54:18 | 000,693,112 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013.05.23 04:54:18 | 000,078,200 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.05.23 04:49:33 | 000,000,000 | R--D | C] -- C:\windows\BrowserChoice
[2013.05.22 21:04:40 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcr100_clr0400.dll
[2013.05.22 21:04:38 | 000,017,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msvcr100_clr0400.dll
[2013.05.22 21:04:01 | 002,094,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mmc.exe
[2013.05.22 21:04:01 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlidsvc.dll
[2013.05.22 21:04:00 | 001,611,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mmc.exe
[2013.05.22 21:04:00 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msctf.dll
[2013.05.22 21:03:59 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\setupapi.dll
[2013.05.22 21:03:59 | 000,438,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsm.dll
[2013.05.22 21:03:59 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Media.dll
[2013.05.22 21:03:58 | 000,028,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\msgpiowin32.sys
[2013.05.22 21:03:57 | 000,728,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\samsrv.dll
[2013.05.22 21:03:57 | 000,666,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MP4SDECD.DLL
[2013.05.22 21:03:57 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MP4SDECD.DLL
[2013.05.22 21:03:57 | 000,261,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Media.dll
[2013.05.22 21:03:57 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSDMon.dll
[2013.05.22 21:03:57 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncbservice.dll
[2013.05.22 21:03:57 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetpp.dll
[2013.05.22 21:03:57 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\httpprxm.dll
[2013.05.22 21:03:57 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wiaacmgr.exe
[2013.05.22 21:03:57 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wiaacmgr.exe
[2013.05.22 21:03:57 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adhsvc.dll
[2013.05.22 21:03:56 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adhapi.dll
[2013.05.22 21:03:56 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\httpprxp.dll
[2013.05.22 21:03:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\keepaliveprovider.dll
[2013.05.22 21:03:44 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sppobjs.dll
[2013.05.22 21:03:38 | 001,627,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2013.05.22 21:03:37 | 005,978,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2013.05.22 21:03:36 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfasfsrcsnk.dll
[2013.05.22 21:03:36 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfasfsrcsnk.dll
[2013.05.22 21:03:36 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ubpm.dll
[2013.05.22 21:03:35 | 001,149,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winmde.dll
[2013.05.22 21:03:35 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpmde.dll
[2013.05.22 21:03:35 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BCP47Langs.dll
[2013.05.22 21:03:35 | 000,327,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Classpnp.sys
[2013.05.22 21:03:35 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ubpm.dll
[2013.05.22 21:03:34 | 005,091,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2013.05.22 21:03:34 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Globalization.dll
[2013.05.22 21:03:34 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2013.05.22 21:03:34 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Security.Authentication.OnlineId.dll
[2013.05.22 21:03:34 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\BCP47Langs.dll
[2013.05.22 21:03:33 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2013.05.22 21:03:33 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcfgx.dll
[2013.05.22 21:03:33 | 000,332,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys
[2013.05.22 21:03:33 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SystemEventsBrokerServer.dll
[2013.05.22 21:03:33 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TimeBrokerServer.dll
[2013.05.22 21:03:32 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\winmde.dll
[2013.05.22 21:03:32 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS
[2013.05.22 21:03:31 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Globalization.dll
[2013.05.22 21:03:29 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcfgx.dll
[2013.05.22 21:03:29 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SettingSync.dll
[2013.05.22 21:03:28 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drvstore.dll
[2013.05.22 21:03:28 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2013.05.22 21:03:28 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\drvstore.dll
[2013.05.22 21:03:28 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Security.Authentication.OnlineId.dll
[2013.05.22 21:03:28 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUSettingsProvider.dll
[2013.05.22 21:03:28 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usbmon.dll
[2013.05.22 21:03:27 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SettingSync.dll
[2013.05.22 21:03:27 | 000,194,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\sdbus.sys
[2013.05.22 21:03:27 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe
[2013.05.22 21:03:26 | 000,337,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBXHCI.SYS
[2013.05.22 21:03:26 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\powercfg.cpl
[2013.05.22 21:03:26 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\discan.dll
[2013.05.22 21:03:26 | 000,148,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\tpm.sys
[2013.05.22 21:03:26 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\powercfg.cpl
[2013.05.22 21:03:26 | 000,125,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dumpsd.sys
[2013.05.22 21:03:26 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NdisImPlatform.dll
[2013.05.22 21:03:26 | 000,077,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storahci.sys
[2013.05.22 21:03:26 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhostex.exe
[2013.05.22 21:03:26 | 000,058,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2013.05.22 21:03:26 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DevDispItemProvider.dll
[2013.05.22 21:03:26 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2013.05.22 21:03:26 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2013.05.22 21:03:26 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuaext.dll
[2013.05.22 21:03:25 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fsquirt.exe
[2013.05.22 21:03:25 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\storewuauth.dll
[2013.05.22 21:03:25 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2013.05.22 21:03:25 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2013.05.22 21:03:25 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2013.05.22 21:03:25 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2013.05.22 21:03:24 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SettingSyncInfo.dll
[2013.05.22 21:03:24 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SettingSyncInfo.dll
[2013.05.22 21:03:24 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WSDPrintProxy.DLL
[2013.05.22 21:03:24 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2013.05.22 21:03:24 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DevDispItemProvider.dll
[2013.05.22 21:03:24 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2013.05.22 21:03:24 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2013.05.22 21:03:23 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wushareduxresources.dll
[2013.05.22 21:03:04 | 013,648,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.UI.Xaml.dll
[2013.05.22 21:03:03 | 010,116,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\twinui.dll
[2013.05.22 21:03:02 | 014,267,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll
[2013.05.22 21:03:02 | 003,552,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tquery.dll
[2013.05.22 21:03:01 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\twinui.dll
[2013.05.22 21:03:00 | 011,878,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2013.05.22 21:03:00 | 010,789,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.UI.Xaml.dll
[2013.05.22 21:03:00 | 002,107,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssrch.dll
[2013.05.22 21:02:59 | 002,767,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tquery.dll
[2013.05.22 21:02:58 | 001,829,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2013.05.22 21:02:58 | 001,593,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssrch.dll
[2013.05.22 21:02:56 | 001,444,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSAudDecMFT.dll
[2013.05.22 21:02:55 | 001,113,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSAudDecMFT.dll
[2013.05.22 21:02:55 | 000,306,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kd_02_10ec.dll
[2013.05.22 21:02:54 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssph.dll
[2013.05.22 21:02:54 | 000,298,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rsaenh.dll
[2013.05.22 21:02:53 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2013.05.22 21:02:53 | 000,446,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioSes.dll
[2013.05.22 21:02:53 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchProtocolHost.exe
[2013.05.22 21:02:52 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Networking.dll
[2013.05.22 21:02:52 | 000,489,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioEng.dll
[2013.05.22 21:02:52 | 000,435,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssph.dll
[2013.05.22 21:02:52 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2013.05.22 21:02:52 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dwmredir.dll
[2013.05.22 21:02:51 | 002,035,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2013.05.22 21:02:51 | 001,403,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2013.05.22 21:02:51 | 000,804,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RecoveryDrive.exe
[2013.05.22 21:02:51 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpncore.dll
[2013.05.22 21:02:51 | 000,253,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\audiodg.exe
[2013.05.22 21:02:50 | 001,267,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe
[2013.05.22 21:02:50 | 000,523,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2013.05.22 21:02:50 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MFMediaEngine.dll
[2013.05.22 21:02:50 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Networking.BackgroundTransfer.dll
[2013.05.22 21:02:49 | 001,217,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2013.05.22 21:02:48 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\actxprxy.dll
[2013.05.22 21:02:48 | 001,093,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe
[2013.05.22 21:02:48 | 000,503,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ci.dll
[2013.05.22 21:02:48 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Networking.dll
[2013.05.22 21:02:48 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fhengine.dll
[2013.05.22 21:02:48 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsRasterService.dll
[2013.05.22 21:02:48 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dmvdsitf.dll
[2013.05.22 21:02:47 | 000,659,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssvp.dll
[2013.05.22 21:02:47 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MFMediaEngine.dll
[2013.05.22 21:02:47 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfreadwrite.dll
[2013.05.22 21:02:47 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2013.05.22 21:02:47 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AudioEndpointBuilder.dll
[2013.05.22 21:02:47 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Robocopy.exe
[2013.05.22 21:02:47 | 000,123,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wscapi.dll
[2013.05.22 21:02:47 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys
[2013.05.22 21:02:47 | 000,077,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kdvm.dll
[2013.05.22 21:02:47 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\pdc.sys
[2013.05.22 21:02:46 | 000,522,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AUDIOKSE.dll
[2013.05.22 21:02:46 | 000,463,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AUDIOKSE.dll
[2013.05.22 21:02:46 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\intl.cpl
[2013.05.22 21:02:46 | 000,284,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\spaceport.sys
[2013.05.22 21:02:46 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iuilp.dll
[2013.05.22 21:02:46 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SearchFilterHost.exe
[2013.05.22 21:02:46 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dmvdsitf.dll
[2013.05.22 21:02:46 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsRasterService.dll
[2013.05.22 21:02:46 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Robocopy.exe
[2013.05.22 21:02:46 | 000,086,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kdnet.dll
[2013.05.22 21:02:45 | 000,745,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssvp.dll
[2013.05.22 21:02:45 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\GenuineCenter.dll
[2013.05.22 21:02:45 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\intl.cpl
[2013.05.22 21:02:45 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2013.05.22 21:02:45 | 000,303,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys
[2013.05.22 21:02:45 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssphtb.dll
[2013.05.22 21:02:45 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfreadwrite.dll
[2013.05.22 21:02:45 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssprxy.dll
[2013.05.22 21:02:45 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fmifs.dll
[2013.05.22 21:02:45 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fmifs.dll
[2013.05.22 21:02:45 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidi2c.sys
[2013.05.22 21:02:45 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msshooks.dll
[2013.05.22 21:02:45 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msshooks.dll
[2013.05.22 21:02:44 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDump.dll
[2013.05.22 21:02:44 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssitlb.dll
[2013.05.22 21:02:44 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mssitlb.dll
[2013.05.22 21:02:44 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msscntrs.dll
[2013.05.22 21:02:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msscntrs.dll
[2013.05.22 21:02:22 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tssdisai.dll
[2013.05.22 21:02:22 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appserverai.dll
[2013.05.22 21:02:22 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RDWebAI.dll
[2013.05.22 21:02:22 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VmHostAI.dll
[2013.05.22 21:02:21 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe
[2013.05.22 21:02:21 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe
[2013.05.22 21:02:19 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\synceng.dll
[2013.05.22 21:02:19 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\synceng.dll
[2013.05.22 21:02:02 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013.05.22 21:01:54 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\uxtheme.dll
[2013.05.22 21:01:54 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013.05.22 21:01:54 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013.05.22 21:01:51 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013.05.22 21:01:50 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013.05.22 21:01:49 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013.05.22 21:01:49 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013.05.22 21:01:49 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013.05.22 21:01:49 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013.05.22 21:01:49 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UXInit.dll
[2013.05.22 21:01:49 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UXInit.dll
[2013.05.22 21:01:49 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013.05.22 21:01:49 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013.05.22 21:01:46 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncryptsslp.dll
[2013.05.22 21:01:46 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncryptsslp.dll
[2013.05.22 21:01:10 | 006,987,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2013.05.22 21:01:03 | 000,230,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdFilter.sys
[2013.05.22 21:01:01 | 000,035,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdBoot.sys
[2013.05.22 21:00:35 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pcadm.dll
[2013.05.22 21:00:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pcalua.exe
[2013.05.22 21:00:35 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pcaevts.dll
[2013.05.22 21:00:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml6r.dll
[2013.05.22 21:00:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml6r.dll
[2013.05.22 21:00:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
[2013.05.22 21:00:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
[2013.05.22 21:00:31 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnet.dll
[2013.05.22 21:00:31 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnet.dll
[2013.05.22 21:00:31 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnathlp.dll
[2013.05.22 21:00:31 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnathlp.dll
[2013.05.22 21:00:31 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnsvr.exe
[2013.05.22 21:00:31 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnsvr.exe
[2013.05.22 21:00:31 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnhupnp.dll
[2013.05.22 21:00:31 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnhpast.dll
[2013.05.22 21:00:31 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnhupnp.dll
[2013.05.22 21:00:31 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnhpast.dll
[2013.05.22 21:00:31 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnlobby.dll
[2013.05.22 21:00:31 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnaddr.dll
[2013.05.22 21:00:31 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnlobby.dll
[2013.05.22 21:00:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnaddr.dll
[2013.05.22 21:00:19 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\duser.dll
[2013.05.22 21:00:17 | 000,543,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlroamextension.dll
[2013.05.22 21:00:16 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WWanAPI.dll
[2013.05.22 21:00:16 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netprofmsvc.dll
[2013.05.22 21:00:16 | 000,446,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBHUB3.SYS
[2013.05.22 21:00:16 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncsi.dll
[2013.05.22 21:00:16 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Networking.Connectivity.dll
[2013.05.22 21:00:16 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hotspotauth.dll
[2013.05.22 21:00:15 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2013.05.22 21:00:15 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WWanAPI.dll
[2013.05.22 21:00:15 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mbsmsapi.dll
[2013.05.22 21:00:15 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Networking.Connectivity.dll
[2013.05.22 21:00:15 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mbsmsapi.dll
[2013.05.22 21:00:15 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskkill.exe
[2013.05.22 21:00:15 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tasklist.exe
[2013.05.22 21:00:15 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\BthAvrcpTg.sys
[2013.05.22 21:00:14 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpd_ci.dll
[2013.05.22 21:00:14 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wlroamextension.dll
[2013.05.22 21:00:14 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tasklist.exe
[2013.05.22 21:00:14 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\taskkill.exe
[2013.05.22 21:00:14 | 000,061,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\crashdmp.sys
[2013.05.22 21:00:13 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nlmproxy.dll
[2013.05.22 21:00:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nlmsprep.dll
[2013.05.22 21:00:12 | 000,029,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\BthhfHid.sys
[2013.05.22 21:00:12 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\BtaMPM.sys
[2013.05.22 20:59:48 | 001,690,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\GdiPlus.dll
[2013.05.22 20:59:48 | 001,437,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\GdiPlus.dll
[2013.05.22 20:59:45 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usb8023x.sys
[2013.05.22 20:59:45 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usb8023.sys
[2013.05.22 20:59:44 | 000,362,496 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2013.05.22 20:59:44 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2013.05.22 20:59:44 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll
[2013.05.22 20:59:44 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll
[2013.05.22 20:59:44 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2013.05.22 20:59:44 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2013.05.22 20:59:44 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dciman32.dll
[2013.05.22 20:59:44 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpk.dll
[2013.05.22 20:59:31 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll
[2013.05.22 20:59:30 | 000,112,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2013.05.22 20:59:27 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ReAgentc.exe
[2013.05.22 20:59:27 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgentc.exe
[2013.05.22 20:59:26 | 000,945,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\resetengmig.dll
[2013.05.22 20:59:26 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ReAgent.dll
[2013.05.22 20:59:26 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ReAgent.dll
[2013.05.22 20:59:25 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\esent.dll
[2013.05.22 20:59:25 | 002,382,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\esent.dll
[2013.05.22 20:59:25 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\reseteng.dll
[2013.05.22 20:59:25 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sysreset.exe
[2013.05.22 15:28:50 | 000,000,000 | ---D | C] -- C:\sources
[2013.05.22 15:21:31 | 000,000,000 | ---D | C] -- C:\JD - Temp
[2013.05.22 15:13:45 | 001,092,512 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\npDeployJava1.dll
[2013.05.22 15:13:45 | 000,971,680 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\deployJava1.dll
[2013.05.22 15:13:45 | 000,311,200 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\javaws.exe
[2013.05.22 15:13:43 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\javaw.exe
[2013.05.22 15:13:43 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\java.exe
[2013.05.22 15:13:43 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\WindowsAccessBridge-64.dll
[2013.05.22 15:13:37 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.05.22 15:13:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2013.05.22 15:13:16 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2013.05.22 15:09:43 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Paint.NET
[2013.05.22 15:09:43 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET
[2013.05.22 15:05:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2013.05.22 14:59:31 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Yontoo
[2013.05.22 14:59:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo
[2013.05.22 14:59:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013.05.22 14:53:56 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Microsoft Help
[2013.05.22 14:53:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013.05.22 14:51:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013.05.22 14:51:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013.05.22 14:51:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2013.05.22 14:51:04 | 003,649,536 | ---- | C] (x264vfw project) -- C:\windows\SysWow64\x264vfw.dll
[2013.05.22 14:51:04 | 000,151,552 | ---- | C] (fccHandler) -- C:\windows\SysWow64\ac3acm.acm
[2013.05.22 14:51:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2013.05.22 14:50:06 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WdfCoInstaller01007.dll
[2013.05.22 14:50:06 | 000,708,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WinUSBCoInstaller.dll
[2013.05.22 14:49:38 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\windows\SysWow64\Redemption.dll
[2013.05.22 14:49:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2013.05.22 14:49:34 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\windows\SysWow64\dgderapi.dll
[2013.05.22 14:49:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2013.05.22 14:49:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2013.05.22 14:48:52 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Downloaded Installations
[2013.05.22 14:47:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013.05.22 14:45:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative
[2013.05.22 14:45:17 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Creative Installation Information
[2013.05.22 14:43:36 | 000,728,576 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysWow64\KSAPO32.dll
[2013.05.22 14:43:36 | 000,262,656 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\KSVSPI64.dll
[2013.05.22 14:43:36 | 000,235,520 | ---- | C] (Creative Technology Limited) -- C:\windows\SysNative\KsDvInst.dll
[2013.05.22 14:43:36 | 000,195,584 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysWow64\KSVSPI32.dll
[2013.05.22 14:43:36 | 000,074,240 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\KSWrap64.dll
[2013.05.22 14:43:36 | 000,053,760 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\KSPPCn64.dll
[2013.05.22 14:43:35 | 001,588,608 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\drivers\ksaud.sys
[2013.05.22 14:43:35 | 000,866,816 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\KSAPO64.dll
[2013.05.22 14:43:35 | 000,631,428 | ---- | C] (Creative Technology Ltd) -- C:\windows\KSAIM64.exe
[2013.05.22 14:43:35 | 000,479,232 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\JDetect.exe
[2013.05.22 14:43:35 | 000,115,712 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\SBAVMon.dll
[2013.05.22 14:43:35 | 000,067,584 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\KSDGFX64.dll
[2013.05.22 14:43:35 | 000,057,856 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\KSppld64.dll
[2013.05.22 14:42:50 | 000,466,520 | ---- | C] (Creative Labs) -- C:\windows\SysNative\wrap_oal.dll
[2013.05.22 14:42:49 | 000,123,480 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\windows\SysNative\OpenAL32.dll
[2013.05.22 14:42:48 | 000,445,016 | ---- | C] (Creative Labs) -- C:\windows\SysWow64\wrap_oal.dll
[2013.05.22 14:42:48 | 000,109,144 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\windows\SysWow64\OpenAL32.dll
[2013.05.22 14:42:47 | 002,902,496 | ---- | C] (Creative) -- C:\windows\SysWow64\Sens_oal.dll
[2013.05.22 14:42:46 | 001,940,992 | ---- | C] (Creative) -- C:\windows\SysNative\Sens_oal.dll
[2013.05.22 14:42:21 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Creative
[2013.05.22 14:41:33 | 000,079,360 | ---- | C] (Creative Technology Ltd) -- C:\windows\SysWow64\CTOPT399.dll
[2013.05.22 14:41:32 | 000,061,440 | ---- | C] (Creative Technology Ltd) -- C:\windows\SysWow64\CTChkAud.dll
[2013.05.22 14:41:32 | 000,042,496 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysWow64\AddCat.exe
[2013.05.22 14:41:31 | 000,088,576 | ---- | C] (Creative Technology Ltd) -- C:\windows\SysNative\CTOPT399.dll
[2013.05.22 14:41:31 | 000,049,664 | ---- | C] (Creative Technology Ltd) -- C:\windows\SysNative\CTChkAud.dll
[2013.05.22 14:41:30 | 000,042,496 | ---- | C] (Creative Technology Ltd.) -- C:\windows\SysNative\AddCat.exe
[2013.05.22 14:41:02 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Mscomct2.ocx
[2013.05.22 14:41:02 | 000,053,248 | ---- | C] (Creative Technology Ltd ) -- C:\windows\Ctregrun.exe
[2013.05.22 14:36:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2013.05.22 14:36:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative Labs Shared
[2013.05.22 14:34:20 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2013.05.22 14:33:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative
[2013.05.22 14:30:36 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Nero
[2013.05.22 14:30:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack x64
[2013.05.22 14:29:39 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack x64
[2013.05.22 14:29:06 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Programs
[2013.05.22 14:28:21 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Nero
[2013.05.22 14:14:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
[2013.05.22 14:14:47 | 000,000,000 | ---D | C] -- C:\Program Files\Classic Shell
[2013.05.22 14:14:43 | 000,000,000 | --SD | C] -- C:\Users\Heinz\Google Drive
[2013.05.22 14:12:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013.05.22 14:10:44 | 000,378,432 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2013.05.22 14:10:44 | 000,033,400 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys
[2013.05.22 14:10:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013.05.22 14:10:43 | 000,072,016 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2013.05.22 14:10:43 | 000,064,288 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys
[2013.05.22 14:10:37 | 001,025,808 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2013.05.22 14:10:35 | 000,287,840 | ---- | C] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2013.05.22 14:10:35 | 000,080,816 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2013.05.22 14:09:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.05.22 14:09:34 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.05.22 14:09:20 | 000,041,664 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2013.05.22 14:09:00 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.05.22 14:07:53 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013.05.21 20:49:58 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\TOSHIBA
[2013.05.21 20:49:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.05.21 20:49:16 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\ATI
[2013.05.21 20:49:16 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\ATI
[2013.05.21 20:47:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.05.21 20:47:53 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Google
[2013.05.21 20:47:39 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Deployment
[2013.05.21 20:47:39 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Apps
[2013.05.21 20:47:27 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Macromedia
[2013.05.21 20:44:28 | 000,000,000 | ---D | C] -- C:\ProgramData\ToshibaEurope
[2013.05.21 20:44:13 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\SRS Labs
[2013.05.21 20:43:33 | 000,000,000 | R--D | C] -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.05.21 20:43:33 | 000,000,000 | R--D | C] -- C:\Users\Heinz\Searches
[2013.05.21 20:43:33 | 000,000,000 | R--D | C] -- C:\Users\Heinz\Contacts
[2013.05.21 20:43:33 | 000,000,000 | R--D | C] -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.05.21 20:43:33 | 000,000,000 | -H-D | C] -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013.05.21 20:43:28 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Adobe
[2013.05.21 20:42:17 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\VirtualStore
[2013.05.21 20:42:09 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Packages
[2013.05.21 20:42:02 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution
[2013.05.21 20:41:55 | 000,000,000 | --SD | C] -- C:\Users\Heinz\AppData\Roaming\Microsoft
[2013.05.21 20:41:55 | 000,000,000 | R--D | C] -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2013.05.21 20:41:55 | 000,000,000 | R--D | C] -- C:\Users\Heinz\Links
[2013.05.21 20:41:55 | 000,000,000 | R--D | C] -- C:\Users\Heinz\Favorites
[2013.05.21 20:41:55 | 000,000,000 | R--D | C] -- C:\Users\Heinz\Desktop
[2013.05.21 20:41:55 | 000,000,000 | R--D | C] -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.05.21 20:41:55 | 000,000,000 | R--D | C] -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\AppData\Local\Temporary Internet Files
[2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\Templates
[2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\Start Menu
[2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\SendTo
[2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\Recent
[2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\PrintHood
[2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\NetHood
[2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\My Documents
[2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\Local Settings
[2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\AppData\Local\History
[2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\Cookies
[2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\Application Data
[2013.05.21 20:41:55 | 000,000,000 | -HSD | C] -- C:\Users\Heinz\AppData\Local\Application Data
[2013.05.21 20:41:55 | 000,000,000 | -H-D | C] -- C:\Users\Heinz\AppData
[2013.05.21 20:41:55 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Temp
[2013.05.21 20:41:55 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Local\Microsoft
[2013.05.21 20:41:55 | 000,000,000 | ---D | C] -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.07 18:10:34 | 000,007,600 | ---- | M] () -- C:\Users\Heinz\AppData\Local\Resmon.ResmonCfg
[2013.06.07 18:02:00 | 000,000,956 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2594244226-710932845-2937545045-1001UA.job
[2013.06.07 18:01:46 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.06.07 17:53:01 | 000,001,136 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.07 17:30:05 | 000,001,132 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.07 17:30:03 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.06.07 17:28:36 | 000,848,230 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.06.07 17:28:36 | 000,719,418 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.06.07 17:28:36 | 000,132,748 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.06.07 14:18:32 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.06.07 14:18:28 | 2536,058,879 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.07 14:01:00 | 000,000,904 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2594244226-710932845-2937545045-1001Core.job
[2013.06.06 22:39:14 | 000,354,840 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.06.06 11:09:15 | 000,001,172 | ---- | M] () -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
[2013.06.06 11:09:15 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Magician.lnk
[2013.06.04 09:15:02 | 000,103,448 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\windows\SysNative\drivers\ssudbus.sys
[2013.06.04 09:15:00 | 000,203,672 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\windows\SysNative\drivers\ssudmdm.sys
[2013.06.02 15:34:21 | 000,001,055 | ---- | M] () -- C:\Users\Heinz\Desktop\eclipse.lnk
[2013.06.01 16:51:16 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013.05.23 16:19:08 | 000,001,628 | ---- | M] () -- C:\Users\Heinz\Desktop\Medien_Generator.lnk
[2013.05.23 16:18:50 | 000,001,520 | ---- | M] () -- C:\Users\Heinz\Desktop\Medien.lnk
[2013.05.23 14:59:01 | 000,000,956 | ---- | M] () -- C:\Users\Heinz\Desktop\Dubstep.lnk
[2013.05.23 12:20:01 | 000,000,640 | ---- | M] () -- C:\Users\Heinz\Desktop\Thomas.lnk
[2013.05.23 12:16:47 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2013.05.22 15:13:41 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\WindowsAccessBridge-64.dll
[2013.05.22 15:13:39 | 000,311,200 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\javaws.exe
[2013.05.22 15:13:39 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\javaw.exe
[2013.05.22 15:13:39 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\java.exe
[2013.05.22 15:13:38 | 001,092,512 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\npDeployJava1.dll
[2013.05.22 15:13:37 | 000,971,680 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\deployJava1.dll
[2013.05.22 15:06:39 | 000,002,012 | ---- | M] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk
[2013.05.22 14:49:38 | 000,002,037 | ---- | M] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk
[2013.05.22 14:49:38 | 000,002,027 | ---- | M] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2013.05.22 14:45:06 | 000,000,286 | RH-- | M] () -- C:\windows\ctfile.rfc
[2013.05.22 14:42:50 | 000,466,520 | ---- | M] (Creative Labs) -- C:\windows\SysNative\wrap_oal.dll
[2013.05.22 14:42:49 | 000,445,016 | ---- | M] (Creative Labs) -- C:\windows\SysWow64\wrap_oal.dll
[2013.05.22 14:42:49 | 000,123,480 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\windows\SysNative\OpenAL32.dll
[2013.05.22 14:42:48 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\windows\SysWow64\OpenAL32.dll
[2013.05.22 14:15:40 | 000,000,355 | ---- | M] () -- C:\Users\Heinz\Desktop\Computer.lnk
[2013.05.22 14:14:47 | 000,002,290 | ---- | M] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013.05.22 14:10:35 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt
[2013.05.22 14:09:13 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013.05.21 20:47:23 | 000,001,435 | ---- | M] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013.05.09 10:59:07 | 001,025,808 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2013.05.09 10:59:07 | 000,378,432 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2013.05.09 10:59:07 | 000,189,936 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2013.05.09 10:59:07 | 000,072,016 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2013.05.09 10:59:07 | 000,065,336 | ---- | M] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2013.05.09 10:59:07 | 000,064,288 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys
[2013.05.09 10:59:06 | 000,080,816 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2013.05.09 10:59:06 | 000,033,400 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys
[2013.05.09 10:58:37 | 000,041,664 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr
[2013.05.09 10:58:11 | 000,287,840 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.07 18:01:46 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.06.07 13:08:04 | 000,630,054 | ---- | C] () -- E:\Thomas\My Documents\trancegott_rot-lila.bmp
[2013.06.07 13:08:04 | 000,630,054 | ---- | C] () -- E:\Thomas\My Documents\trancegott_rot.bmp
[2013.06.07 13:08:04 | 000,630,054 | ---- | C] () -- E:\Thomas\My Documents\trancegott_lila.bmp
[2013.06.07 13:08:04 | 000,630,054 | ---- | C] () -- E:\Thomas\My Documents\trancegott_grün.bmp
[2013.06.07 13:08:04 | 000,630,054 | ---- | C] () -- E:\Thomas\My Documents\trancegott_blau.bmp
[2013.06.07 13:08:04 | 000,044,024 | ---- | C] () -- E:\Thomas\My Documents\trancegott_rot-lila-blau.png
[2013.06.07 13:08:04 | 000,038,195 | ---- | C] () -- E:\Thomas\My Documents\trancegott_blau.png
[2013.06.07 13:08:04 | 000,038,055 | ---- | C] () -- E:\Thomas\My Documents\trancegott_lila.png
[2013.06.07 13:08:04 | 000,037,992 | ---- | C] () -- E:\Thomas\My Documents\trancegott_grün.png
[2013.06.07 13:08:04 | 000,037,834 | ---- | C] () -- E:\Thomas\My Documents\trancegott_rot.png
[2013.06.07 13:08:04 | 000,029,825 | ---- | C] () -- E:\Thomas\My Documents\trancegott.png
[2013.06.07 13:08:04 | 000,017,442 | ---- | C] () -- E:\Thomas\My Documents\Trancegott_rot-weiß.jpg
[2013.06.07 13:08:04 | 000,016,532 | ---- | C] () -- E:\Thomas\My Documents\Trancegott_rot-weiß_4-3.jpg
[2013.06.06 11:06:09 | 000,001,172 | ---- | C] () -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
[2013.06.06 11:06:09 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Magician.lnk
[2013.06.02 15:34:20 | 000,001,055 | ---- | C] () -- C:\Users\Heinz\Desktop\eclipse.lnk
[2013.06.01 16:51:16 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2013.06.01 15:14:32 | 000,000,299 | ---- | C] () -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin (3).lnk
[2013.05.31 13:57:01 | 000,000,956 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2594244226-710932845-2937545045-1001UA.job
[2013.05.31 13:56:59 | 000,000,904 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2594244226-710932845-2937545045-1001Core.job
[2013.05.26 16:10:08 | 000,000,299 | ---- | C] () -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin (2).lnk
[2013.05.24 22:46:02 | 000,354,840 | ---- | C] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.05.24 13:30:05 | 000,000,299 | ---- | C] () -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
[2013.05.23 16:19:08 | 000,001,628 | ---- | C] () -- C:\Users\Heinz\Desktop\Medien_Generator.lnk
[2013.05.23 16:18:50 | 000,001,520 | ---- | C] () -- C:\Users\Heinz\Desktop\Medien.lnk
[2013.05.23 14:59:01 | 000,000,956 | ---- | C] () -- C:\Users\Heinz\Desktop\Dubstep.lnk
[2013.05.23 14:40:28 | 000,007,600 | ---- | C] () -- C:\Users\Heinz\AppData\Local\Resmon.ResmonCfg
[2013.05.23 12:20:01 | 000,000,640 | ---- | C] () -- C:\Users\Heinz\Desktop\Thomas.lnk
[2013.05.23 12:16:47 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_Kernel_WinUSB_01007.Wdf
[2013.05.22 21:02:48 | 000,387,688 | ---- | C] () -- C:\windows\SysNative\ApnDatabase.xml
[2013.05.22 15:17:08 | 000,001,199 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2013.05.22 15:06:39 | 000,002,012 | ---- | C] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk
[2013.05.22 15:06:35 | 000,002,012 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2013.05.22 15:06:35 | 000,001,956 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2013.05.22 15:06:34 | 000,001,935 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2013.05.22 14:51:58 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.05.22 14:51:04 | 000,650,752 | ---- | C] () -- C:\windows\SysWow64\xvidcore.dll
[2013.05.22 14:51:04 | 000,243,200 | ---- | C] () -- C:\windows\SysWow64\xvidvfw.dll
[2013.05.22 14:51:04 | 000,216,064 | ---- | C] ( ) -- C:\windows\SysWow64\lagarith.dll
[2013.05.22 14:51:04 | 000,178,688 | ---- | C] () -- C:\windows\SysWow64\unrar.dll
[2013.05.22 14:51:02 | 000,112,640 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll
[2013.05.22 14:49:38 | 000,002,037 | ---- | C] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk
[2013.05.22 14:49:38 | 000,002,027 | ---- | C] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk
[2013.05.22 14:44:39 | 000,237,056 | ---- | C] () -- C:\windows\SysNative\APOMgr64.DLL
[2013.05.22 14:44:39 | 000,181,760 | ---- | C] () -- C:\windows\SysWow64\APOMngr.DLL
[2013.05.22 14:44:39 | 000,089,088 | ---- | C] () -- C:\windows\SysNative\CmdRtr64.DLL
[2013.05.22 14:44:39 | 000,073,728 | ---- | C] () -- C:\windows\SysWow64\CmdRtr.DLL
[2013.05.22 14:44:03 | 000,044,795 | R--- | C] () -- C:\windows\SysNative\kschimp.ini
[2013.05.22 14:43:36 | 000,034,637 | ---- | C] () -- C:\windows\SysNative\ksaud.ini
[2013.05.22 14:43:36 | 000,012,344 | ---- | C] () -- C:\windows\SysNative\MixerDefault.reg
[2013.05.22 14:43:36 | 000,001,772 | ---- | C] () -- C:\ProgramData\cfSB1095.ini
[2013.05.22 14:43:04 | 000,026,768 | R--- | C] () -- C:\windows\ksaudENG.reg
[2013.05.22 14:43:04 | 000,002,630 | R--- | C] () -- C:\windows\MixerName.reg
[2013.05.22 14:43:04 | 000,000,286 | RH-- | C] () -- C:\windows\ctfile.rfc
[2013.05.22 14:41:32 | 000,005,498 | ---- | C] () -- C:\windows\SysWow64\CTOPT399.cat
[2013.05.22 14:41:31 | 000,005,594 | ---- | C] () -- C:\windows\SysNative\CTOPT399.cat
[2013.05.22 14:40:36 | 000,007,062 | ---- | C] () -- C:\windows\SysWow64\audiopid.vxd
[2013.05.22 14:30:09 | 000,206,336 | ---- | C] () -- C:\windows\SysNative\unrar64.dll
[2013.05.22 14:30:09 | 000,148,992 | ---- | C] ( ) -- C:\windows\SysNative\lagarith.dll
[2013.05.22 14:15:40 | 000,000,355 | ---- | C] () -- C:\Users\Heinz\Desktop\Computer.lnk
[2013.05.22 14:10:37 | 000,189,936 | ---- | C] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2013.05.22 14:10:37 | 000,065,336 | ---- | C] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2013.05.22 14:10:35 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\config.nt
[2013.05.22 14:09:13 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2013.05.21 20:49:45 | 000,002,290 | ---- | C] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013.05.21 20:48:00 | 000,001,136 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.21 20:47:59 | 000,001,132 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.21 20:47:23 | 000,001,435 | ---- | C] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013.05.21 20:43:28 | 000,001,441 | ---- | C] () -- C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.05.21 20:41:55 | 000,000,352 | ---- | C] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013.05.21 20:41:55 | 000,000,334 | ---- | C] () -- C:\Users\Heinz\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2013.01.17 04:18:06 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2012.11.13 19:18:06 | 000,083,968 | ---- | C] () -- C:\windows\SysWow64\OEMLicense.dll
[2012.09.18 03:40:14 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2012.09.18 03:40:14 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll
[2012.07.25 22:22:56 | 000,733,840 | ---- | C] () -- C:\windows\SysWow64\igcodeckrng700.bin
[2012.07.25 22:22:56 | 000,492,340 | ---- | C] () -- C:\windows\SysWow64\igvpkrng700.bin
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat
[2012.05.11 02:35:16 | 000,029,184 | ---- | C] () -- C:\windows\SysWow64\kdbsdk32.dll
[2012.04.20 23:59:44 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
sorry für die mehrfachposts, hab das vom handy aus gemacht^^

Alt 08.06.2013, 10:39   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Windows System immer bei 20% Systemauslastung, Virus vermutet - Standard

Windows System immer bei 20% Systemauslastung, Virus vermutet



hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.06.2013, 11:36   #11
Trancegott
 
Windows System immer bei 20% Systemauslastung, Virus vermutet - Standard

Windows System immer bei 20% Systemauslastung, Virus vermutet



Code:
ATTFilter
11:33:52.0673 1652  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:33:52.0673 1652  UEFI system
11:33:52.0806 1652  ============================================================
11:33:52.0806 1652  Current date / time: 2013/06/08 11:33:52.0806
11:33:52.0806 1652  SystemInfo:
11:33:52.0806 1652  
11:33:52.0806 1652  OS Version: 6.2.9200 ServicePack: 0.0
11:33:52.0806 1652  Product type: Workstation
11:33:52.0806 1652  ComputerName: TRANCEGOTT-PC
11:33:52.0806 1652  UserName: Thomas Terpelle
11:33:52.0806 1652  Windows directory: C:\windows
11:33:52.0806 1652  System windows directory: C:\windows
11:33:52.0806 1652  Running under WOW64
11:33:52.0807 1652  Processor architecture: Intel x64
11:33:52.0807 1652  Number of processors: 8
11:33:52.0807 1652  Page size: 0x1000
11:33:52.0807 1652  Boot type: Normal boot
11:33:52.0807 1652  ============================================================
11:33:52.0975 1652  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:33:52.0977 1652  ============================================================
11:33:52.0977 1652  \Device\Harddisk0\DR0:
11:33:52.0977 1652  GPT partitions:
11:33:52.0978 1652  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {FC31BAD6-E279-4BA1-8D27-300280A701BF}, Name: , StartLBA 0x22, BlocksNum 0x40000
11:33:52.0978 1652  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {754C4DAC-EF53-4CC6-912C-3F497C745887}, Name: , StartLBA 0x40800, BlocksNum 0xE1000
11:33:52.0978 1652  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A0A3484B-51B4-4EF4-95E3-244C0CBB5D47}, Name: , StartLBA 0x121800, BlocksNum 0x82000
11:33:52.0978 1652  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A18A8E91-0208-48BF-9321-389B27ACA356}, Name: , StartLBA 0x1A3800, BlocksNum 0xF87C800
11:33:52.0978 1652  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {550EE9E7-C86C-4343-8E22-068194B3C2BC}, Name: Basic data partition, StartLBA 0xFA20000, BlocksNum 0xB338E67
11:33:52.0978 1652  MBR partitions:
11:33:52.0978 1652  ============================================================
11:33:52.0979 1652  C: <-> \Device\Harddisk0\DR0\Partition4
11:33:52.0980 1652  E: <-> \Device\Harddisk0\DR0\Partition5
11:33:52.0980 1652  ============================================================
11:33:52.0980 1652  Initialize success
11:33:52.0980 1652  ============================================================
11:34:06.0474 6460  ============================================================
11:34:06.0474 6460  Scan started
11:34:06.0474 6460  Mode: Manual; SigCheck; TDLFS; 
11:34:06.0474 6460  ============================================================
11:34:06.0596 6460  ================ Scan system memory ========================
11:34:06.0596 6460  System memory - ok
11:34:06.0597 6460  ================ Scan services =============================
11:34:06.0629 6460  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\windows\System32\drivers\1394ohci.sys
11:34:06.0657 6460  1394ohci - ok
11:34:06.0660 6460  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\windows\system32\drivers\3ware.sys
11:34:06.0668 6460  3ware - ok
11:34:06.0674 6460  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            C:\windows\system32\drivers\ACPI.sys
11:34:06.0687 6460  ACPI - ok
11:34:06.0690 6460  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\windows\system32\Drivers\acpiex.sys
11:34:06.0697 6460  acpiex - ok
11:34:06.0700 6460  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\windows\System32\drivers\acpipagr.sys
11:34:06.0708 6460  acpipagr - ok
11:34:06.0711 6460  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\windows\System32\drivers\acpipmi.sys
11:34:06.0719 6460  AcpiPmi - ok
11:34:06.0721 6460  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\windows\System32\drivers\acpitime.sys
11:34:06.0730 6460  acpitime - ok
11:34:06.0733 6460  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:34:06.0739 6460  AdobeARMservice - ok
11:34:06.0745 6460  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
11:34:06.0758 6460  adp94xx - ok
11:34:06.0763 6460  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\windows\system32\drivers\adpahci.sys
11:34:06.0775 6460  adpahci - ok
11:34:06.0779 6460  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\windows\system32\drivers\adpu320.sys
11:34:06.0788 6460  adpu320 - ok
11:34:06.0792 6460  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
11:34:06.0802 6460  AeLookupSvc - ok
11:34:06.0808 6460  [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD             C:\windows\system32\drivers\afd.sys
11:34:06.0821 6460  AFD - ok
11:34:06.0824 6460  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\windows\system32\drivers\agp440.sys
11:34:06.0832 6460  agp440 - ok
11:34:06.0834 6460  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\windows\System32\alg.exe
11:34:06.0845 6460  ALG - ok
11:34:06.0849 6460  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\windows\system32\AUInstallAgent.dll
11:34:06.0858 6460  AllUserInstallAgent - ok
11:34:06.0862 6460  [ E14F7B22FD0BD5FAA8C885C64690965D ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
11:34:06.0874 6460  AMD External Events Utility - ok
11:34:06.0877 6460  [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8           C:\windows\System32\drivers\amdk8.sys
11:34:06.0886 6460  AmdK8 - ok
11:34:06.0948 6460  [ F931C2ED6C8294909C10657DCB9A9A4E ] amdkmdag        C:\windows\system32\DRIVERS\atikmdag.sys
11:34:07.0042 6460  amdkmdag - ok
11:34:07.0048 6460  [ 0D481A7FE3A66724DC11AD8A4E417A9A ] amdkmdap        C:\windows\system32\DRIVERS\atikmpag.sys
11:34:07.0061 6460  amdkmdap - ok
11:34:07.0064 6460  [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM          C:\windows\System32\drivers\amdppm.sys
11:34:07.0073 6460  AmdPPM - ok
11:34:07.0076 6460  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\windows\system32\drivers\amdsata.sys
11:34:07.0083 6460  amdsata - ok
11:34:07.0088 6460  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
11:34:07.0098 6460  amdsbs - ok
11:34:07.0100 6460  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\windows\system32\drivers\amdxata.sys
11:34:07.0107 6460  amdxata - ok
11:34:07.0110 6460  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\windows\system32\drivers\appid.sys
11:34:07.0121 6460  AppID - ok
11:34:07.0124 6460  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\windows\System32\appidsvc.dll
11:34:07.0134 6460  AppIDSvc - ok
11:34:07.0137 6460  [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo         C:\windows\System32\appinfo.dll
11:34:07.0146 6460  Appinfo - ok
11:34:07.0149 6460  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\windows\system32\drivers\arc.sys
11:34:07.0157 6460  arc - ok
11:34:07.0161 6460  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\windows\system32\drivers\arcsas.sys
11:34:07.0169 6460  arcsas - ok
11:34:07.0171 6460  [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk        C:\windows\system32\drivers\aswFsBlk.sys
11:34:07.0182 6460  aswFsBlk - ok
11:34:07.0185 6460  [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt       C:\windows\system32\drivers\aswMonFlt.sys
11:34:07.0190 6460  aswMonFlt - ok
11:34:07.0193 6460  [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr          C:\windows\System32\Drivers\aswrdr2.sys
11:34:07.0199 6460  aswRdr - ok
11:34:07.0201 6460  [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt         C:\windows\system32\drivers\aswRvrt.sys
11:34:07.0207 6460  aswRvrt - ok
11:34:07.0215 6460  [ 10ED1CAB84AA65983C41A11F60294C9B ] aswSnx          C:\windows\system32\drivers\aswSnx.sys
11:34:07.0230 6460  aswSnx - ok
11:34:07.0235 6460  [ 00E5253353717D3CA12A0F5A6F9991EC ] aswSP           C:\windows\system32\drivers\aswSP.sys
11:34:07.0244 6460  aswSP - ok
11:34:07.0246 6460  [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi          C:\windows\system32\drivers\aswTdi.sys
11:34:07.0252 6460  aswTdi - ok
11:34:07.0255 6460  [ 6359B99C955DB9F40B653159A0EED261 ] aswVmm          C:\windows\system32\drivers\aswVmm.sys
11:34:07.0262 6460  aswVmm - ok
11:34:07.0264 6460  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
11:34:07.0274 6460  AsyncMac - ok
11:34:07.0277 6460  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\windows\system32\drivers\atapi.sys
11:34:07.0284 6460  atapi - ok
11:34:07.0307 6460  [ F17ABC4AA1FE4989E812858261414FE5 ] athr            C:\windows\system32\DRIVERS\athw8x.sys
11:34:07.0346 6460  athr - ok
11:34:07.0351 6460  [ 506907D2E7F3A5B67DBD39C00A788B7C ] AtiHDAudioService C:\windows\system32\drivers\AtihdW86.sys
11:34:07.0356 6460  AtiHDAudioService - ok
11:34:07.0360 6460  [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
11:34:07.0370 6460  AudioEndpointBuilder - ok
11:34:07.0378 6460  [ 810F30FF8490ED5ED510621DF10DE320 ] Audiosrv        C:\windows\System32\Audiosrv.dll
11:34:07.0393 6460  Audiosrv - ok
11:34:07.0397 6460  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:34:07.0402 6460  avast! Antivirus - ok
11:34:07.0405 6460  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\windows\System32\AxInstSV.dll
11:34:07.0414 6460  AxInstSV - ok
11:34:07.0420 6460  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
11:34:07.0435 6460  b06bdrv - ok
11:34:07.0438 6460  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\windows\System32\drivers\BasicDisplay.sys
11:34:07.0446 6460  BasicDisplay - ok
11:34:07.0449 6460  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\windows\System32\drivers\BasicRender.sys
11:34:07.0457 6460  BasicRender - ok
11:34:07.0461 6460  [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC          C:\windows\System32\bdesvc.dll
11:34:07.0471 6460  BDESVC - ok
11:34:07.0473 6460  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\windows\system32\drivers\Beep.sys
11:34:07.0481 6460  Beep - ok
11:34:07.0488 6460  [ 9E6A544F465C582AB42444A217CF04DC ] BFE             C:\windows\System32\bfe.dll
11:34:07.0502 6460  BFE - ok
11:34:07.0510 6460  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\windows\System32\qmgr.dll
11:34:07.0530 6460  BITS - ok
11:34:07.0533 6460  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\windows\system32\DRIVERS\bowser.sys
11:34:07.0542 6460  bowser - ok
11:34:07.0545 6460  [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
11:34:07.0555 6460  BrokerInfrastructure - ok
11:34:07.0558 6460  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\windows\System32\browser.dll
11:34:07.0567 6460  Browser - ok
11:34:07.0570 6460  [ 95280EF7B3351351A1B7F274D503A526 ] BtFilter        C:\windows\system32\DRIVERS\btfilter.sys
11:34:07.0579 6460  BtFilter - ok
11:34:07.0582 6460  [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg      C:\windows\System32\drivers\BthAvrcpTg.sys
11:34:07.0590 6460  BthAvrcpTg - ok
11:34:07.0593 6460  [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum         C:\windows\System32\drivers\BthEnum.sys
11:34:07.0601 6460  BthEnum - ok
11:34:07.0604 6460  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\windows\System32\drivers\bthhfenum.sys
11:34:07.0619 6460  BthHFEnum - ok
11:34:07.0621 6460  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\windows\System32\drivers\BthHFHid.sys
11:34:07.0660 6460  bthhfhid - ok
11:34:07.0664 6460  [ 42201C346F0B8C458E1E9CDE04D68A2C ] BthLEEnum       C:\windows\system32\DRIVERS\BthLEEnum.sys
11:34:07.0680 6460  BthLEEnum - ok
11:34:07.0683 6460  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        C:\windows\System32\drivers\bthmodem.sys
11:34:07.0698 6460  BTHMODEM - ok
11:34:07.0701 6460  [ 091BB978E9504D0AD14586929431A957 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
11:34:07.0737 6460  BthPan - ok
11:34:07.0746 6460  [ 13795CAA34239D97A7211E7F9D96E012 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
11:34:07.0763 6460  BTHPORT - ok
11:34:07.0767 6460  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\windows\system32\bthserv.dll
11:34:07.0776 6460  bthserv - ok
11:34:07.0778 6460  [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
11:34:07.0786 6460  BTHUSB - ok
11:34:07.0789 6460  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
11:34:07.0798 6460  cdfs - ok
11:34:07.0802 6460  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\windows\System32\drivers\cdrom.sys
11:34:07.0811 6460  cdrom - ok
11:34:07.0814 6460  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\windows\System32\certprop.dll
11:34:07.0844 6460  CertPropSvc - ok
11:34:07.0846 6460  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\windows\System32\drivers\circlass.sys
11:34:07.0861 6460  circlass - ok
11:34:07.0864 6460  [ 9BCE872B95A6AA65C5B5A0E60703F1E3 ] ClassicShellService c:\Program Files\Classic Shell\ClassicShellService.exe
11:34:07.0867 6460  ClassicShellService ( UnsignedFile.Multi.Generic ) - warning
11:34:07.0867 6460  ClassicShellService - detected UnsignedFile.Multi.Generic (1)
11:34:07.0872 6460  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\windows\system32\drivers\CLFS.sys
11:34:07.0884 6460  CLFS - ok
11:34:07.0891 6460  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\windows\System32\drivers\CmBatt.sys
11:34:07.0898 6460  CmBatt - ok
11:34:07.0904 6460  [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG             C:\windows\system32\Drivers\cng.sys
11:34:07.0919 6460  CNG - ok
11:34:07.0923 6460  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\windows\System32\drivers\CompositeBus.sys
11:34:07.0938 6460  CompositeBus - ok
11:34:07.0940 6460  COMSysApp - ok
11:34:07.0943 6460  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\windows\system32\drivers\condrv.sys
11:34:07.0952 6460  condrv - ok
11:34:07.0954 6460  [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
11:34:07.0958 6460  Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
11:34:07.0958 6460  Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)
11:34:07.0961 6460  [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
11:34:07.0964 6460  Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
11:34:07.0964 6460  Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
11:34:07.0968 6460  [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc        C:\windows\system32\cryptsvc.dll
11:34:07.0978 6460  CryptSvc - ok
11:34:07.0982 6460  [ 5CE3D0E1D1B3832EE052CFC442EEE0FA ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
11:34:07.0987 6460  CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
11:34:07.0987 6460  CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
11:34:07.0990 6460  [ C4D01BD86D6B207275FC143EEA951D75 ] dam             C:\windows\system32\drivers\dam.sys
11:34:07.0997 6460  dam - ok
11:34:08.0006 6460  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\windows\system32\rpcss.dll
11:34:08.0022 6460  DcomLaunch - ok
11:34:08.0027 6460  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\windows\System32\defragsvc.dll
11:34:08.0042 6460  defragsvc - ok
11:34:08.0047 6460  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\windows\system32\das.dll
11:34:08.0062 6460  DeviceAssociationService - ok
11:34:08.0066 6460  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   C:\windows\system32\umpnpmgr.dll
11:34:08.0077 6460  DeviceInstall - ok
11:34:08.0080 6460  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\windows\system32\Drivers\dfsc.sys
11:34:08.0089 6460  Dfsc - ok
11:34:08.0092 6460  [ 0B3F6C8F93C5C25977EA5A8B2E656357 ] dg_ssudbus      C:\windows\system32\DRIVERS\ssudbus.sys
11:34:08.0098 6460  dg_ssudbus - ok
11:34:08.0102 6460  [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp            C:\windows\system32\dhcpcore.dll
11:34:08.0113 6460  Dhcp - ok
11:34:08.0116 6460  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\windows\system32\drivers\discache.sys
11:34:08.0128 6460  discache - ok
11:34:08.0131 6460  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            C:\windows\system32\drivers\disk.sys
11:34:08.0139 6460  disk - ok
11:34:08.0142 6460  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\windows\System32\drivers\dmvsc.sys
11:34:08.0150 6460  dmvsc - ok
11:34:08.0153 6460  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        C:\windows\System32\dnsrslvr.dll
11:34:08.0164 6460  Dnscache - ok
11:34:08.0168 6460  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\windows\System32\dot3svc.dll
11:34:08.0180 6460  dot3svc - ok
11:34:08.0184 6460  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\windows\system32\dps.dll
11:34:08.0198 6460  DPS - ok
11:34:08.0200 6460  [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
11:34:08.0208 6460  drmkaud - ok
11:34:08.0212 6460  [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc          C:\windows\System32\DeviceSetupManager.dll
11:34:08.0223 6460  DsmSvc - ok
11:34:08.0235 6460  [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
11:34:08.0262 6460  DXGKrnl - ok
11:34:08.0265 6460  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\windows\System32\eapsvc.dll
11:34:08.0276 6460  Eaphost - ok
11:34:08.0298 6460  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           C:\windows\system32\drivers\evbda.sys
11:34:08.0350 6460  ebdrv - ok
11:34:08.0354 6460  [ F702AB6181513303AB0FC8D59E52708B ] EFS             C:\windows\System32\lsass.exe
11:34:08.0363 6460  EFS - ok
11:34:08.0366 6460  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\windows\system32\drivers\EhStorClass.sys
11:34:08.0374 6460  EhStorClass - ok
11:34:08.0377 6460  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\windows\system32\drivers\EhStorTcgDrv.sys
11:34:08.0385 6460  EhStorTcgDrv - ok
11:34:08.0387 6460  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\windows\System32\drivers\errdev.sys
11:34:08.0395 6460  ErrDev - ok
11:34:08.0402 6460  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\windows\system32\es.dll
11:34:08.0415 6460  EventSystem - ok
11:34:08.0419 6460  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\windows\system32\drivers\exfat.sys
11:34:08.0432 6460  exfat - ok
11:34:08.0436 6460  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\windows\system32\drivers\fastfat.sys
11:34:08.0446 6460  fastfat - ok
11:34:08.0452 6460  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\windows\system32\fxssvc.exe
11:34:08.0469 6460  Fax - ok
11:34:08.0473 6460  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\windows\System32\drivers\fdc.sys
11:34:08.0482 6460  fdc - ok
11:34:08.0484 6460  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\windows\system32\fdPHost.dll
11:34:08.0497 6460  fdPHost - ok
11:34:08.0500 6460  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\windows\system32\fdrespub.dll
11:34:08.0513 6460  FDResPub - ok
11:34:08.0516 6460  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\windows\system32\fhsvc.dll
11:34:08.0525 6460  fhsvc - ok
11:34:08.0529 6460  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
11:34:08.0537 6460  FileInfo - ok
11:34:08.0539 6460  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
11:34:08.0552 6460  Filetrace - ok
11:34:08.0554 6460  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\windows\System32\drivers\flpydisk.sys
11:34:08.0562 6460  flpydisk - ok
11:34:08.0567 6460  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
11:34:08.0579 6460  FltMgr - ok
11:34:08.0589 6460  [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache       C:\windows\system32\FntCache.dll
11:34:08.0609 6460  FontCache - ok
11:34:08.0612 6460  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:34:08.0620 6460  FontCache3.0.0.0 - ok
11:34:08.0622 6460  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
11:34:08.0630 6460  FsDepends - ok
11:34:08.0633 6460  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
11:34:08.0639 6460  Fs_Rec - ok
11:34:08.0645 6460  [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
11:34:08.0659 6460  fvevol - ok
11:34:08.0662 6460  [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM           C:\windows\System32\drivers\fxppm.sys
11:34:08.0670 6460  FxPPM - ok
11:34:08.0673 6460  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
11:34:08.0680 6460  gagp30kx - ok
11:34:08.0684 6460  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
11:34:08.0691 6460  GamesAppService - ok
11:34:08.0693 6460  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\windows\System32\drivers\vmgencounter.sys
11:34:08.0701 6460  gencounter - ok
11:34:08.0705 6460  [ 4E1D0A246E10CFDDBF856432418DE404 ] GFNEXSrv        C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
11:34:08.0709 6460  GFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
11:34:08.0709 6460  GFNEXSrv - detected UnsignedFile.Multi.Generic (1)
11:34:08.0712 6460  [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101     C:\windows\system32\Drivers\msgpioclx.sys
11:34:08.0720 6460  GPIOClx0101 - ok
11:34:08.0731 6460  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\windows\System32\gpsvc.dll
11:34:08.0754 6460  gpsvc - ok
11:34:08.0756 6460  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:34:08.0762 6460  gupdate - ok
11:34:08.0764 6460  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:34:08.0769 6460  gupdatem - ok
11:34:08.0773 6460  [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
11:34:08.0783 6460  HdAudAddService - ok
11:34:08.0786 6460  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        C:\windows\System32\drivers\HDAudBus.sys
11:34:08.0794 6460  HDAudBus - ok
11:34:08.0797 6460  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\windows\System32\drivers\HidBatt.sys
11:34:08.0805 6460  HidBatt - ok
11:34:08.0808 6460  [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth          C:\windows\System32\drivers\hidbth.sys
11:34:08.0816 6460  HidBth - ok
11:34:08.0818 6460  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\windows\System32\drivers\hidi2c.sys
11:34:08.0826 6460  hidi2c - ok
11:34:08.0829 6460  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\windows\System32\drivers\hidir.sys
11:34:08.0844 6460  HidIr - ok
11:34:08.0846 6460  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\windows\system32\hidserv.dll
11:34:08.0855 6460  hidserv - ok
11:34:08.0858 6460  [ 9E11EE0F2E117B2D5A835B2B91752827 ] HidUsb          C:\windows\System32\drivers\hidusb.sys
11:34:08.0866 6460  HidUsb - ok
11:34:08.0869 6460  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\windows\system32\kmsvc.dll
11:34:08.0881 6460  hkmsvc - ok
11:34:08.0885 6460  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\windows\system32\ListSvc.dll
11:34:08.0896 6460  HomeGroupListener - ok
11:34:08.0901 6460  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\windows\system32\provsvc.dll
11:34:08.0913 6460  HomeGroupProvider - ok
11:34:08.0916 6460  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
11:34:08.0924 6460  HpSAMD - ok
11:34:08.0932 6460  [ F4A91D985EB9D1D2717D538F3424603C ] HTTP            C:\windows\system32\drivers\HTTP.sys
11:34:08.0946 6460  HTTP - ok
11:34:08.0949 6460  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
11:34:08.0956 6460  hwpolicy - ok
11:34:08.0958 6460  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\windows\System32\drivers\hyperkbd.sys
11:34:08.0966 6460  hyperkbd - ok
11:34:08.0968 6460  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\windows\system32\DRIVERS\HyperVideo.sys
11:34:08.0976 6460  HyperVideo - ok
11:34:08.0979 6460  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\windows\System32\drivers\i8042prt.sys
11:34:08.0988 6460  i8042prt - ok
11:34:08.0994 6460  [ 050F2539E14F9D5E90A4B61738EC29BD ] iaStorA         C:\windows\system32\drivers\iaStorA.sys
11:34:09.0005 6460  iaStorA - ok
11:34:09.0010 6460  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
11:34:09.0023 6460  iaStorV - ok
11:34:09.0120 6460  [ E5272DDF2C9043411809171715B4633D ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
11:34:09.0259 6460  igfx - ok
11:34:09.0264 6460  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\windows\system32\drivers\iirsp.sys
11:34:09.0271 6460  iirsp - ok
11:34:09.0280 6460  [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT          C:\windows\System32\ikeext.dll
11:34:09.0298 6460  IKEEXT - ok
11:34:09.0326 6460  [ E0B2C982CA743CE8B3CBD7DD50AB82B0 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
11:34:09.0374 6460  IntcAzAudAddService - ok
11:34:09.0381 6460  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:34:09.0393 6460  Intel(R) Capability Licensing Service Interface - ok
11:34:09.0396 6460  [ 9656F8E29F6C3161A3E99BCD3A472FF9 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
11:34:09.0402 6460  Intel(R) ME Service - ok
11:34:09.0404 6460  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\windows\system32\drivers\intelide.sys
11:34:09.0411 6460  intelide - ok
11:34:09.0414 6460  [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm        C:\windows\System32\drivers\intelppm.sys
11:34:09.0422 6460  intelppm - ok
11:34:09.0425 6460  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
11:34:09.0435 6460  IpFilterDriver - ok
11:34:09.0443 6460  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
11:34:09.0459 6460  iphlpsvc - ok
11:34:09.0462 6460  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\windows\System32\drivers\IPMIDrv.sys
11:34:09.0470 6460  IPMIDRV - ok
11:34:09.0473 6460  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
11:34:09.0484 6460  IPNAT - ok
11:34:09.0488 6460  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\windows\system32\drivers\irenum.sys
11:34:09.0496 6460  IRENUM - ok
11:34:09.0498 6460  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\windows\system32\drivers\isapnp.sys
11:34:09.0506 6460  isapnp - ok
11:34:09.0510 6460  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt        C:\windows\System32\drivers\msiscsi.sys
11:34:09.0521 6460  iScsiPrt - ok
11:34:09.0525 6460  [ 78ABBE558F57144047F10A0F50FE4B2F ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:34:09.0531 6460  jhi_service - ok
11:34:09.0534 6460  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\windows\System32\drivers\kbdclass.sys
11:34:09.0542 6460  kbdclass - ok
11:34:09.0544 6460  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\windows\System32\drivers\kbdhid.sys
11:34:09.0552 6460  kbdhid - ok
11:34:09.0554 6460  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\windows\system32\DRIVERS\kdnic.sys
11:34:09.0562 6460  kdnic - ok
11:34:09.0564 6460  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          C:\windows\system32\lsass.exe
11:34:09.0573 6460  KeyIso - ok
11:34:09.0585 6460  [ E5E6ED52E30E1DFC05CCF83286FAA1AD ] ksaud           C:\windows\system32\drivers\ksaud.sys
11:34:09.0603 6460  ksaud - ok
11:34:09.0606 6460  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
11:34:09.0614 6460  KSecDD - ok
11:34:09.0618 6460  [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
11:34:09.0627 6460  KSecPkg - ok
11:34:09.0629 6460  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
11:34:09.0637 6460  ksthunk - ok
11:34:09.0642 6460  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\windows\system32\msdtckrm.dll
11:34:09.0655 6460  KtmRm - ok
11:34:09.0660 6460  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\windows\system32\srvsvc.dll
11:34:09.0672 6460  LanmanServer - ok
11:34:09.0676 6460  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
11:34:09.0688 6460  LanmanWorkstation - ok
11:34:09.0692 6460  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
11:34:09.0702 6460  lltdio - ok
11:34:09.0706 6460  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\windows\System32\lltdsvc.dll
11:34:09.0719 6460  lltdsvc - ok
11:34:09.0722 6460  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\windows\System32\lmhsvc.dll
11:34:09.0731 6460  lmhosts - ok
11:34:09.0734 6460  [ 2C24DC448DBE8DB9BE1441B824C57E79 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:34:09.0741 6460  LMS - ok
11:34:09.0745 6460  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
11:34:09.0753 6460  LSI_SAS - ok
11:34:09.0756 6460  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
11:34:09.0764 6460  LSI_SAS2 - ok
11:34:09.0767 6460  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
11:34:09.0776 6460  LSI_SCSI - ok
11:34:09.0778 6460  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\windows\system32\drivers\lsi_sss.sys
11:34:09.0786 6460  LSI_SSS - ok
11:34:09.0791 6460  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             C:\windows\System32\lsm.dll
11:34:09.0803 6460  LSM - ok
11:34:09.0807 6460  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\windows\system32\drivers\luafv.sys
11:34:09.0819 6460  luafv - ok
11:34:09.0823 6460  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\windows\system32\drivers\megasas.sys
11:34:09.0830 6460  megasas - ok
11:34:09.0835 6460  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
11:34:09.0846 6460  MegaSR - ok
11:34:09.0849 6460  [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64          C:\windows\System32\drivers\HECIx64.sys
11:34:09.0854 6460  MEIx64 - ok
11:34:09.0858 6460  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           C:\windows\system32\mmcss.dll
11:34:09.0867 6460  MMCSS - ok
11:34:09.0870 6460  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\windows\system32\drivers\modem.sys
11:34:09.0880 6460  Modem - ok
11:34:09.0882 6460  [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor         C:\windows\System32\drivers\monitor.sys
11:34:09.0890 6460  monitor - ok
11:34:09.0893 6460  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\windows\System32\drivers\mouclass.sys
11:34:09.0900 6460  mouclass - ok
11:34:09.0903 6460  [ C0ADEBED913295803B579ED288936CBB ] mouhid          C:\windows\System32\drivers\mouhid.sys
11:34:09.0910 6460  mouhid - ok
11:34:09.0913 6460  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
11:34:09.0921 6460  mountmgr - ok
11:34:09.0924 6460  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
11:34:09.0932 6460  mpsdrv - ok
11:34:09.0940 6460  [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc          C:\windows\system32\mpssvc.dll
11:34:09.0957 6460  MpsSvc - ok
11:34:09.0960 6460  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
11:34:09.0971 6460  MRxDAV - ok
11:34:09.0975 6460  [ 93179D48066918323628CB016D8C94DC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
11:34:09.0986 6460  mrxsmb - ok
11:34:09.0991 6460  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
11:34:10.0001 6460  mrxsmb10 - ok
11:34:10.0004 6460  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
11:34:10.0014 6460  mrxsmb20 - ok
11:34:10.0017 6460  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\windows\system32\DRIVERS\bridge.sys
11:34:10.0028 6460  MsBridge - ok
11:34:10.0031 6460  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\windows\System32\msdtc.exe
11:34:10.0041 6460  MSDTC - ok
11:34:10.0046 6460  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\windows\system32\drivers\Msfs.sys
11:34:10.0054 6460  Msfs - ok
11:34:10.0057 6460  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     C:\windows\System32\drivers\msgpiowin32.sys
11:34:10.0064 6460  msgpiowin32 - ok
11:34:10.0066 6460  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
11:34:10.0074 6460  mshidkmdf - ok
11:34:10.0076 6460  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\windows\System32\drivers\mshidumdf.sys
11:34:10.0084 6460  mshidumdf - ok
11:34:10.0087 6460  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
11:34:10.0094 6460  msisadrv - ok
11:34:10.0097 6460  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\windows\system32\iscsiexe.dll
11:34:10.0107 6460  MSiSCSI - ok
11:34:10.0110 6460  msiserver - ok
11:34:10.0112 6460  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
11:34:10.0120 6460  MSKSSRV - ok
11:34:10.0123 6460  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\windows\system32\DRIVERS\mslldp.sys
11:34:10.0132 6460  MsLldp - ok
11:34:10.0134 6460  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
11:34:10.0142 6460  MSPCLOCK - ok
11:34:10.0145 6460  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
11:34:10.0152 6460  MSPQM - ok
11:34:10.0157 6460  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
11:34:10.0170 6460  MsRPC - ok
11:34:10.0173 6460  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\windows\System32\drivers\mssmbios.sys
11:34:10.0180 6460  mssmbios - ok
11:34:10.0182 6460  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
11:34:10.0190 6460  MSTEE - ok
11:34:10.0193 6460  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\windows\System32\drivers\MTConfig.sys
11:34:10.0201 6460  MTConfig - ok
11:34:10.0203 6460  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\windows\system32\Drivers\mup.sys
11:34:10.0211 6460  Mup - ok
11:34:10.0214 6460  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\windows\system32\drivers\mvumis.sys
11:34:10.0221 6460  mvumis - ok
11:34:10.0227 6460  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\windows\system32\qagentRT.dll
11:34:10.0242 6460  napagent - ok
11:34:10.0247 6460  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
11:34:10.0259 6460  NativeWifiP - ok
11:34:10.0267 6460  [ E0E4A1F81A7D69C595A8A9DDAD084C19 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
11:34:10.0279 6460  NAUpdate - ok
11:34:10.0283 6460  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\windows\System32\ncasvc.dll
11:34:10.0293 6460  NcaSvc - ok
11:34:10.0296 6460  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\windows\System32\NcdAutoSetup.dll
11:34:10.0306 6460  NcdAutoSetup - ok
11:34:10.0315 6460  [ 03CFE4108D1DE16D6C59455B5C73319C ] NDIS            C:\windows\system32\drivers\ndis.sys
11:34:10.0335 6460  NDIS - ok
11:34:10.0338 6460  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
11:34:10.0348 6460  NdisCap - ok
11:34:10.0351 6460  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\windows\system32\DRIVERS\NdisImPlatform.sys
11:34:10.0360 6460  NdisImPlatform - ok
11:34:10.0362 6460  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
11:34:10.0370 6460  NdisTapi - ok
11:34:10.0373 6460  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
11:34:10.0381 6460  Ndisuio - ok
11:34:10.0385 6460  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
11:34:10.0396 6460  NdisWan - ok
11:34:10.0399 6460  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\windows\system32\DRIVERS\ndiswan.sys
11:34:10.0409 6460  NDISWANLEGACY - ok
11:34:10.0412 6460  [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
11:34:10.0420 6460  NDProxy - ok
11:34:10.0423 6460  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\windows\system32\drivers\Ndu.sys
11:34:10.0432 6460  Ndu - ok
11:34:10.0435 6460  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
11:34:10.0445 6460  NetBIOS - ok
11:34:10.0449 6460  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
11:34:10.0461 6460  NetBT - ok
11:34:10.0464 6460  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        C:\windows\system32\lsass.exe
11:34:10.0472 6460  Netlogon - ok
11:34:10.0476 6460  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\windows\System32\netman.dll
11:34:10.0489 6460  Netman - ok
11:34:10.0495 6460  [ 5FF52E13C72838D87DAF228EC9E92C89 ] netprofm        C:\windows\System32\netprofmsvc.dll
11:34:10.0508 6460  netprofm - ok
11:34:10.0513 6460  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:34:10.0523 6460  NetTcpPortSharing - ok
11:34:10.0526 6460  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
11:34:10.0534 6460  nfrd960 - ok
11:34:10.0538 6460  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\windows\System32\nlasvc.dll
11:34:10.0550 6460  NlaSvc - ok
11:34:10.0553 6460  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\windows\system32\drivers\Npfs.sys
11:34:10.0562 6460  Npfs - ok
11:34:10.0564 6460  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\windows\System32\drivers\npsvctrig.sys
11:34:10.0576 6460  npsvctrig - ok
11:34:10.0579 6460  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\windows\system32\nsisvc.dll
11:34:10.0589 6460  nsi - ok
11:34:10.0591 6460  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
11:34:10.0600 6460  nsiproxy - ok
11:34:10.0616 6460  [ 76929F4A69E425911A63B407E26C2589 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
11:34:10.0650 6460  Ntfs - ok
11:34:10.0653 6460  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\windows\system32\drivers\Null.sys
11:34:10.0661 6460  Null - ok
11:34:10.0664 6460  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\windows\system32\drivers\nvraid.sys
11:34:10.0673 6460  nvraid - ok
11:34:10.0676 6460  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\windows\system32\drivers\nvstor.sys
11:34:10.0686 6460  nvstor - ok
11:34:10.0689 6460  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
11:34:10.0697 6460  nv_agp - ok
11:34:10.0700 6460  [ B9C125314A025127FE562C116D614AA3 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:34:10.0708 6460  ose64 - ok
11:34:10.0713 6460  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
11:34:10.0725 6460  p2pimsvc - ok
11:34:10.0730 6460  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\windows\system32\p2psvc.dll
11:34:10.0743 6460  p2psvc - ok
11:34:10.0747 6460  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\windows\System32\drivers\parport.sys
11:34:10.0755 6460  Parport - ok
11:34:10.0758 6460  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         C:\windows\system32\drivers\partmgr.sys
11:34:10.0766 6460  partmgr - ok
11:34:10.0771 6460  [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc          C:\windows\System32\pcasvc.dll
11:34:10.0783 6460  PcaSvc - ok
11:34:10.0787 6460  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\windows\system32\drivers\pci.sys
11:34:10.0797 6460  pci - ok
11:34:10.0800 6460  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\windows\system32\drivers\pciide.sys
11:34:10.0806 6460  pciide - ok
11:34:10.0810 6460  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
11:34:10.0820 6460  pcmcia - ok
11:34:10.0823 6460  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\windows\system32\drivers\pcw.sys
11:34:10.0830 6460  pcw - ok
11:34:10.0833 6460  [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc             C:\windows\system32\drivers\pdc.sys
11:34:10.0840 6460  pdc - ok
11:34:10.0848 6460  [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH          C:\windows\system32\drivers\peauth.sys
11:34:10.0863 6460  PEAUTH - ok
11:34:10.0864 6460  [ EE926C59CBD4DC4DC9FBB85014A2F1A5 ] PEGAGFN         C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys
11:34:10.0869 6460  PEGAGFN - ok
11:34:10.0883 6460  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\windows\SysWow64\perfhost.exe
11:34:10.0893 6460  PerfHost - ok
11:34:10.0907 6460  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\windows\system32\pla.dll
11:34:10.0931 6460  pla - ok
11:34:10.0934 6460  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
11:34:10.0945 6460  PlugPlay - ok
11:34:10.0947 6460  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
11:34:10.0963 6460  PNRPAutoReg - ok
11:34:10.0967 6460  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
11:34:10.0978 6460  PNRPsvc - ok
11:34:10.0984 6460  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
11:34:10.0999 6460  PolicyAgent - ok
11:34:11.0003 6460  [ F1E067F56373F11EA4B785CAE823740A ] Power           C:\windows\system32\umpo.dll
11:34:11.0013 6460  Power - ok
11:34:11.0016 6460  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
11:34:11.0026 6460  PptpMiniport - ok
11:34:11.0047 6460  [ CC0B8655E4B2A5BBB215CDA8FC3BE4DE ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
11:34:11.0077 6460  PrintNotify - ok
11:34:11.0080 6460  [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor       C:\windows\System32\drivers\processr.sys
11:34:11.0089 6460  Processor - ok
11:34:11.0093 6460  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\windows\system32\profsvc.dll
11:34:11.0104 6460  ProfSvc - ok
11:34:11.0107 6460  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\windows\system32\DRIVERS\pacer.sys
11:34:11.0118 6460  Psched - ok
11:34:11.0122 6460  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\windows\system32\qwave.dll
11:34:11.0135 6460  QWAVE - ok
11:34:11.0137 6460  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
11:34:11.0146 6460  QWAVEdrv - ok
11:34:11.0148 6460  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
11:34:11.0158 6460  RasAcd - ok
11:34:11.0161 6460  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
11:34:11.0171 6460  RasAgileVpn - ok
11:34:11.0174 6460  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\windows\System32\rasauto.dll
11:34:11.0186 6460  RasAuto - ok
11:34:11.0189 6460  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
11:34:11.0199 6460  Rasl2tp - ok
11:34:11.0204 6460  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\windows\System32\rasmans.dll
11:34:11.0218 6460  RasMan - ok
11:34:11.0221 6460  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
11:34:11.0232 6460  RasPppoe - ok
11:34:11.0234 6460  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
11:34:11.0245 6460  RasSstp - ok
11:34:11.0250 6460  [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
11:34:11.0261 6460  rdbss - ok
11:34:11.0265 6460  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\windows\System32\drivers\rdpbus.sys
11:34:11.0273 6460  rdpbus - ok
11:34:11.0276 6460  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\windows\system32\drivers\rdpdr.sys
11:34:11.0285 6460  RDPDR - ok
11:34:11.0290 6460  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
11:34:11.0297 6460  RdpVideoMiniport - ok
11:34:11.0300 6460  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
11:34:11.0310 6460  RDPWD - ok
11:34:11.0314 6460  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
11:34:11.0324 6460  rdyboost - ok
11:34:11.0327 6460  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    C:\windows\System32\mprdim.dll
11:34:11.0339 6460  RemoteAccess - ok
11:34:11.0342 6460  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\windows\system32\regsvc.dll
11:34:11.0357 6460  RemoteRegistry - ok
11:34:11.0360 6460  [ CCBFCABDFE2BC22F0645CEAADDB36004 ] RFCOMM          C:\windows\System32\drivers\rfcomm.sys
11:34:11.0369 6460  RFCOMM - ok
11:34:11.0372 6460  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
11:34:11.0382 6460  RpcEptMapper - ok
11:34:11.0385 6460  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\windows\system32\locator.exe
11:34:11.0394 6460  RpcLocator - ok
11:34:11.0401 6460  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\windows\system32\rpcss.dll
11:34:11.0416 6460  RpcSs - ok
11:34:11.0419 6460  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
11:34:11.0429 6460  rspndr - ok
11:34:11.0433 6460  [ 0E32A8922DCFD28EA00AAEC07CB3F331 ] RSUSBSTOR       C:\windows\System32\Drivers\RtsUStor.sys
11:34:11.0440 6460  RSUSBSTOR - ok
11:34:11.0444 6460  [ 3BDBB0CBFB27FEF51B7574676D1C9F6A ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
11:34:11.0450 6460  RtkAudioService - ok
11:34:11.0457 6460  [ 34DA0D14F5C3F1883A331AFB975AB434 ] RTL8168         C:\windows\system32\DRIVERS\Rt630x64.sys
11:34:11.0469 6460  RTL8168 - ok
11:34:11.0478 6460  [ A02C8EA09D5601FA0148739A95F31AEF ] RTL8192Ce       C:\windows\system32\DRIVERS\rtwlane.sys
11:34:11.0503 6460  RTL8192Ce - ok
11:34:11.0506 6460  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\windows\System32\drivers\vms3cap.sys
11:34:11.0513 6460  s3cap - ok
11:34:11.0516 6460  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           C:\windows\system32\lsass.exe
11:34:11.0525 6460  SamSs - ok
11:34:11.0528 6460  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
11:34:11.0537 6460  sbp2port - ok
11:34:11.0541 6460  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\windows\System32\SCardSvr.dll
11:34:11.0554 6460  SCardSvr - ok
11:34:11.0556 6460  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
11:34:11.0567 6460  scfilter - ok
11:34:11.0577 6460  [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule        C:\windows\system32\schedsvc.dll
11:34:11.0598 6460  Schedule - ok
11:34:11.0602 6460  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\windows\System32\certprop.dll
11:34:11.0612 6460  SCPolicySvc - ok
11:34:11.0616 6460  [ 047315E75392CEA447ACC86257824C16 ] sdbus           C:\windows\System32\drivers\sdbus.sys
11:34:11.0625 6460  sdbus - ok
11:34:11.0629 6460  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\windows\System32\SDRSVC.dll
11:34:11.0640 6460  SDRSVC - ok
11:34:11.0643 6460  [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor          C:\windows\System32\drivers\sdstor.sys
11:34:11.0651 6460  sdstor - ok
11:34:11.0653 6460  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys
11:34:11.0661 6460  secdrv - ok
11:34:11.0664 6460  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\windows\system32\seclogon.dll
11:34:11.0676 6460  seclogon - ok
11:34:11.0679 6460  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\windows\System32\sens.dll
11:34:11.0693 6460  SENS - ok
11:34:11.0696 6460  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\windows\system32\sensrsvc.dll
11:34:11.0707 6460  SensrSvc - ok
11:34:11.0710 6460  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\windows\system32\drivers\SerCx.sys
11:34:11.0718 6460  SerCx - ok
11:34:11.0721 6460  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\windows\System32\drivers\serenum.sys
11:34:11.0729 6460  Serenum - ok
11:34:11.0733 6460  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\windows\System32\drivers\serial.sys
11:34:11.0741 6460  Serial - ok
11:34:11.0744 6460  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\windows\System32\drivers\sermouse.sys
11:34:11.0752 6460  sermouse - ok
11:34:11.0759 6460  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\windows\system32\sessenv.dll
11:34:11.0771 6460  SessionEnv - ok
11:34:11.0774 6460  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\windows\System32\drivers\sfloppy.sys
11:34:11.0782 6460  sfloppy - ok
11:34:11.0787 6460  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\windows\System32\ipnathlp.dll
11:34:11.0802 6460  SharedAccess - ok
11:34:11.0809 6460  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\windows\System32\shsvcs.dll
11:34:11.0827 6460  ShellHWDetection - ok
11:34:11.0830 6460  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
11:34:11.0837 6460  SiSRaid2 - ok
11:34:11.0840 6460  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
11:34:11.0848 6460  SiSRaid4 - ok
11:34:11.0851 6460  [ 4A2972573225A2DE4DEC0AD68529DF0F ] SmbDrvI         C:\windows\system32\DRIVERS\Smb_driver_Intel.sys
11:34:11.0856 6460  SmbDrvI - ok
11:34:11.0861 6460  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
11:34:11.0872 6460  SNMPTRAP - ok
11:34:11.0877 6460  [ 872E937681910E2456A054331C7D5A18 ] spaceport       C:\windows\system32\drivers\spaceport.sys
11:34:11.0887 6460  spaceport - ok
11:34:11.0890 6460  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\windows\system32\drivers\SpbCx.sys
11:34:11.0899 6460  SpbCx - ok
11:34:11.0906 6460  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\windows\System32\spoolsv.exe
11:34:11.0923 6460  Spooler - ok
11:34:11.0954 6460  [ EC84D961501054F87A6878EC5D53388F ] sppsvc          C:\windows\system32\sppsvc.exe
11:34:12.0006 6460  sppsvc - ok
11:34:12.0012 6460  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\windows\system32\DRIVERS\srv.sys
11:34:12.0023 6460  srv - ok
11:34:12.0030 6460  [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
11:34:12.0043 6460  srv2 - ok
11:34:12.0047 6460  [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
11:34:12.0056 6460  srvnet - ok
11:34:12.0060 6460  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
11:34:12.0074 6460  SSDPSRV - ok
11:34:12.0077 6460  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\windows\system32\sstpsvc.dll
11:34:12.0089 6460  SstpSvc - ok
11:34:12.0093 6460  [ EA8F41484CCC5BA6A1455C2AD3D1BE3C ] ssudmdm         C:\windows\system32\DRIVERS\ssudmdm.sys
11:34:12.0099 6460  ssudmdm - ok
11:34:12.0102 6460  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\windows\system32\drivers\stexstor.sys
11:34:12.0109 6460  stexstor - ok
11:34:12.0115 6460  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\windows\System32\wiaservc.dll
11:34:12.0129 6460  stisvc - ok
11:34:12.0132 6460  [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci        C:\windows\system32\drivers\storahci.sys
11:34:12.0140 6460  storahci - ok
11:34:12.0143 6460  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\windows\system32\DRIVERS\vmstorfl.sys
11:34:12.0150 6460  storflt - ok
11:34:12.0153 6460  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\windows\system32\storsvc.dll
11:34:12.0163 6460  StorSvc - ok
11:34:12.0165 6460  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\windows\system32\drivers\storvsc.sys
11:34:12.0172 6460  storvsc - ok
11:34:12.0175 6460  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\windows\system32\svsvc.dll
11:34:12.0189 6460  svsvc - ok
11:34:12.0191 6460  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\windows\System32\drivers\swenum.sys
11:34:12.0198 6460  swenum - ok
11:34:12.0203 6460  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\windows\System32\swprv.dll
11:34:12.0221 6460  swprv - ok
11:34:12.0226 6460  [ 157DFCD1E83E964A5074742AE2DFA0C1 ] SynTP           C:\windows\system32\DRIVERS\SynTP.sys
11:34:12.0236 6460  SynTP - ok
11:34:12.0247 6460  [ DC21E1F06343773D7E24362DCEF7944B ] SysMain         C:\windows\system32\sysmain.dll
11:34:12.0269 6460  SysMain - ok
11:34:12.0273 6460  [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
11:34:12.0284 6460  SystemEventsBroker - ok
11:34:12.0287 6460  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\windows\System32\TabSvc.dll
11:34:12.0297 6460  TabletInputService - ok
11:34:12.0302 6460  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\windows\System32\tapisrv.dll
11:34:12.0315 6460  TapiSrv - ok
11:34:12.0331 6460  [ B6D52E2C38B49A156E58FF5B9C6CA8BE ] Tcpip           C:\windows\system32\drivers\tcpip.sys
11:34:12.0369 6460  Tcpip - ok
11:34:12.0386 6460  [ B6D52E2C38B49A156E58FF5B9C6CA8BE ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
11:34:12.0420 6460  TCPIP6 - ok
11:34:12.0424 6460  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
11:34:12.0434 6460  tcpipreg - ok
11:34:12.0438 6460  [ 58480A57ACF2671C343FD1D4BA990E34 ] tdcmdpst        C:\windows\system32\DRIVERS\tdcmdpst.sys
11:34:12.0443 6460  tdcmdpst - ok
11:34:12.0446 6460  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
11:34:12.0455 6460  tdx - ok
11:34:12.0459 6460  [ E53A8CFB52B68AB8981B915CCDF4D5CE ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
11:34:12.0464 6460  TemproMonitoringService - ok
11:34:12.0467 6460  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\windows\System32\drivers\terminpt.sys
11:34:12.0474 6460  terminpt - ok
11:34:12.0481 6460  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\windows\System32\termsrv.dll
11:34:12.0497 6460  TermService - ok
11:34:12.0500 6460  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\windows\system32\themeservice.dll
11:34:12.0514 6460  Themes - ok
11:34:12.0517 6460  [ 16E745743BABAF480B7718442F38B076 ] Thotkey         C:\windows\System32\drivers\Thotkey.sys
11:34:12.0522 6460  Thotkey - ok
11:34:12.0525 6460  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     C:\windows\system32\mmcss.dll
11:34:12.0533 6460  THREADORDER - ok
11:34:12.0537 6460  [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker      C:\windows\System32\TimeBrokerServer.dll
11:34:12.0548 6460  TimeBroker - ok
11:34:12.0550 6460  [ 5201342394DD42848027CE96A37043DB ] TMachInfo       C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
11:34:12.0555 6460  TMachInfo - ok
11:34:12.0559 6460  [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
11:34:12.0566 6460  TODDSrv - ok
11:34:12.0570 6460  [ 4D7977197C3EC8C65F533E8A84DE229C ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\Teco\TecoService.exe
11:34:12.0577 6460  TOSHIBA eco Utility Service - ok
11:34:12.0580 6460  [ 9C422F735F7EB0EFA82C3E0DCC10FAA6 ] tosrfec         C:\windows\System32\drivers\tosrfec.sys
11:34:12.0584 6460  tosrfec - ok
11:34:12.0590 6460  [ 36391C3953D191A2AF4556D5D706C641 ] tos_sps64       C:\windows\system32\drivers\tos_sps64.sys
11:34:12.0601 6460  tos_sps64 - ok
11:34:12.0606 6460  [ 8608681DC6E2975815A593209A6432CD ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
11:34:12.0615 6460  TPCHSrv - ok
11:34:12.0618 6460  [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM             C:\windows\system32\drivers\tpm.sys
11:34:12.0627 6460  TPM - ok
11:34:12.0630 6460  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\windows\System32\trkwks.dll
11:34:12.0641 6460  TrkWks - ok
11:34:12.0644 6460  [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
11:34:12.0652 6460  TrustedInstaller - ok
11:34:12.0655 6460  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
11:34:12.0663 6460  TsUsbFlt - ok
11:34:12.0666 6460  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\windows\System32\drivers\TsUsbGD.sys
11:34:12.0674 6460  TsUsbGD - ok
11:34:12.0677 6460  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
11:34:12.0688 6460  tunnel - ok
11:34:12.0691 6460  [ 54BDBF3D4DED58DA78B702471C68D4CA ] TVALZ           C:\windows\system32\drivers\TVALZ_O.SYS
11:34:12.0696 6460  TVALZ - ok
11:34:12.0698 6460  [ 55A9A23DD64EB7781FCAB565B028CD0E ] TVALZFL         C:\windows\system32\DRIVERS\TVALZFL.sys
11:34:12.0703 6460  TVALZFL - ok
11:34:12.0706 6460  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\windows\system32\drivers\uagp35.sys
11:34:12.0714 6460  uagp35 - ok
11:34:12.0716 6460  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\windows\System32\drivers\uaspstor.sys
11:34:12.0724 6460  UASPStor - ok
11:34:12.0728 6460  [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000        C:\windows\System32\drivers\ucx01000.sys
11:34:12.0738 6460  UCX01000 - ok
11:34:12.0742 6460  [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
11:34:12.0757 6460  udfs - ok
11:34:12.0761 6460  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\windows\system32\UI0Detect.exe
11:34:12.0773 6460  UI0Detect - ok
11:34:12.0776 6460  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
11:34:12.0784 6460  uliagpkx - ok
11:34:12.0786 6460  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\windows\System32\drivers\umbus.sys
11:34:12.0795 6460  umbus - ok
11:34:12.0797 6460  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\windows\System32\drivers\umpass.sys
11:34:12.0805 6460  UmPass - ok
11:34:12.0809 6460  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\windows\System32\umrdp.dll
11:34:12.0821 6460  UmRdpService - ok
11:34:12.0826 6460  [ E1A119AD21F5AFE22EB516C549306D3D ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:34:12.0834 6460  UNS - ok
11:34:12.0840 6460  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\windows\System32\upnphost.dll
11:34:12.0856 6460  upnphost - ok
11:34:12.0859 6460  [ 3FBE0784E42E7BA93FCC5201D2BAFE23 ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
11:34:12.0875 6460  usbaudio - ok
11:34:12.0878 6460  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         C:\windows\System32\drivers\usbccgp.sys
11:34:12.0887 6460  usbccgp - ok
11:34:12.0889 6460  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          C:\windows\System32\drivers\usbcir.sys
11:34:12.0906 6460  usbcir - ok
11:34:12.0909 6460  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         C:\windows\System32\drivers\usbehci.sys
11:34:12.0917 6460  usbehci - ok
11:34:12.0922 6460  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub          C:\windows\System32\drivers\usbhub.sys
11:34:12.0936 6460  usbhub - ok
11:34:12.0942 6460  [ C5986337DE3BF63ABD9ED4D834D34B89 ] USBHUB3         C:\windows\System32\drivers\UsbHub3.sys
11:34:12.0955 6460  USBHUB3 - ok
11:34:12.0957 6460  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\windows\System32\drivers\usbohci.sys
11:34:12.0965 6460  usbohci - ok
11:34:12.0968 6460  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        C:\windows\System32\drivers\usbprint.sys
11:34:12.0977 6460  usbprint - ok
11:34:12.0980 6460  [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR         C:\windows\System32\drivers\USBSTOR.SYS
11:34:12.0988 6460  USBSTOR - ok
11:34:12.0991 6460  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         C:\windows\System32\drivers\usbuhci.sys
11:34:12.0999 6460  usbuhci - ok
11:34:13.0002 6460  [ 09799E701B4327097E9F63D3FE221083 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
11:34:13.0012 6460  usbvideo - ok
11:34:13.0017 6460  [ 11C0CF143D246E2F0E9BDBF17A0CC70B ] USBXHCI         C:\windows\System32\drivers\USBXHCI.SYS
11:34:13.0028 6460  USBXHCI - ok
11:34:13.0031 6460  [ 9AD9560606A3049CE492E3A06FB12716 ] usb_rndisx      C:\windows\system32\DRIVERS\usb8023x.sys
11:34:13.0039 6460  usb_rndisx - ok
11:34:13.0041 6460  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        C:\windows\system32\lsass.exe
11:34:13.0050 6460  VaultSvc - ok
11:34:13.0053 6460  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
11:34:13.0060 6460  vdrvroot - ok
11:34:13.0067 6460  [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds             C:\windows\System32\vds.exe
11:34:13.0083 6460  vds - ok
11:34:13.0086 6460  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\windows\system32\drivers\VerifierExt.sys
11:34:13.0094 6460  VerifierExt - ok
11:34:13.0100 6460  [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp           C:\windows\System32\drivers\vhdmp.sys
11:34:13.0114 6460  vhdmp - ok
11:34:13.0117 6460  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\windows\system32\drivers\viaide.sys
11:34:13.0124 6460  viaide - ok
11:34:13.0127 6460  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\windows\system32\drivers\vmbus.sys
11:34:13.0135 6460  vmbus - ok
11:34:13.0137 6460  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\windows\System32\drivers\VMBusHID.sys
11:34:13.0145 6460  VMBusHID - ok
11:34:13.0150 6460  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\windows\System32\ICSvc.dll
11:34:13.0161 6460  vmicheartbeat - ok
11:34:13.0165 6460  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\windows\System32\ICSvc.dll
11:34:13.0175 6460  vmickvpexchange - ok
11:34:13.0179 6460  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\windows\System32\ICSvc.dll
11:34:13.0189 6460  vmicrdv - ok
11:34:13.0193 6460  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\windows\System32\ICSvc.dll
11:34:13.0203 6460  vmicshutdown - ok
11:34:13.0206 6460  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\windows\System32\ICSvc.dll
11:34:13.0216 6460  vmictimesync - ok
11:34:13.0220 6460  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\windows\System32\ICSvc.dll
11:34:13.0230 6460  vmicvss - ok
11:34:13.0233 6460  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\windows\system32\drivers\volmgr.sys
11:34:13.0241 6460  volmgr - ok
11:34:13.0246 6460  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
11:34:13.0258 6460  volmgrx - ok
11:34:13.0262 6460  [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap         C:\windows\system32\drivers\volsnap.sys
11:34:13.0274 6460  volsnap - ok
11:34:13.0276 6460  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\windows\System32\drivers\vpci.sys
11:34:13.0284 6460  vpci - ok
11:34:13.0287 6460  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
11:34:13.0296 6460  vsmraid - ok
11:34:13.0308 6460  [ EA658570314042C914964FC72AB50E6B ] VSS             C:\windows\system32\vssvc.exe
11:34:13.0334 6460  VSS - ok
11:34:13.0338 6460  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\windows\system32\drivers\vstxraid.sys
11:34:13.0350 6460  VSTXRAID - ok
11:34:13.0352 6460  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
11:34:13.0360 6460  vwifibus - ok
11:34:13.0362 6460  [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
11:34:13.0371 6460  vwififlt - ok
11:34:13.0373 6460  [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
11:34:13.0381 6460  vwifimp - ok
11:34:13.0386 6460  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\windows\system32\w32time.dll
11:34:13.0402 6460  W32Time - ok
11:34:13.0406 6460  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\windows\System32\drivers\wacompen.sys
11:34:13.0414 6460  WacomPen - ok
11:34:13.0418 6460  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp          C:\windows\system32\DRIVERS\wanarp.sys
11:34:13.0427 6460  Wanarp - ok
11:34:13.0429 6460  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
11:34:13.0437 6460  Wanarpv6 - ok
11:34:13.0449 6460  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\windows\system32\wbengine.exe
11:34:13.0472 6460  wbengine - ok
11:34:13.0477 6460  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
11:34:13.0489 6460  WbioSrvc - ok
11:34:13.0493 6460  [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc          C:\windows\System32\wcmsvc.dll
11:34:13.0506 6460  Wcmsvc - ok
11:34:13.0511 6460  [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc         C:\windows\System32\wcncsvc.dll
11:34:13.0525 6460  wcncsvc - ok
11:34:13.0528 6460  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
11:34:13.0537 6460  WcsPlugInService - ok
11:34:13.0540 6460  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\windows\system32\drivers\wd.sys
11:34:13.0547 6460  Wd - ok
11:34:13.0550 6460  [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot          C:\windows\system32\drivers\WdBoot.sys
11:34:13.0557 6460  WdBoot - ok
11:34:13.0564 6460  [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
11:34:13.0580 6460  Wdf01000 - ok
11:34:13.0584 6460  [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter        C:\windows\system32\drivers\WdFilter.sys
11:34:13.0593 6460  WdFilter - ok
11:34:13.0596 6460  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\windows\system32\wdi.dll
11:34:13.0611 6460  WdiServiceHost - ok
11:34:13.0613 6460  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\windows\system32\wdi.dll
11:34:13.0627 6460  WdiSystemHost - ok
11:34:13.0631 6460  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       C:\windows\System32\webclnt.dll
11:34:13.0644 6460  WebClient - ok
11:34:13.0648 6460  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\windows\system32\wecsvc.dll
11:34:13.0661 6460  Wecsvc - ok
11:34:13.0663 6460  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\windows\System32\wercplsupport.dll
11:34:13.0680 6460  wercplsupport - ok
11:34:13.0683 6460  [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc          C:\windows\System32\WerSvc.dll
11:34:13.0696 6460  WerSvc - ok
11:34:13.0699 6460  [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS         C:\windows\system32\DRIVERS\wfplwfs.sys
11:34:13.0707 6460  WFPLWFS - ok
11:34:13.0710 6460  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\windows\System32\wiarpc.dll
11:34:13.0721 6460  WiaRpc - ok
11:34:13.0723 6460  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
11:34:13.0731 6460  WIMMount - ok
11:34:13.0733 6460  WinDefend - ok
11:34:13.0742 6460  [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
11:34:13.0758 6460  WinHttpAutoProxySvc - ok
11:34:13.0764 6460  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
11:34:13.0775 6460  Winmgmt - ok
11:34:13.0794 6460  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\windows\system32\WsmSvc.dll
11:34:13.0830 6460  WinRM - ok
11:34:13.0834 6460  [ BB20956C424531003F7FA6CD36F11D5D ] WinUSB          C:\windows\system32\DRIVERS\WinUSB.sys
11:34:13.0849 6460  WinUSB - ok
11:34:13.0861 6460  [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc         C:\windows\System32\wlansvc.dll
11:34:13.0882 6460  WlanSvc - ok
11:34:13.0897 6460  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         C:\windows\system32\wlidsvc.dll
11:34:13.0924 6460  wlidsvc - ok
11:34:13.0926 6460  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\windows\System32\drivers\wmiacpi.sys
11:34:13.0934 6460  WmiAcpi - ok
11:34:13.0938 6460  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
11:34:13.0949 6460  wmiApSrv - ok
11:34:13.0951 6460  WMPNetworkSvc - ok
11:34:13.0954 6460  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\windows\system32\DRIVERS\wpcfltr.sys
11:34:13.0962 6460  wpcfltr - ok
11:34:13.0965 6460  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\windows\System32\wpcsvc.dll
11:34:13.0975 6460  WPCSvc - ok
11:34:13.0978 6460  [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
11:34:13.0989 6460  WPDBusEnum - ok
11:34:13.0991 6460  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\windows\system32\drivers\WpdUpFltr.sys
11:34:13.0999 6460  WpdUpFltr - ok
11:34:14.0001 6460  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
11:34:14.0009 6460  ws2ifsl - ok
11:34:14.0012 6460  [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc          C:\windows\System32\wscsvc.dll
11:34:14.0023 6460  wscsvc - ok
11:34:14.0025 6460  WSearch - ok
11:34:14.0042 6460  [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService       C:\windows\System32\WSService.dll
11:34:14.0085 6460  WSService - ok
11:34:14.0109 6460  [ 79F95469604B77296346DE7DB463EA2A ] wuauserv        C:\windows\system32\wuaueng.dll
11:34:14.0146 6460  wuauserv - ok
11:34:14.0149 6460  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
11:34:14.0158 6460  WudfPf - ok
11:34:14.0161 6460  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\windows\System32\drivers\WUDFRd.sys
11:34:14.0171 6460  WUDFRd - ok
11:34:14.0174 6460  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
11:34:14.0185 6460  wudfsvc - ok
11:34:14.0188 6460  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\windows\system32\DRIVERS\WUDFRd.sys
11:34:14.0197 6460  WUDFWpdFs - ok
11:34:14.0200 6460  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp      C:\windows\system32\DRIVERS\WUDFRd.sys
11:34:14.0208 6460  WUDFWpdMtp - ok
11:34:14.0214 6460  [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc         C:\windows\System32\wwansvc.dll
11:34:14.0227 6460  WwanSvc - ok
11:34:14.0240 6460  [ 24FB8DB6D1D55E2C5D0A53DFE48E6AF8 ] Yontoo Desktop Updater C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
11:34:14.0289 6460  Yontoo Desktop Updater ( UnsignedFile.Multi.Generic ) - warning
11:34:14.0290 6460  Yontoo Desktop Updater - detected UnsignedFile.Multi.Generic (1)
11:34:14.0296 6460  ================ Scan global ===============================
11:34:14.0299 6460  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\windows\system32\basesrv.dll
11:34:14.0303 6460  [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\windows\system32\winsrv.dll
11:34:14.0309 6460  [ BD7C6949984D19AAA609896B675E7357 ] C:\windows\system32\sxssrv.dll
11:34:14.0315 6460  [ 8F226143046435C75C033B0C52E90FFE ] C:\windows\system32\services.exe
11:34:14.0320 6460  [Global] - ok
11:34:14.0320 6460  ================ Scan MBR ==================================
11:34:14.0321 6460  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:34:14.0347 6460  \Device\Harddisk0\DR0 - ok
11:34:14.0348 6460  ================ Scan VBR ==================================
11:34:14.0349 6460  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1
11:34:14.0349 6460  \Device\Harddisk0\DR0\Partition1 - ok
11:34:14.0351 6460  [ 38EEF37150E1B339F40944840E21857A ] \Device\Harddisk0\DR0\Partition2
11:34:14.0352 6460  \Device\Harddisk0\DR0\Partition2 - ok
11:34:14.0353 6460  [ 48557E353E3A9544134C9677A13E4567 ] \Device\Harddisk0\DR0\Partition3
11:34:14.0354 6460  \Device\Harddisk0\DR0\Partition3 - ok
11:34:14.0355 6460  [ C2B3C8B11CA09D8191700CA04D22EBDA ] \Device\Harddisk0\DR0\Partition4
11:34:14.0356 6460  \Device\Harddisk0\DR0\Partition4 - ok
11:34:14.0358 6460  [ 6D84CB10E80AD4FC62318C83C4A1F301 ] \Device\Harddisk0\DR0\Partition5
11:34:14.0359 6460  \Device\Harddisk0\DR0\Partition5 - ok
11:34:14.0359 6460  ============================================================
11:34:14.0359 6460  Scan finished
11:34:14.0359 6460  ============================================================
11:34:14.0365 2500  Detected object count: 6
11:34:14.0365 2500  Actual detected object count: 6
11:35:21.0019 2500  ClassicShellService ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:21.0019 2500  ClassicShellService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:35:21.0020 2500  Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:21.0020 2500  Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:35:21.0020 2500  Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:21.0020 2500  Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:35:21.0021 2500  CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:21.0021 2500  CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:35:21.0021 2500  GFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:21.0021 2500  GFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
11:35:21.0022 2500  Yontoo Desktop Updater ( UnsignedFile.Multi.Generic ) - skipped by user
11:35:21.0022 2500  Yontoo Desktop Updater ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Vielen dank für deine Hilfe

Alt 08.06.2013, 12:23   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Windows System immer bei 20% Systemauslastung, Virus vermutet - Standard

Windows System immer bei 20% Systemauslastung, Virus vermutet



Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Scan.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.06.2013, 12:40   #13
Trancegott
 
Windows System immer bei 20% Systemauslastung, Virus vermutet - Standard

Windows System immer bei 20% Systemauslastung, Virus vermutet



Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-06-2013
Ran by Thomas Terpelle (administrator) on 08-06-2013 12:39:38
Running from E:\Thomas\Downloads\Setups
Windows 8 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(IvoSoft) c:\Program Files\Classic Shell\ClassicShellService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
(IvoSoft) c:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(Microsoft) C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Unified Intents AB) C:\Program Files (x86)\Unified Remote\RemoteServer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe
(Creative Technology Ltd.) C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe
(Yontoo LLC) C:\Users\Heinz\AppData\Roaming\Yontoo\YontooDesktop.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: []  [x]
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [13196432 2012-09-25] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] %ProgramFiles%\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2611112 2012-09-05] ()
HKLM\...\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-05] ()
HKLM\...\Run: [TecoResident] C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] "C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe"  /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip" /h [223242 2012-08-20] ()
HKLM\...\Run: [Creative SB Monitoring Utility] RunDll32 sbavmon.dll,SBAVMonitor [x]
HKCU\...\Run: [GoogleDriveSync] "c:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [19662744 2013-04-16] (Google)
HKCU\...\Run: [Google Update] "C:\Users\Heinz\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-05-31] (Google Inc.)
HKCU\...\Run: [MusicManager] "C:\Users\Heinz\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" [7331840 2013-04-24] (Google Inc.)
HKCU\...\Run: [Unified Remote v2] C:\Program Files (x86)\Unified Remote\RemoteServer.exe [276568 2013-04-11] (Unified Intents AB)
HKLM-x32\...\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 [155488 2012-08-02] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642216 2012-09-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TPUReg] "C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe" /Retimes [7148032 2012-10-31] (Pegatron Corporation)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe" /r [241789 2010-02-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [Module Loader] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun [57344 2007-07-23] (Creative Technology Ltd.)
HKLM-x32\...\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-05-11] (Adobe Systems Incorporated)
Startup: C:\Users\Heinz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
HKCU SearchScopes: DefaultScope {65AAC44C-F137-491E-B2E0-08FBBC6459A2} URL = 
SearchScopes: HKCU - {65AAC44C-F137-491E-B2E0-08FBBC6459A2} URL = 
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Chrome: 
=======
CHR HomePage: hxxp://www.Twitter.com/
CHR Extension: (Easy Auto Refresh) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc\2.8_0
CHR Extension: (Angry Birds) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0
CHR Extension: (Google Docs) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0
CHR Extension: (Google Search) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google+) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm\1.2.0.418_0
CHR Extension: (Gmail) - C:\Users\Heinz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 ClassicShellService; c:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-04-13] (IvoSoft)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-14] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-08-31] (Realtek Semiconductor)
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-09-25] (Toshiba Europe GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R2 Yontoo Desktop Updater; C:\Users\Heinz\AppData\Roaming\Yontoo\YontooDesktop.exe [47392 2013-05-22] (Yontoo LLC)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-05-09] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378432 2013-05-09] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-05-09] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 ksaud; C:\Windows\system32\drivers\ksaud.sys [1588608 2010-07-30] (Creative Technology Ltd.)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-12] (PEGATRON)
S3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [1119232 2012-06-30] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-08 12:39 - 2013-06-08 12:39 - 00000000 ____D C:\FRST
2013-06-07 18:01 - 2013-06-07 18:01 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Malwarebytes
2013-06-07 18:01 - 2013-06-07 18:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-07 18:01 - 2013-06-07 18:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-07 18:01 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-06-07 13:02 - 2013-06-07 18:08 - 00000000 ____D C:\Windows\Minidump
2013-06-06 23:11 - 2013-06-06 23:11 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-06-06 11:09 - 2013-06-06 11:09 - 00000000 ____D C:\Program Files (x86)\Samsung Magician
2013-06-06 11:06 - 2013-06-06 11:09 - 00001114 ____A C:\Users\Public\Desktop\Samsung Magician.lnk
2013-06-05 11:10 - 2013-06-05 11:10 - 00000000 ____D C:\ProgramData\Synaptics
2013-06-04 09:15 - 2013-06-04 09:15 - 00203672 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
2013-06-04 09:15 - 2013-06-04 09:15 - 00103448 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys
2013-06-04 08:27 - 2013-06-04 08:27 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Unified Remote
2013-06-04 08:27 - 2013-06-04 08:27 - 00000000 ____D C:\Program Files (x86)\Unified Remote
2013-06-02 15:34 - 2013-06-02 15:34 - 00001055 ____A C:\Users\Heinz\Desktop\eclipse.lnk
2013-06-01 16:51 - 2013-06-01 16:51 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-05-31 13:57 - 2013-06-08 12:02 - 00000956 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2594244226-710932845-2937545045-1001UA.job
2013-05-31 13:56 - 2013-06-07 14:01 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2594244226-710932845-2937545045-1001Core.job
2013-05-26 16:14 - 2013-05-26 16:14 - 00000000 ____D C:\ProgramData\TOSHIBA Tempro
2013-05-26 16:14 - 2013-05-26 16:14 - 00000000 ____D C:\ProgramData\IsolatedStorage
2013-05-26 12:48 - 2013-05-26 12:48 - 00000000 ____D C:\Program Files (x86)\XMedia Recode
2013-05-26 11:07 - 2013-06-03 13:23 - 00000048 ____A C:\Users\Heinz\Desktop\W8.txt
2013-05-25 22:10 - 2013-05-25 22:10 - 00000000 ____D C:\Program Files\DIFX
2013-05-24 22:46 - 2013-06-06 22:39 - 00354840 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-24 13:45 - 2013-05-24 13:45 - 00000000 ____D C:\Users\Heinz\AppData\Local\Adobe
2013-05-23 16:19 - 2013-05-23 16:19 - 00001628 ____A C:\Users\Heinz\Desktop\Medien_Generator.lnk
2013-05-23 16:18 - 2013-05-23 16:18 - 00001520 ____A C:\Users\Heinz\Desktop\Medien.lnk
2013-05-23 16:02 - 2013-05-23 16:48 - 00000000 ____D C:\Windows\AutoKMS
2013-05-23 16:00 - 2013-05-23 16:00 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2013-05-23 15:53 - 2013-05-23 15:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-23 15:51 - 2013-05-23 15:51 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-05-23 15:51 - 2013-05-23 15:51 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-05-23 15:50 - 2013-05-23 15:51 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-05-23 15:50 - 2013-05-23 15:50 - 00000000 ____D C:\Windows\PCHEALTH
2013-05-23 15:48 - 2013-05-23 15:50 - 00000000 ____D C:\Program Files\Microsoft Office
2013-05-23 15:48 - 2013-05-23 15:48 - 00000000 __RHD C:\MSOCache
2013-05-23 15:48 - 2013-05-23 15:48 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-05-23 15:48 - 2013-05-23 15:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-05-23 15:48 - 2013-05-23 15:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-05-23 15:36 - 2013-05-23 15:36 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\WinRAR
2013-05-23 14:59 - 2013-05-23 14:59 - 00000956 ____A C:\Users\Heinz\Desktop\Dubstep.lnk
2013-05-23 14:40 - 2013-06-07 18:10 - 00007600 ____A C:\Users\Heinz\AppData\Local\Resmon.ResmonCfg
2013-05-23 14:22 - 2013-05-23 14:22 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Auslogics
2013-05-23 14:22 - 2013-05-23 14:22 - 00000000 ____D C:\Program Files (x86)\Auslogics
2013-05-23 13:42 - 2012-10-12 08:13 - 00109568 ____A (Microsoft Corporation) C:\Windows\System32\dskquota.dll
2013-05-23 13:42 - 2012-10-12 07:39 - 00082944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dskquota.dll
2013-05-23 13:41 - 2012-10-24 06:54 - 00396008 ____A (Microsoft Corporation) C:\Windows\System32\hal.dll
2013-05-23 13:41 - 2012-10-17 06:32 - 01172992 ____A (Microsoft Corporation) C:\Windows\System32\mfnetsrc.dll
2013-05-23 13:41 - 2012-10-17 06:32 - 00677888 ____A (Microsoft Corporation) C:\Windows\System32\mfnetcore.dll
2013-05-23 13:41 - 2012-10-17 06:32 - 00673280 ____A (Microsoft Corporation) C:\Windows\System32\mfmpeg2srcsnk.dll
2013-05-23 13:41 - 2012-10-17 05:57 - 00929792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2013-05-23 13:41 - 2012-10-17 05:57 - 00568832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2013-05-23 13:41 - 2012-10-17 05:57 - 00513024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2013-05-23 13:41 - 2012-10-11 09:47 - 00793200 ____A (Microsoft Corporation) C:\Windows\System32\mfplat.dll
2013-05-23 13:41 - 2012-10-11 09:35 - 02380944 ____A (Microsoft Corporation) C:\Windows\explorer.exe
2013-05-23 13:41 - 2012-10-11 07:56 - 02115952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-05-23 13:41 - 2012-10-11 07:46 - 01395712 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll
2013-05-23 13:41 - 2012-10-11 07:45 - 00590848 ____A (Microsoft Corporation) C:\Windows\System32\SHCore.dll
2013-05-23 13:41 - 2012-10-11 07:45 - 00579584 ____A (Microsoft Corporation) C:\Windows\System32\StructuredQuery.dll
2013-05-23 13:41 - 2012-10-11 07:44 - 01265152 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-05-23 13:41 - 2012-10-11 07:44 - 00904192 ____A (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll
2013-05-23 13:41 - 2012-10-11 07:43 - 02206208 ____A (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2013-05-23 13:41 - 2012-10-11 07:42 - 00612416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2013-05-23 13:41 - 2012-10-11 07:07 - 01226752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2013-05-23 13:41 - 2012-10-11 07:06 - 01841152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-05-23 13:41 - 2012-10-11 02:45 - 00478424 ____A C:\Windows\SysWOW64\locale.nls
2013-05-23 13:41 - 2012-10-11 02:44 - 00478424 ____A C:\Windows\System32\locale.nls
2013-05-23 13:40 - 2012-10-11 09:25 - 00056552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sdstor.sys
2013-05-23 13:40 - 2012-10-11 09:23 - 00441576 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2013-05-23 13:40 - 2012-10-11 09:18 - 00172264 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-05-23 13:40 - 2012-10-11 09:13 - 00058088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dam.sys
2013-05-23 13:40 - 2012-10-11 09:13 - 00033512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\battc.sys
2013-05-23 13:40 - 2012-10-11 09:08 - 00562392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-05-23 13:40 - 2012-10-11 07:46 - 00517120 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2013-05-23 13:40 - 2012-10-11 07:46 - 00154112 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Storage.Compression.dll
2013-05-23 13:40 - 2012-10-11 07:46 - 00049664 ____A (Microsoft Corporation) C:\Windows\System32\BdeUISrv.exe
2013-05-23 13:40 - 2012-10-11 07:46 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\wfapigp.dll
2013-05-23 13:40 - 2012-10-11 07:45 - 01045504 ____A (Microsoft Corporation) C:\Windows\System32\usercpl.dll
2013-05-23 13:40 - 2012-10-11 07:45 - 00505344 ____A (Microsoft Corporation) C:\Windows\System32\SpaceControl.dll
2013-05-23 13:40 - 2012-10-11 07:45 - 00370176 ____A (Microsoft Corporation) C:\Windows\System32\SysFxUI.dll
2013-05-23 13:40 - 2012-10-11 07:45 - 00055808 ____A (Microsoft Corporation) C:\Windows\System32\PCPKsp.dll
2013-05-23 13:40 - 2012-10-11 07:44 - 00561152 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2013-05-23 13:40 - 2012-10-11 07:44 - 00355328 ____A (Microsoft Corporation) C:\Windows\System32\mswsock.dll
2013-05-23 13:40 - 2012-10-11 07:44 - 00264704 ____A (Microsoft Corporation) C:\Windows\System32\ListSvc.dll
2013-05-23 13:40 - 2012-10-11 07:44 - 00259584 ____A (Microsoft Corporation) C:\Windows\System32\input.dll
2013-05-23 13:40 - 2012-10-11 07:44 - 00105984 ____A (Microsoft Corporation) C:\Windows\System32\icfupgd.dll
2013-05-23 13:40 - 2012-10-11 07:43 - 01836032 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-23 13:40 - 2012-10-11 07:43 - 01294336 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-05-23 13:40 - 2012-10-11 07:43 - 01280000 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-23 13:40 - 2012-10-11 07:43 - 00757760 ____A (Microsoft Corporation) C:\Windows\System32\FirewallAPI.dll
2013-05-23 13:40 - 2012-10-11 07:43 - 00331776 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll
2013-05-23 13:40 - 2012-10-11 07:43 - 00244224 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2013-05-23 13:40 - 2012-10-11 07:43 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\bdesvc.dll
2013-05-23 13:40 - 2012-10-11 07:43 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\AppxSip.dll
2013-05-23 13:40 - 2012-10-11 07:43 - 00081920 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc.dll
2013-05-23 13:40 - 2012-10-11 07:43 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2013-05-23 13:40 - 2012-10-11 07:23 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\microsoft-windows-pdc.dll
2013-05-23 13:40 - 2012-10-11 07:23 - 00007680 ____A (Microsoft Corporation) C:\Windows\System32\kbdhebl3.dll
2013-05-23 13:40 - 2012-10-11 07:19 - 00005632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmkaud.sys
2013-05-23 13:40 - 2012-10-11 07:18 - 00111616 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2013-05-23 13:40 - 2012-10-11 07:16 - 00286208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2013-05-23 13:40 - 2012-10-11 07:15 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mpsdrv.sys
2013-05-23 13:40 - 2012-10-11 07:07 - 00962560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2013-05-23 13:40 - 2012-10-11 07:07 - 00460800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2013-05-23 13:40 - 2012-10-11 07:07 - 00414720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2013-05-23 13:40 - 2012-10-11 07:07 - 00116224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.Compression.dll
2013-05-23 13:40 - 2012-10-11 07:07 - 00047616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2013-05-23 13:40 - 2012-10-11 07:07 - 00019968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2013-05-23 13:40 - 2012-10-11 07:06 - 01420800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-23 13:40 - 2012-10-11 07:06 - 00550912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2013-05-23 13:40 - 2012-10-11 07:06 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-05-23 13:40 - 2012-10-11 07:06 - 00289280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-05-23 13:40 - 2012-10-11 07:06 - 00270336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2013-05-23 13:40 - 2012-10-11 07:06 - 00219648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2013-05-23 13:40 - 2012-10-11 07:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2013-05-23 13:40 - 2012-10-11 07:06 - 00060416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2013-05-23 13:40 - 2012-10-11 07:06 - 00051712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2013-05-23 13:40 - 2012-10-11 07:05 - 00099840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2013-05-23 13:40 - 2012-10-11 06:42 - 00007168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kbdhebl3.dll
2013-05-23 13:40 - 2012-10-11 05:11 - 01022464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-05-23 13:37 - 2012-11-29 07:05 - 01131520 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2013-05-23 13:37 - 2012-11-29 07:05 - 00707584 ____A (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2013-05-23 13:37 - 2012-11-27 08:39 - 01122768 ____A (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
2013-05-23 13:37 - 2012-11-27 06:49 - 01027152 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2013-05-23 13:37 - 2012-11-27 06:20 - 01217536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2013-05-23 13:37 - 2012-11-27 06:20 - 01048064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-05-23 13:37 - 2012-11-27 06:20 - 00798208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2013-05-23 13:37 - 2012-11-27 06:20 - 00680960 ____A (Microsoft Corporation) C:\Windows\System32\vds.exe
2013-05-23 13:37 - 2012-11-27 06:20 - 00560128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2013-05-23 13:37 - 2012-11-27 06:20 - 00179200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2013-05-23 13:37 - 2012-11-27 06:19 - 03245568 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2013-05-23 13:37 - 2012-11-27 06:19 - 01536512 ____A (Microsoft Corporation) C:\Windows\System32\storagewmi.dll
2013-05-23 13:37 - 2012-11-27 06:19 - 00955904 ____A (Microsoft Corporation) C:\Windows\System32\WebcamUi.dll
2013-05-23 13:37 - 2012-11-27 06:19 - 00631808 ____A (Microsoft Corporation) C:\Windows\System32\UserLanguagesCpl.dll
2013-05-23 13:37 - 2012-11-27 06:19 - 00244736 ____A (Microsoft Corporation) C:\Windows\System32\wpnapps.dll
2013-05-23 13:37 - 2012-11-27 06:18 - 01071104 ____A (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2013-05-23 13:37 - 2012-11-27 06:17 - 00718848 ____A (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2013-05-23 13:37 - 2012-11-20 07:24 - 01164800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2013-05-23 13:37 - 2012-11-20 07:17 - 01184256 ____A (Microsoft Corporation) C:\Windows\System32\Display.dll
2013-05-23 13:37 - 2012-11-20 07:02 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KBDKURD.DLL
2013-05-23 13:37 - 2012-11-20 06:59 - 00007168 ____A (Microsoft Corporation) C:\Windows\System32\KBDKURD.DLL
2013-05-23 13:37 - 2012-11-08 06:25 - 00523776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-05-23 13:37 - 2012-11-08 06:25 - 00143872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-05-23 13:37 - 2012-11-08 06:25 - 00124928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-05-23 13:37 - 2012-11-08 06:22 - 00641536 ____A (Microsoft Corporation) C:\Windows\System32\WSShared.dll
2013-05-23 13:37 - 2012-11-08 06:22 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.dll
2013-05-23 13:37 - 2012-11-08 06:22 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-05-23 13:37 - 2012-10-12 10:08 - 00027880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2013-05-23 13:36 - 2012-12-04 06:21 - 00368640 ____A (Microsoft Corporation) C:\Windows\System32\sppwinob.dll
2013-05-23 13:36 - 2012-11-27 06:20 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2013-05-23 13:36 - 2012-11-27 06:20 - 00702464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-05-23 13:36 - 2012-11-27 06:20 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll
2013-05-23 13:36 - 2012-11-27 06:19 - 00245248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-05-23 13:36 - 2012-11-27 06:18 - 00888832 ____A (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2013-05-23 13:36 - 2012-11-27 06:18 - 00378880 ____A (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2013-05-23 13:36 - 2012-10-12 08:14 - 00036352 ____A (Microsoft Corporation) C:\Windows\System32\rfxvmt.dll
2013-05-23 13:36 - 2012-10-12 07:50 - 00235520 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2013-05-23 13:36 - 2012-09-11 07:28 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\vdsldr.exe
2013-05-23 13:36 - 2012-09-11 07:27 - 00190976 ____A (Microsoft Corporation) C:\Windows\System32\vdsutil.dll
2013-05-23 13:36 - 2012-09-11 07:27 - 00120832 ____A (Microsoft Corporation) C:\Windows\System32\vds_ps.dll
2013-05-23 13:35 - 2012-11-06 09:52 - 00277736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2013-05-23 13:35 - 2012-11-06 09:33 - 01566432 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
2013-05-23 13:35 - 2012-11-06 06:48 - 01150160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2013-05-23 13:35 - 2012-11-06 06:20 - 00883712 ____A (Microsoft Corporation) C:\Windows\HelpPane.exe
2013-05-23 13:35 - 2012-11-06 06:20 - 00516608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2013-05-23 13:35 - 2012-11-06 06:20 - 00386560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2013-05-23 13:35 - 2012-11-06 06:20 - 00375296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2013-05-23 13:35 - 2012-11-06 06:20 - 00314880 ____A (Microsoft Corporation) C:\Windows\System32\rdpclip.exe
2013-05-23 13:35 - 2012-11-06 06:20 - 00202240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2013-05-23 13:35 - 2012-11-06 06:20 - 00093696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2013-05-23 13:35 - 2012-11-06 06:20 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 08552448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 01451520 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 01386496 ____A (Microsoft Corporation) C:\Windows\System32\wlansvc.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 00710656 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 00470016 ____A (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 00466944 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 00446464 ____A (Microsoft Corporation) C:\Windows\System32\wlansec.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 00273408 ____A (Microsoft Corporation) C:\Windows\System32\wlanapi.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\WcnApi.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 00126464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\wfdprov.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapPeerProxy.dll
2013-05-23 13:35 - 2012-11-06 06:19 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\WcnEapAuthProxy.dll
2013-05-23 13:35 - 2012-11-06 06:18 - 11459584 ____A (Microsoft Corporation) C:\Windows\System32\glcndFilter.dll
2013-05-23 13:35 - 2012-11-06 06:18 - 01526784 ____A (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2013-05-23 13:35 - 2012-11-06 06:18 - 01037312 ____A (Microsoft Corporation) C:\Windows\System32\localspl.dll
2013-05-23 13:35 - 2012-11-06 06:18 - 00976384 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-05-23 13:35 - 2012-11-06 06:18 - 00501760 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll
2013-05-23 13:35 - 2012-11-06 06:18 - 00449536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-05-23 13:35 - 2012-11-06 06:18 - 00189440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2013-05-23 13:35 - 2012-11-06 06:18 - 00172032 ____A (Microsoft Corporation) C:\Windows\System32\MFCaptureEngine.dll
2013-05-23 13:35 - 2012-11-06 06:18 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\fdWCN.dll
2013-05-23 13:35 - 2012-11-06 06:18 - 00084992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fdWCN.dll
2013-05-23 13:35 - 2012-11-06 06:17 - 00212992 ____A (Microsoft Corporation) C:\Windows\System32\bthprops.cpl
2013-05-23 13:35 - 2012-11-06 06:17 - 00110080 ____A (Microsoft Corporation) C:\Windows\System32\dafWCN.dll
2013-05-23 13:35 - 2012-11-06 06:00 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\iscsilog.dll
2013-05-23 13:35 - 2012-11-06 05:58 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\wlanhlp.dll
2013-05-23 13:35 - 2012-11-06 05:56 - 00009728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2013-05-23 13:35 - 2012-11-06 05:55 - 00090624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdk8.sys
2013-05-23 13:35 - 2012-11-06 05:55 - 00089088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\intelppm.sys
2013-05-23 13:35 - 2012-11-06 05:55 - 00088064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\amdppm.sys
2013-05-23 13:35 - 2012-11-06 05:55 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\processr.sys
2013-05-23 13:35 - 2012-11-06 05:55 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fxppm.sys
2013-05-23 13:35 - 2012-11-06 05:53 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-05-23 13:35 - 2012-11-06 05:51 - 00665600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-05-23 13:13 - 2013-05-24 11:38 - 00000000 ____D C:\Users\Heinz\.android
2013-05-23 12:23 - 2013-06-07 18:08 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Media Player Classic
2013-05-23 12:20 - 2013-06-07 18:20 - 00133120 __ASH C:\Users\Heinz\Desktop\Thumbs.db
2013-05-23 12:20 - 2013-05-23 12:20 - 00000640 ____A C:\Users\Heinz\Desktop\Thomas.lnk
2013-05-23 12:16 - 2013-05-23 12:16 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2013-05-23 11:38 - 2013-05-23 11:38 - 00000000 ___HD C:\ProgramData\CanonBJ
2013-05-23 11:10 - 2013-05-23 11:10 - 00000000 ____D C:\ProgramData\Creative
2013-05-23 04:54 - 2013-05-07 22:07 - 00693112 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-23 04:54 - 2013-05-07 22:07 - 00078200 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-23 04:49 - 2013-05-23 11:09 - 00000000 ___RD C:\Windows\BrowserChoice
2013-05-23 04:00 - 2013-05-03 17:15 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-22 21:04 - 2013-01-10 01:26 - 01611776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2013-05-22 21:04 - 2013-01-10 01:26 - 00890880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-05-22 21:04 - 2013-01-10 01:23 - 02094592 ____A (Microsoft Corporation) C:\Windows\System32\mmc.exe
2013-05-22 21:04 - 2013-01-10 01:23 - 01964544 ____A (Microsoft Corporation) C:\Windows\System32\wlidsvc.dll
2013-05-22 21:04 - 2013-01-10 01:22 - 01120768 ____A (Microsoft Corporation) C:\Windows\System32\msctf.dll
2013-05-22 21:04 - 2012-08-31 02:53 - 00017888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2013-05-22 21:04 - 2012-08-31 02:52 - 00017888 ____A (Microsoft Corporation) C:\Windows\System32\msvcr100_clr0400.dll
2013-05-22 21:03 - 2013-04-09 06:51 - 14267904 ____A (Microsoft Corporation) C:\Windows\System32\wmp.dll
2013-05-22 21:03 - 2013-04-09 06:51 - 13648384 ____A (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2013-05-22 21:03 - 2013-04-09 06:51 - 10116096 ____A (Microsoft Corporation) C:\Windows\System32\twinui.dll
2013-05-22 21:03 - 2013-04-09 06:51 - 03552768 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll
2013-05-22 21:03 - 2013-04-09 06:50 - 02107904 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll
2013-05-22 21:03 - 2013-04-09 04:35 - 04038144 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-22 21:03 - 2013-04-08 23:52 - 11878912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-05-22 21:03 - 2013-04-08 23:51 - 10789888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-05-22 21:03 - 2013-04-08 23:51 - 08857088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-05-22 21:03 - 2013-03-02 13:02 - 00058288 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2013-05-22 21:03 - 2013-03-02 12:57 - 00337128 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
2013-05-22 21:03 - 2013-03-02 12:57 - 00332520 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2013-05-22 21:03 - 2013-03-02 12:57 - 00077544 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storahci.sys
2013-05-22 21:03 - 2013-03-02 12:45 - 00194792 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2013-05-22 21:03 - 2013-03-02 12:45 - 00148712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tpm.sys
2013-05-22 21:03 - 2013-03-02 12:45 - 00125160 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2013-05-22 21:03 - 2013-03-02 12:39 - 00495336 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\vhdmp.sys
2013-05-22 21:03 - 2013-03-02 12:39 - 00327912 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys
2013-05-22 21:03 - 2013-03-02 11:59 - 02231528 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-05-22 21:03 - 2013-03-02 11:59 - 00411880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-05-22 21:03 - 2013-03-02 10:24 - 00034304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-05-22 21:03 - 2013-03-02 10:23 - 01338880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-22 21:03 - 2013-03-02 10:23 - 00893952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2013-05-22 21:03 - 2013-03-02 10:23 - 00621056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-05-22 21:03 - 2013-03-02 10:23 - 00601088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2013-05-22 21:03 - 2013-03-02 10:23 - 00504320 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2013-05-22 21:03 - 2013-03-02 10:23 - 00356352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-05-22 21:03 - 2013-03-02 10:23 - 00246784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-05-22 21:03 - 2013-03-02 10:23 - 00125952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-05-22 21:03 - 2013-03-02 10:23 - 00100864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2013-05-22 21:03 - 2013-03-02 10:23 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-05-22 21:03 - 2013-03-02 10:22 - 05091840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-05-22 21:03 - 2013-03-02 10:22 - 00850944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-05-22 21:03 - 2013-03-02 10:22 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2013-05-22 21:03 - 2013-03-02 10:21 - 00550912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2013-05-22 21:03 - 2013-03-02 10:21 - 00309760 ____A (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-05-22 21:03 - 2013-03-02 10:21 - 00145408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2013-05-22 21:03 - 2013-03-02 10:21 - 00036352 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 03240448 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 01627648 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 01619968 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 01161728 ____A (Microsoft Corporation) C:\Windows\System32\sppobjs.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 01149952 ____A (Microsoft Corporation) C:\Windows\System32\winmde.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 01101824 ____A (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00951808 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Globalization.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00760320 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00645120 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00328192 ____A (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00251904 ____A (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\usbmon.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00240640 ____A (Microsoft Corporation) C:\Windows\System32\fsquirt.exe
2013-05-22 21:03 - 2013-03-02 04:45 - 00180224 ____A (Microsoft Corporation) C:\Windows\System32\SystemEventsBrokerServer.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\storewuauth.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00171008 ____A (Microsoft Corporation) C:\Windows\System32\TimeBrokerServer.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\wpdbusenum.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00077824 ____A (Microsoft Corporation) C:\Windows\System32\taskhost.exe
2013-05-22 21:03 - 2013-03-02 04:45 - 00072192 ____A (Microsoft Corporation) C:\Windows\System32\taskhostex.exe
2013-05-22 21:03 - 2013-03-02 04:45 - 00071168 ____A (Microsoft Corporation) C:\Windows\System32\WSDPrintProxy.DLL
2013-05-22 21:03 - 2013-03-02 04:45 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2013-05-22 21:03 - 2013-03-02 04:45 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2013-05-22 21:03 - 2013-03-02 04:44 - 05978624 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-05-22 21:03 - 2013-03-02 04:44 - 01048576 ____A (Microsoft Corporation) C:\Windows\System32\mfasfsrcsnk.dll
2013-05-22 21:03 - 2013-03-02 04:44 - 00703488 ____A (Microsoft Corporation) C:\Windows\System32\drvstore.dll
2013-05-22 21:03 - 2013-03-02 04:44 - 00455168 ____A (Microsoft Corporation) C:\Windows\System32\netcfgx.dll
2013-05-22 21:03 - 2013-03-02 04:44 - 00448512 ____A (Microsoft Corporation) C:\Windows\System32\SettingSync.dll
2013-05-22 21:03 - 2013-03-02 04:44 - 00150016 ____A (Microsoft Corporation) C:\Windows\System32\discan.dll
2013-05-22 21:03 - 2013-03-02 04:44 - 00128512 ____A (Microsoft Corporation) C:\Windows\System32\SettingSyncInfo.dll
2013-05-22 21:03 - 2013-03-02 04:44 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\NdisImPlatform.dll
2013-05-22 21:03 - 2013-03-02 04:44 - 00049152 ____A (Microsoft Corporation) C:\Windows\System32\DevDispItemProvider.dll
2013-05-22 21:03 - 2013-03-02 04:43 - 00389120 ____A (Microsoft Corporation) C:\Windows\System32\BCP47Langs.dll
2013-05-22 21:03 - 2013-03-02 04:43 - 00156160 ____A (Microsoft Corporation) C:\Windows\System32\powercfg.cpl
2013-05-22 21:03 - 2013-03-02 04:15 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mouhid.sys
2013-05-22 21:03 - 2013-03-01 06:56 - 00156672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rfcomm.sys
2013-05-22 21:03 - 2013-03-01 06:56 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\monitor.sys
2013-05-22 21:03 - 2013-03-01 06:55 - 01175040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthport.sys
2013-05-22 21:03 - 2013-01-10 03:53 - 00028904 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msgpiowin32.sys
2013-05-22 21:03 - 2013-01-10 03:29 - 00785504 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2013-05-22 21:03 - 2013-01-10 03:29 - 00091880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2013-05-22 21:03 - 2013-01-10 01:26 - 01752064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2013-05-22 21:03 - 2013-01-10 01:26 - 00436736 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2013-05-22 21:03 - 2013-01-10 01:26 - 00261120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2013-05-22 21:03 - 2013-01-10 01:26 - 00083968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe
2013-05-22 21:03 - 2013-01-10 01:26 - 00067584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-05-22 21:03 - 2013-01-10 01:23 - 01886208 ____A (Microsoft Corporation) C:\Windows\System32\setupapi.dll
2013-05-22 21:03 - 2013-01-10 01:23 - 00728064 ____A (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2013-05-22 21:03 - 2013-01-10 01:23 - 00406016 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Media.dll
2013-05-22 21:03 - 2013-01-10 01:23 - 00256000 ____A (Microsoft Corporation) C:\Windows\System32\WSDMon.dll
2013-05-22 21:03 - 2013-01-10 01:23 - 00095232 ____A (Microsoft Corporation) C:\Windows\System32\wiaacmgr.exe
2013-05-22 21:03 - 2013-01-10 01:22 - 00894464 ____A (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2013-05-22 21:03 - 2013-01-10 01:22 - 00666112 ____A (Microsoft Corporation) C:\Windows\System32\MP4SDECD.DLL
2013-05-22 21:03 - 2013-01-10 01:22 - 00438272 ____A (Microsoft Corporation) C:\Windows\System32\lsm.dll
2013-05-22 21:03 - 2013-01-10 01:22 - 00159232 ____A (Microsoft Corporation) C:\Windows\System32\inetpp.dll
2013-05-22 21:03 - 2013-01-09 05:59 - 00341504 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\HdAudio.sys
2013-05-22 21:03 - 2013-01-09 05:59 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BTHUSB.SYS
2013-05-22 21:03 - 2013-01-09 05:58 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bthenum.sys
2013-05-22 21:03 - 2012-11-06 06:20 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-05-22 21:03 - 2012-11-06 06:20 - 00017408 ____A (Microsoft Corporation) C:\Windows\System32\wuaext.dll
2013-05-22 21:03 - 2012-11-06 06:00 - 00099328 ____A (Microsoft Corporation) C:\Windows\System32\wushareduxresources.dll
2013-05-22 21:03 - 2012-11-02 07:20 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2013-05-22 21:03 - 2012-11-02 07:19 - 00171520 ____A (Microsoft Corporation) C:\Windows\System32\ncbservice.dll
2013-05-22 21:03 - 2012-11-02 07:18 - 00107520 ____A (Microsoft Corporation) C:\Windows\System32\httpprxm.dll
2013-05-22 21:03 - 2012-11-02 07:18 - 00062464 ____A (Microsoft Corporation) C:\Windows\System32\adhsvc.dll
2013-05-22 21:03 - 2012-11-02 07:18 - 00022528 ____A (Microsoft Corporation) C:\Windows\System32\adhapi.dll
2013-05-22 21:03 - 2012-11-02 07:18 - 00017920 ____A (Microsoft Corporation) C:\Windows\System32\httpprxp.dll
2013-05-22 21:03 - 2012-11-02 07:18 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\keepaliveprovider.dll
2013-05-22 21:02 - 2013-04-16 04:34 - 01455368 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-22 21:02 - 2013-04-10 01:17 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-22 21:02 - 2013-04-10 01:16 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-22 21:02 - 2013-04-10 01:16 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-22 21:02 - 2013-04-10 00:29 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-22 21:02 - 2013-04-10 00:29 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-22 21:02 - 2013-04-09 07:33 - 00489576 ____A (Microsoft Corporation) C:\Windows\System32\AudioEng.dll
2013-05-22 21:02 - 2013-04-09 07:33 - 00446792 ____A (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2013-05-22 21:02 - 2013-04-09 07:33 - 00253544 ____A (Microsoft Corporation) C:\Windows\System32\audiodg.exe
2013-05-22 21:02 - 2013-04-09 07:27 - 00284424 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2013-05-22 21:02 - 2013-04-09 07:20 - 00306952 ____A (Microsoft Corporation) C:\Windows\System32\kd_02_10ec.dll
2013-05-22 21:02 - 2013-04-09 07:20 - 00086280 ____A (Microsoft Corporation) C:\Windows\System32\kdnet.dll
2013-05-22 21:02 - 2013-04-09 07:18 - 00077960 ____A (Microsoft Corporation) C:\Windows\System32\kdvm.dll
2013-05-22 21:02 - 2013-04-09 07:17 - 01829408 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-05-22 21:02 - 2013-04-09 06:52 - 00816128 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
2013-05-22 21:02 - 2013-04-09 06:52 - 00804352 ____A (Microsoft Corporation) C:\Windows\System32\RecoveryDrive.exe
2013-05-22 21:02 - 2013-04-09 06:52 - 00373760 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
2013-05-22 21:02 - 2013-04-09 06:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
2013-05-22 21:02 - 2013-04-09 06:52 - 00126464 ____A (Microsoft Corporation) C:\Windows\System32\Robocopy.exe
2013-05-22 21:02 - 2013-04-09 06:51 - 00595456 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.dll
2013-05-22 21:02 - 2013-04-09 06:51 - 00523264 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-22 21:02 - 2013-04-09 06:51 - 00456704 ____A (Microsoft Corporation) C:\Windows\System32\wpncore.dll
2013-05-22 21:02 - 2013-04-09 06:51 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
2013-05-22 21:02 - 2013-04-09 06:51 - 00367616 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-05-22 21:02 - 2013-04-09 06:51 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wscsvc.dll
2013-05-22 21:02 - 2013-04-09 06:50 - 01285632 ____A (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2013-05-22 21:02 - 2013-04-09 06:50 - 00745984 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll
2013-05-22 21:02 - 2013-04-09 06:50 - 00435200 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll
2013-05-22 21:02 - 2013-04-09 06:50 - 00422400 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-05-22 21:02 - 2013-04-09 06:50 - 00414720 ____A (Microsoft Corporation) C:\Windows\System32\GenuineCenter.dll
2013-05-22 21:02 - 2013-04-09 06:50 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\mssprxy.dll
2013-05-22 21:02 - 2013-04-09 06:50 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll
2013-05-22 21:02 - 2013-04-09 06:50 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\msshooks.dll
2013-05-22 21:02 - 2013-04-09 06:49 - 01444864 ____A (Microsoft Corporation) C:\Windows\System32\MSAudDecMFT.dll
2013-05-22 21:02 - 2013-04-09 06:49 - 00817152 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2013-05-22 21:02 - 2013-04-09 06:49 - 00468992 ____A (Microsoft Corporation) C:\Windows\System32\MFMediaEngine.dll
2013-05-22 21:02 - 2013-04-09 06:49 - 00281088 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll
2013-05-22 21:02 - 2013-04-09 06:49 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\fhengine.dll
2013-05-22 21:02 - 2013-04-09 06:49 - 00210432 ____A (Microsoft Corporation) C:\Windows\System32\iuilp.dll
2013-05-22 21:02 - 2013-04-09 06:49 - 00196096 ____A (Microsoft Corporation) C:\Windows\System32\dmvdsitf.dll
2013-05-22 21:02 - 2013-04-09 06:49 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\dwmredir.dll
2013-05-22 21:02 - 2013-04-09 06:49 - 00050176 ____A (Microsoft Corporation) C:\Windows\System32\fmifs.dll
2013-05-22 21:02 - 2013-04-09 06:48 - 02303488 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-22 21:02 - 2013-04-09 06:48 - 00785408 ____A (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2013-05-22 21:02 - 2013-04-09 06:48 - 00419840 ____A (Microsoft Corporation) C:\Windows\System32\intl.cpl
2013-05-22 21:02 - 2013-04-09 06:48 - 00169472 ____A (Microsoft Corporation) C:\Windows\System32\AudioEndpointBuilder.dll
2013-05-22 21:02 - 2013-04-09 04:34 - 00095744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidbth.sys
2013-05-22 21:02 - 2013-04-09 04:34 - 00083968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidclass.sys
2013-05-22 21:02 - 2013-04-09 04:34 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidusb.sys
2013-05-22 21:02 - 2013-04-09 04:33 - 00623104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2013-05-22 21:02 - 2013-04-09 04:33 - 00060416 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndproxy.sys
2013-05-22 21:02 - 2013-04-09 04:32 - 00805376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\PEAuth.sys
2013-05-22 21:02 - 2013-04-09 04:31 - 00247808 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2013-05-22 21:02 - 2013-04-09 04:31 - 00083456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\wanarp.sys
2013-05-22 21:02 - 2013-04-09 01:44 - 00123880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2013-05-22 21:02 - 2013-04-09 01:39 - 01408896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-05-22 21:02 - 2013-04-09 01:37 - 00426024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2013-05-22 21:02 - 2013-04-09 01:37 - 00324368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2013-05-22 21:02 - 2013-04-08 23:52 - 00670208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2013-05-22 21:02 - 2013-04-08 23:52 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-22 21:02 - 2013-04-08 23:52 - 00302592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2013-05-22 21:02 - 2013-04-08 23:52 - 00171008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2013-05-22 21:02 - 2013-04-08 23:52 - 00106496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2013-05-22 21:02 - 2013-04-08 23:51 - 02767360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 02035200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 01593344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 01113600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00659456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00656896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00411136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00403968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00389632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-05-22 21:02 - 2013-04-08 23:51 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00324096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00268800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00214528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00186880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00155648 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fmifs.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00035328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2013-05-22 21:02 - 2013-04-08 23:51 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2013-05-22 21:02 - 2013-04-05 01:30 - 00503080 ____A (Microsoft Corporation) C:\Windows\System32\ci.dll
2013-05-22 21:02 - 2013-04-03 00:08 - 00387688 ____A C:\Windows\System32\ApnDatabase.xml
2013-05-22 21:02 - 2013-03-30 20:16 - 01403784 ____A (Microsoft Corporation) C:\Windows\System32\winload.efi
2013-05-22 21:02 - 2013-03-30 20:16 - 01267424 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe
2013-05-22 21:02 - 2013-03-29 00:09 - 01217328 ____A (Microsoft Corporation) C:\Windows\System32\winresume.efi
2013-05-22 21:02 - 2013-03-29 00:09 - 01093880 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe
2013-05-22 21:02 - 2013-03-16 00:05 - 00298456 ____A (Microsoft Corporation) C:\Windows\System32\rsaenh.dll
2013-05-22 21:02 - 2013-03-16 00:05 - 00252928 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2013-05-22 21:02 - 2013-03-02 12:39 - 00069864 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pdc.sys
2013-05-22 21:02 - 2013-03-02 04:43 - 02146304 ____A (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2013-05-22 21:02 - 2013-02-07 03:33 - 00754176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2013-05-22 21:02 - 2013-02-02 10:40 - 00155136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2013-05-22 21:02 - 2013-02-02 10:23 - 00228352 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll
2013-05-22 21:02 - 2013-01-10 03:40 - 00303848 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-22 21:02 - 2012-12-13 06:00 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-05-22 21:02 - 2012-12-13 05:59 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-05-22 21:02 - 2012-11-20 06:54 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hidi2c.sys
2013-05-22 21:02 - 2012-11-10 06:23 - 00148480 ____A (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2013-05-22 21:02 - 2012-11-10 06:23 - 00132608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-05-22 21:02 - 2012-11-10 06:22 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\tssdisai.dll
2013-05-22 21:02 - 2012-11-10 06:22 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\RDWebAI.dll
2013-05-22 21:02 - 2012-11-10 06:22 - 00122880 ____A (Microsoft Corporation) C:\Windows\System32\VmHostAI.dll
2013-05-22 21:02 - 2012-11-10 06:20 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\appserverai.dll
2013-05-22 21:02 - 2012-11-06 09:33 - 00522640 ____A (Microsoft Corporation) C:\Windows\System32\AUDIOKSE.dll
2013-05-22 21:02 - 2012-11-06 07:00 - 00463768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2013-05-22 21:02 - 2012-11-06 06:18 - 00267264 ____A (Microsoft Corporation) C:\Windows\System32\EncDump.dll
2013-05-22 21:02 - 2012-10-11 07:44 - 00246272 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll
2013-05-22 21:02 - 2012-10-11 07:44 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\mssitlb.dll
2013-05-22 21:02 - 2012-10-11 07:06 - 00094208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2013-05-22 21:02 - 2012-10-11 07:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2013-05-22 21:02 - 2012-10-10 09:04 - 00094208 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2013-05-22 21:02 - 2012-10-10 08:31 - 00072192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-05-22 21:01 - 2013-04-11 08:40 - 06987528 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-05-22 21:01 - 2013-04-10 01:17 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-22 21:01 - 2013-04-10 01:17 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-22 21:01 - 2013-04-10 01:17 - 00915968 ____A (Microsoft Corporation) C:\Windows\System32\uxtheme.dll
2013-05-22 21:01 - 2013-04-10 01:17 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-22 21:01 - 2013-04-10 01:17 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-22 21:01 - 2013-04-10 01:16 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-22 21:01 - 2013-04-10 01:16 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-22 21:01 - 2013-04-10 00:30 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-22 21:01 - 2013-04-10 00:30 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-22 21:01 - 2013-04-10 00:29 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-22 21:01 - 2013-04-10 00:29 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-22 21:01 - 2013-04-10 00:29 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-22 21:01 - 2013-04-10 00:29 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-22 21:01 - 2013-02-21 12:29 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-22 21:01 - 2013-02-21 12:29 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-22 21:01 - 2013-02-21 12:29 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-22 21:01 - 2013-02-21 12:29 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-22 21:01 - 2013-02-21 12:14 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-22 21:01 - 2013-02-21 12:14 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-22 21:01 - 2013-02-19 11:53 - 00534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-05-22 21:01 - 2013-02-12 03:30 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-05-22 21:01 - 2013-02-12 02:56 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\UXInit.dll
2013-05-22 21:01 - 2013-01-29 03:57 - 00035232 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdBoot.sys
2013-05-22 21:01 - 2013-01-29 01:08 - 00230904 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdFilter.sys
2013-05-22 21:01 - 2013-01-04 07:32 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-22 21:01 - 2013-01-04 06:19 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-22 21:01 - 2012-11-26 06:21 - 00071168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2013-05-22 21:01 - 2012-11-26 06:20 - 00086016 ____A (Microsoft Corporation) C:\Windows\System32\ncryptsslp.dll
2013-05-22 21:01 - 2012-11-08 06:20 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-22 21:01 - 2012-11-08 06:20 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-22 21:00 - 2013-02-02 13:19 - 00496872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2013-05-22 21:00 - 2013-02-02 13:19 - 00446184 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2013-05-22 21:00 - 2013-02-02 13:19 - 00061672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\crashdmp.sys
2013-05-22 21:00 - 2013-02-02 12:54 - 01933544 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-05-22 21:00 - 2013-02-02 12:28 - 00993512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2013-05-22 21:00 - 2013-02-02 10:40 - 00410624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
2013-05-22 21:00 - 2013-02-02 10:40 - 00370688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2013-05-22 21:00 - 2013-02-02 10:40 - 00197632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2013-05-22 21:00 - 2013-02-02 10:40 - 00080896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tasklist.exe
2013-05-22 21:00 - 2013-02-02 10:40 - 00079360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\taskkill.exe
2013-05-22 21:00 - 2013-02-02 10:39 - 00157696 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2013-05-22 21:00 - 2013-02-02 10:39 - 00115712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-05-22 21:00 - 2013-02-02 10:39 - 00055296 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2013-05-22 21:00 - 2013-02-02 10:39 - 00018432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-05-22 21:00 - 2013-02-02 10:39 - 00015872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlmproxy.dll
2013-05-22 21:00 - 2013-02-02 10:39 - 00012288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlmsprep.dll
2013-05-22 21:00 - 2013-02-02 10:38 - 00567808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2013-05-22 21:00 - 2013-02-02 10:24 - 00107520 ____A (Microsoft Corporation) C:\Windows\System32\taskkill.exe
2013-05-22 21:00 - 2013-02-02 10:24 - 00102400 ____A (Microsoft Corporation) C:\Windows\System32\tasklist.exe
2013-05-22 21:00 - 2013-02-02 10:23 - 00731648 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-05-22 21:00 - 2013-02-02 10:23 - 00611840 ____A (Microsoft Corporation) C:\Windows\System32\wpd_ci.dll
2013-05-22 21:00 - 2013-02-02 10:23 - 00543232 ____A (Microsoft Corporation) C:\Windows\System32\wlroamextension.dll
2013-05-22 21:00 - 2013-02-02 10:23 - 00475136 ____A (Microsoft Corporation) C:\Windows\System32\WWanAPI.dll
2013-05-22 21:00 - 2013-02-02 10:23 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Connectivity.dll
2013-05-22 21:00 - 2013-02-02 10:23 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\wersvc.dll
2013-05-22 21:00 - 2013-02-02 10:21 - 00467456 ____A (Microsoft Corporation) C:\Windows\System32\netprofmsvc.dll
2013-05-22 21:00 - 2013-02-02 10:21 - 00385024 ____A (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2013-05-22 21:00 - 2013-02-02 10:21 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\mbsmsapi.dll
2013-05-22 21:00 - 2013-02-02 10:20 - 00729600 ____A (Microsoft Corporation) C:\Windows\System32\duser.dll
2013-05-22 21:00 - 2013-02-02 10:20 - 00260096 ____A (Microsoft Corporation) C:\Windows\System32\hotspotauth.dll
2013-05-22 21:00 - 2013-02-02 09:25 - 00297984 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2013-05-22 21:00 - 2013-02-02 09:25 - 00037632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BthAvrcpTg.sys
2013-05-22 21:00 - 2012-11-27 05:57 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BtaMPM.sys
2013-05-22 21:00 - 2012-11-27 05:55 - 00029952 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\BthhfHid.sys
2013-05-22 21:00 - 2012-11-20 06:56 - 00027136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2013-05-22 21:00 - 2012-11-03 07:26 - 00034816 ____A (Microsoft Corporation) C:\Windows\System32\dpnsvr.exe
2013-05-22 21:00 - 2012-11-03 07:26 - 00032256 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2013-05-22 21:00 - 2012-11-03 07:24 - 00463872 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2013-05-22 21:00 - 2012-11-03 07:24 - 00375808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-05-22 21:00 - 2012-11-03 07:24 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\dpnathlp.dll
2013-05-22 21:00 - 2012-11-03 07:24 - 00058880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2013-05-22 21:00 - 2012-11-03 07:24 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dpnhupnp.dll
2013-05-22 21:00 - 2012-11-03 07:24 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\dpnhpast.dll
2013-05-22 21:00 - 2012-11-03 07:24 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2013-05-22 21:00 - 2012-11-03 07:24 - 00008192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2013-05-22 21:00 - 2012-11-03 07:04 - 00004096 ____A (Microsoft Corporation) C:\Windows\System32\dpnlobby.dll
2013-05-22 21:00 - 2012-11-03 07:04 - 00003584 ____A (Microsoft Corporation) C:\Windows\System32\dpnaddr.dll
2013-05-22 21:00 - 2012-11-03 07:00 - 00003072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnlobby.dll
2013-05-22 21:00 - 2012-11-03 07:00 - 00002560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2013-05-22 21:00 - 2012-11-01 06:41 - 01802240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-05-22 21:00 - 2012-11-01 06:41 - 01438720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-05-22 21:00 - 2012-11-01 06:40 - 02361344 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2013-05-22 21:00 - 2012-11-01 06:40 - 01836032 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2013-05-22 21:00 - 2012-11-01 06:21 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml6r.dll
2013-05-22 21:00 - 2012-11-01 06:21 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2013-05-22 21:00 - 2012-11-01 06:20 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2013-05-22 21:00 - 2012-11-01 06:20 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2013-05-22 21:00 - 2012-10-24 05:25 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\pcalua.exe
2013-05-22 21:00 - 2012-10-24 05:24 - 00405504 ____A (Microsoft Corporation) C:\Windows\System32\pcasvc.dll
2013-05-22 21:00 - 2012-10-24 05:24 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\pcadm.dll
2013-05-22 21:00 - 2012-10-24 05:05 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\pcaevts.dll
2013-05-22 20:59 - 2013-03-22 05:49 - 02382336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2013-05-22 20:59 - 2013-03-22 00:47 - 02851840 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll
2013-05-22 20:59 - 2013-03-15 02:17 - 00861184 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\http.sys
2013-05-22 20:59 - 2013-03-06 09:10 - 00112872 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-22 20:59 - 2013-03-06 08:31 - 19758592 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-22 20:59 - 2013-03-06 08:31 - 00222208 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-22 20:59 - 2013-03-06 08:29 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-22 20:59 - 2013-03-06 07:03 - 17561600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-22 20:59 - 2013-03-06 07:03 - 00199168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-22 20:59 - 2013-03-02 10:23 - 00375808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2013-05-22 20:59 - 2013-03-02 04:44 - 01011200 ____A (Microsoft Corporation) C:\Windows\System32\reseteng.dll
2013-05-22 20:59 - 2013-02-12 02:17 - 00020992 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023x.sys
2013-05-22 20:59 - 2013-02-12 02:17 - 00020992 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-05-22 20:59 - 2013-02-06 00:29 - 00370688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2013-05-22 20:59 - 2013-02-06 00:28 - 00215552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2013-05-22 20:59 - 2013-02-02 07:41 - 01437184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2013-05-22 20:59 - 2013-02-02 07:31 - 01690624 ____A (Microsoft Corporation) C:\Windows\System32\GdiPlus.dll
2013-05-22 20:59 - 2012-12-16 10:28 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2013-05-22 20:59 - 2012-12-16 10:20 - 00035328 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-05-22 20:59 - 2012-12-16 10:08 - 00362496 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2013-05-22 20:59 - 2012-12-16 09:57 - 00300032 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-05-22 20:59 - 2012-12-15 06:55 - 00443392 ____A (Microsoft Corporation) C:\Windows\System32\ReAgent.dll
2013-05-22 20:59 - 2012-11-08 06:24 - 00075776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-05-22 20:59 - 2012-11-08 06:24 - 00010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-05-22 20:59 - 2012-11-08 06:20 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2013-05-22 20:59 - 2012-11-08 06:20 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2013-05-22 20:59 - 2012-11-08 06:02 - 00003072 ____A (Microsoft Corporation) C:\Windows\System32\lpk.dll
2013-05-22 20:59 - 2012-11-08 06:01 - 00003072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-05-22 20:59 - 2012-11-03 07:26 - 00132096 ____A (Microsoft Corporation) C:\Windows\System32\sysreset.exe
2013-05-22 20:59 - 2012-11-03 07:25 - 00945152 ____A (Microsoft Corporation) C:\Windows\System32\resetengmig.dll
2013-05-22 20:59 - 2012-10-24 05:25 - 00026624 ____A (Microsoft Corporation) C:\Windows\System32\ReAgentc.exe
2013-05-22 20:59 - 2012-10-24 04:48 - 00024064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2013-05-22 15:28 - 2013-05-22 15:28 - 00000000 ____D C:\sources
2013-05-22 15:13 - 2013-05-23 13:08 - 00000000 ____D C:\Program Files\Java
2013-05-22 15:13 - 2013-05-22 15:13 - 01092512 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-05-22 15:13 - 2013-05-22 15:13 - 00971680 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-05-22 15:13 - 2013-05-22 15:13 - 00311200 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-05-22 15:13 - 2013-05-22 15:13 - 00188832 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-05-22 15:13 - 2013-05-22 15:13 - 00188320 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-05-22 15:13 - 2013-05-22 15:13 - 00108448 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-05-22 15:13 - 2013-05-22 15:13 - 00000000 ____D C:\Program Files\7-Zip
2013-05-22 15:09 - 2013-06-07 14:09 - 00000000 ____D C:\Users\Heinz\AppData\Local\Paint.NET
2013-05-22 15:09 - 2013-05-22 15:14 - 00000000 ____D C:\Program Files\Paint.NET
2013-05-22 15:05 - 2013-05-26 11:12 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-05-22 14:59 - 2013-06-08 07:18 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Yontoo
2013-05-22 14:59 - 2013-05-22 14:59 - 00000000 ____D C:\Program Files (x86)\Yontoo
2013-05-22 14:53 - 2013-05-23 15:57 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-22 14:53 - 2013-05-22 14:53 - 00000000 ____D C:\Users\Heinz\AppData\Local\Microsoft Help
2013-05-22 14:51 - 2013-05-22 14:51 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-05-22 14:51 - 2013-05-22 14:51 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-05-22 14:51 - 2013-04-29 20:00 - 00112640 ____A C:\Windows\SysWOW64\ff_vfw.dll
2013-05-22 14:51 - 2013-03-17 18:21 - 03649536 ____A (x264vfw project) C:\Windows\SysWOW64\x264vfw.dll
2013-05-22 14:51 - 2012-06-09 19:21 - 00178688 ____A C:\Windows\SysWOW64\unrar.dll
2013-05-22 14:51 - 2011-12-21 19:14 - 00151552 ____A (fccHandler) C:\Windows\SysWOW64\ac3acm.acm
2013-05-22 14:51 - 2011-12-07 19:32 - 00216064 ____A ( ) C:\Windows\SysWOW64\lagarith.dll
2013-05-22 14:51 - 2011-06-24 16:44 - 00243200 ____A C:\Windows\SysWOW64\xvidvfw.dll
2013-05-22 14:51 - 2011-06-24 16:28 - 00650752 ____A C:\Windows\SysWOW64\xvidcore.dll
2013-05-22 14:50 - 2013-02-22 09:17 - 01490656 ____A (Microsoft Corporation) C:\Windows\System32\WdfCoInstaller01007.dll
2013-05-22 14:50 - 2013-02-22 09:17 - 00708168 ____A (Microsoft Corporation) C:\Windows\System32\WinUSBCoInstaller.dll
2013-05-22 14:49 - 2013-06-07 18:01 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-05-22 14:49 - 2013-06-06 11:06 - 00000000 ____D C:\ProgramData\Samsung
2013-05-22 14:49 - 2011-03-03 00:58 - 04659712 ____A (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2013-05-22 14:49 - 2011-03-03 00:57 - 00821824 ____A (Devguru Co., Ltd.) C:\Windows\SysWOW64\dgderapi.dll
2013-05-22 14:48 - 2013-05-22 14:48 - 00000000 ____D C:\Users\Heinz\AppData\Local\Downloaded Installations
2013-05-22 14:47 - 2013-05-26 13:38 - 00000000 ____D C:\ProgramData\Adobe
2013-05-22 14:45 - 2013-05-22 14:45 - 00000000 ___HD C:\Program Files (x86)\Creative Installation Information
2013-05-22 14:44 - 2010-07-22 17:46 - 00237056 ____A C:\Windows\System32\APOMgr64.DLL
2013-05-22 14:44 - 2010-07-22 17:45 - 00181760 ____A C:\Windows\SysWOW64\APOMngr.DLL
2013-05-22 14:44 - 2010-05-26 12:56 - 00044795 ___RA C:\Windows\System32\kschimp.ini
2013-05-22 14:44 - 2009-12-29 17:52 - 00089088 ____A C:\Windows\System32\CmdRtr64.DLL
2013-05-22 14:44 - 2009-12-29 17:50 - 00073728 ____A C:\Windows\SysWOW64\CmdRtr.DLL
2013-05-22 14:43 - 2013-05-22 14:45 - 00000286 __RAH C:\Windows\ctfile.rfc
2013-05-22 14:43 - 2010-07-30 03:35 - 01588608 ____A (Creative Technology Ltd.) C:\Windows\System32\Drivers\ksaud.sys
2013-05-22 14:43 - 2010-07-29 13:44 - 00262656 ____A (Creative Technology Ltd.) C:\Windows\System32\KSVSPI64.dll
2013-05-22 14:43 - 2010-07-29 13:44 - 00195584 ____A (Creative Technology Ltd.) C:\Windows\SysWOW64\KSVSPI32.dll
2013-05-22 14:43 - 2010-07-29 13:36 - 00115712 ____A (Creative Technology Ltd.) C:\Windows\System32\SBAVMon.dll
2013-05-22 14:43 - 2010-07-29 12:28 - 00057856 ____A (Creative Technology Ltd.) C:\Windows\System32\KSppld64.dll
2013-05-22 14:43 - 2010-07-29 12:27 - 00866816 ____A (Creative Technology Ltd.) C:\Windows\System32\KSAPO64.dll
2013-05-22 14:43 - 2010-07-29 12:26 - 00728576 ____A (Creative Technology Ltd.) C:\Windows\SysWOW64\KSAPO32.dll
2013-05-22 14:43 - 2010-07-22 12:13 - 00631428 ____A (Creative Technology Ltd) C:\Windows\KSAIM64.exe
2013-05-22 14:43 - 2010-07-08 03:42 - 00053760 ____A (Creative Technology Ltd.) C:\Windows\System32\KSPPCn64.dll
2013-05-22 14:43 - 2010-07-08 03:41 - 00074240 ____A (Creative Technology Ltd.) C:\Windows\System32\KSWrap64.dll
2013-05-22 14:43 - 2010-06-29 09:04 - 00001772 ____A C:\ProgramData\cfSB1095.ini
2013-05-22 14:43 - 2010-06-23 08:54 - 00012344 ____A C:\Windows\System32\MixerDefault.reg
2013-05-22 14:43 - 2010-05-26 12:56 - 00034637 ____A C:\Windows\System32\ksaud.ini
2013-05-22 14:43 - 2010-05-06 05:16 - 00067584 ____A (Creative Technology Ltd.) C:\Windows\System32\KSDGFX64.dll
2013-05-22 14:43 - 2009-11-11 07:43 - 00235520 ____A (Creative Technology Limited) C:\Windows\System32\KsDvInst.dll
2013-05-22 14:43 - 2009-11-10 04:42 - 00479232 ____A (Creative Technology Ltd.) C:\Windows\System32\JDetect.exe
2013-05-22 14:43 - 2009-05-26 09:59 - 00026768 ___RA C:\Windows\ksaudENG.reg
2013-05-22 14:43 - 2007-07-05 04:27 - 00002630 ___RA C:\Windows\MixerName.reg
2013-05-22 14:42 - 2013-05-23 11:11 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Creative
2013-05-22 14:42 - 2013-05-22 14:42 - 00466520 ____A (Creative Labs) C:\Windows\System32\wrap_oal.dll
2013-05-22 14:42 - 2013-05-22 14:42 - 00445016 ____A (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2013-05-22 14:42 - 2013-05-22 14:42 - 00123480 ____A (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\System32\OpenAL32.dll
2013-05-22 14:42 - 2013-05-22 14:42 - 00109144 ____A (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2013-05-22 14:42 - 2010-06-09 18:46 - 01940992 ____N (Creative) C:\Windows\System32\Sens_oal.dll
2013-05-22 14:42 - 2010-06-09 18:43 - 02902496 ____N (Creative) C:\Windows\SysWOW64\Sens_oal.dll
2013-05-22 14:42 - 2009-12-24 04:49 - 00809560 ___RA (Creative Labs Inc.) C:\Windows\SysWOW64\tmp3939.tmp
2013-05-22 14:42 - 2009-12-24 04:49 - 00809560 ___RA (Creative Labs Inc.) C:\Windows\SysWOW64\tmp3929.tmp
2013-05-22 14:41 - 2010-06-14 15:00 - 00005594 ____N C:\Windows\System32\CTOPT399.cat
2013-05-22 14:41 - 2010-06-14 14:55 - 00005498 ____N C:\Windows\SysWOW64\CTOPT399.cat
2013-05-22 14:41 - 2010-05-08 18:20 - 00079360 ____N (Creative Technology Ltd) C:\Windows\SysWOW64\CTOPT399.dll
2013-05-22 14:41 - 2010-05-08 18:19 - 00088576 ____N (Creative Technology Ltd) C:\Windows\System32\CTOPT399.dll
2013-05-22 14:41 - 2008-12-22 21:13 - 00061440 ____N (Creative Technology Ltd) C:\Windows\SysWOW64\CTChkAud.dll
2013-05-22 14:41 - 2008-12-22 21:13 - 00049664 ____N (Creative Technology Ltd) C:\Windows\System32\CTChkAud.dll
2013-05-22 14:41 - 2006-12-05 14:53 - 00042496 ____N (Creative Technology Ltd.) C:\Windows\SysWOW64\AddCat.exe
2013-05-22 14:41 - 2006-12-05 14:53 - 00042496 ____N (Creative Technology Ltd.) C:\Windows\System32\AddCat.exe
2013-05-22 14:41 - 2006-10-06 08:17 - 00053248 ____N (Creative Technology Ltd ) C:\Windows\Ctregrun.exe
2013-05-22 14:41 - 2000-05-22 10:58 - 00647872 ____N (Microsoft Corporation) C:\Windows\SysWOW64\Mscomct2.ocx
2013-05-22 14:40 - 2003-06-13 00:25 - 00007062 ____A C:\Windows\SysWOW64\audiopid.vxd
2013-05-22 14:34 - 2013-05-22 14:45 - 00000000 ____D C:\Program Files\Creative
2013-05-22 14:33 - 2013-05-22 14:45 - 00000000 ____D C:\Program Files (x86)\Creative
2013-05-22 14:30 - 2013-05-22 14:31 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Nero
2013-05-22 14:30 - 2012-06-09 19:21 - 00206336 ____A C:\Windows\System32\unrar64.dll
2013-05-22 14:30 - 2011-12-07 19:37 - 00148992 ____A ( ) C:\Windows\System32\lagarith.dll
2013-05-22 14:29 - 2013-05-22 14:30 - 00000000 ____D C:\Program Files\K-Lite Codec Pack x64
2013-05-22 14:28 - 2013-05-22 14:30 - 00000000 ____D C:\Users\Heinz\AppData\Local\Nero
2013-05-22 14:15 - 2013-05-22 14:15 - 00000355 ____A C:\Users\Heinz\Desktop\Computer.lnk
2013-05-22 14:14 - 2013-06-08 02:44 - 00000000 ___SD C:\Users\Heinz\Google Drive
2013-05-22 14:14 - 2013-05-22 14:14 - 00000000 ____D C:\Program Files\Classic Shell
2013-05-22 14:12 - 2013-05-22 14:12 - 00000000 ____D C:\Users\Heinz\AppData\LocalGoogle
2013-05-22 14:10 - 2013-05-22 14:10 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-05-22 14:10 - 2013-05-09 10:59 - 01025808 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-05-22 14:10 - 2013-05-09 10:59 - 00378432 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-05-22 14:10 - 2013-05-09 10:59 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-05-22 14:10 - 2013-05-09 10:59 - 00080816 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-05-22 14:10 - 2013-05-09 10:59 - 00072016 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2013-05-22 14:10 - 2013-05-09 10:59 - 00065336 ____A C:\Windows\System32\Drivers\aswRvrt.sys
2013-05-22 14:10 - 2013-05-09 10:59 - 00064288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-05-22 14:10 - 2013-05-09 10:59 - 00033400 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-05-22 14:10 - 2013-05-09 10:58 - 00287840 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-05-22 14:09 - 2013-05-22 14:09 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-05-22 14:09 - 2013-05-22 14:09 - 00000000 ____D C:\Program Files\CCleaner
2013-05-22 14:09 - 2013-05-22 14:09 - 00000000 ____D C:\Program Files\AVAST Software
2013-05-22 14:09 - 2013-05-09 10:58 - 00041664 ____A (AVAST Software) C:\Windows\avastSS.scr
2013-05-22 14:07 - 2013-05-22 14:09 - 00000000 ____D C:\ProgramData\AVAST Software
2013-05-21 20:49 - 2013-05-23 11:10 - 00000000 ____D C:\Users\Heinz\AppData\Local\TOSHIBA
2013-05-21 20:49 - 2013-05-21 20:49 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\ATI
2013-05-21 20:49 - 2013-05-21 20:49 - 00000000 ____D C:\Users\Heinz\AppData\Local\ATI
2013-05-21 20:48 - 2013-06-08 11:53 - 00001136 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-05-21 20:47 - 2013-06-07 19:52 - 00001132 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-05-21 20:47 - 2013-05-31 13:57 - 00000000 ____D C:\Users\Heinz\AppData\Local\Google
2013-05-21 20:47 - 2013-05-22 14:12 - 00000000 ____D C:\Program Files (x86)\Google
2013-05-21 20:47 - 2013-05-21 20:47 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Macromedia
2013-05-21 20:47 - 2013-05-21 20:47 - 00000000 ____D C:\Users\Heinz\AppData\Local\Deployment
2013-05-21 20:47 - 2013-05-21 20:47 - 00000000 ____D C:\Users\Heinz\AppData\Local\Apps\2.0
2013-05-21 20:44 - 2013-05-21 20:44 - 00000000 ____D C:\Users\Heinz\AppData\Local\SRS Labs
2013-05-21 20:44 - 2013-05-21 20:44 - 00000000 ____D C:\ProgramData\ToshibaEurope
2013-05-21 20:43 - 2013-05-24 13:45 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Adobe
2013-05-21 20:42 - 2013-06-07 22:01 - 01500003 ____A C:\Windows\WindowsUpdate.log
2013-05-21 20:42 - 2013-06-05 13:28 - 00000000 ____D C:\Users\Heinz\AppData\Local\Packages
2013-05-21 20:42 - 2013-05-21 20:42 - 00000000 ____D C:\Users\Heinz\AppData\Local\VirtualStore
2013-05-21 20:41 - 2013-05-24 11:41 - 00000000 ____D C:\users\Heinz
2013-05-21 20:41 - 2013-05-21 20:41 - 00000020 ___SH C:\Users\Heinz\ntuser.ini

==================== One Month Modified Files and Folders =======

2013-06-08 12:39 - 2013-06-08 12:39 - 00000000 ____D C:\FRST
2013-06-08 12:02 - 2013-05-31 13:57 - 00000956 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2594244226-710932845-2937545045-1001UA.job
2013-06-08 12:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\sru
2013-06-08 11:53 - 2013-05-21 20:48 - 00001136 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-08 07:18 - 2013-05-22 14:59 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Yontoo
2013-06-08 02:44 - 2013-05-22 14:14 - 00000000 ___SD C:\Users\Heinz\Google Drive
2013-06-07 22:01 - 2013-05-21 20:42 - 01500003 ____A C:\Windows\WindowsUpdate.log
2013-06-07 19:52 - 2013-05-21 20:47 - 00001132 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-07 18:43 - 2012-07-26 09:22 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-07 18:20 - 2013-05-23 12:20 - 00133120 __ASH C:\Users\Heinz\Desktop\Thumbs.db
2013-06-07 18:10 - 2013-05-23 14:40 - 00007600 ____A C:\Users\Heinz\AppData\Local\Resmon.ResmonCfg
2013-06-07 18:08 - 2013-06-07 13:02 - 00000000 ____D C:\Windows\Minidump
2013-06-07 18:08 - 2013-05-23 12:23 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Media Player Classic
2013-06-07 18:08 - 2012-11-14 19:56 - 00000000 ____D C:\Windows\Panther
2013-06-07 18:01 - 2013-06-07 18:01 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Malwarebytes
2013-06-07 18:01 - 2013-06-07 18:01 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-06-07 18:01 - 2013-06-07 18:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-07 18:01 - 2013-05-22 14:49 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-06-07 18:01 - 2012-11-13 19:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-06-07 17:28 - 2012-07-26 09:28 - 00848230 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-07 14:09 - 2013-05-22 15:09 - 00000000 ____D C:\Users\Heinz\AppData\Local\Paint.NET
2013-06-07 14:01 - 2013-05-31 13:56 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2594244226-710932845-2937545045-1001Core.job
2013-06-07 11:09 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\BBI
2013-06-06 23:11 - 2013-06-06 23:11 - 00000000 ____D C:\Windows\LastGood.Tmp
2013-06-06 22:39 - 2013-05-24 22:46 - 00354840 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-06 11:09 - 2013-06-06 11:09 - 00000000 ____D C:\Program Files (x86)\Samsung Magician
2013-06-06 11:09 - 2013-06-06 11:06 - 00001114 ____A C:\Users\Public\Desktop\Samsung Magician.lnk
2013-06-06 11:06 - 2013-05-22 14:49 - 00000000 ____D C:\ProgramData\Samsung
2013-06-05 13:28 - 2013-05-21 20:42 - 00000000 ____D C:\Users\Heinz\AppData\Local\Packages
2013-06-05 11:10 - 2013-06-05 11:10 - 00000000 ____D C:\ProgramData\Synaptics
2013-06-04 09:15 - 2013-06-04 09:15 - 00203672 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
2013-06-04 09:15 - 2013-06-04 09:15 - 00103448 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys
2013-06-04 08:27 - 2013-06-04 08:27 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Unified Remote
2013-06-04 08:27 - 2013-06-04 08:27 - 00000000 ____D C:\Program Files (x86)\Unified Remote
2013-06-04 06:42 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-06-03 13:23 - 2013-05-26 11:07 - 00000048 ____A C:\Users\Heinz\Desktop\W8.txt
2013-06-02 15:34 - 2013-06-02 15:34 - 00001055 ____A C:\Users\Heinz\Desktop\eclipse.lnk
2013-06-01 16:51 - 2013-06-01 16:51 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-05-31 13:57 - 2013-05-21 20:47 - 00000000 ____D C:\Users\Heinz\AppData\Local\Google
2013-05-26 16:14 - 2013-05-26 16:14 - 00000000 ____D C:\ProgramData\TOSHIBA Tempro
2013-05-26 16:14 - 2013-05-26 16:14 - 00000000 ____D C:\ProgramData\IsolatedStorage
2013-05-26 13:38 - 2013-05-22 14:47 - 00000000 ____D C:\ProgramData\Adobe
2013-05-26 12:48 - 2013-05-26 12:48 - 00000000 ____D C:\Program Files (x86)\XMedia Recode
2013-05-26 11:12 - 2013-05-22 15:05 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-05-25 22:10 - 2013-05-25 22:10 - 00000000 ____D C:\Program Files\DIFX
2013-05-25 01:41 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-05-24 22:32 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2013-05-24 13:45 - 2013-05-24 13:45 - 00000000 ____D C:\Users\Heinz\AppData\Local\Adobe
2013-05-24 13:45 - 2013-05-21 20:43 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Adobe
2013-05-24 11:41 - 2013-05-21 20:41 - 00000000 ____D C:\users\Heinz
2013-05-24 11:38 - 2013-05-23 13:13 - 00000000 ____D C:\Users\Heinz\.android
2013-05-23 16:48 - 2013-05-23 16:02 - 00000000 ____D C:\Windows\AutoKMS
2013-05-23 16:19 - 2013-05-23 16:19 - 00001628 ____A C:\Users\Heinz\Desktop\Medien_Generator.lnk
2013-05-23 16:18 - 2013-05-23 16:18 - 00001520 ____A C:\Users\Heinz\Desktop\Medien.lnk
2013-05-23 16:00 - 2013-05-23 16:00 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2013-05-23 15:57 - 2013-05-22 14:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-05-23 15:53 - 2013-05-23 15:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-23 15:51 - 2013-05-23 15:51 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2013-05-23 15:51 - 2013-05-23 15:51 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2013-05-23 15:51 - 2013-05-23 15:50 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2013-05-23 15:51 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-05-23 15:50 - 2013-05-23 15:50 - 00000000 ____D C:\Windows\PCHEALTH
2013-05-23 15:50 - 2013-05-23 15:48 - 00000000 ____D C:\Program Files\Microsoft Office
2013-05-23 15:48 - 2013-05-23 15:48 - 00000000 __RHD C:\MSOCache
2013-05-23 15:48 - 2013-05-23 15:48 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2013-05-23 15:48 - 2013-05-23 15:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2013-05-23 15:48 - 2013-05-23 15:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2013-05-23 15:48 - 2012-07-26 09:52 - 00000000 ____D C:\Windows\ShellNew
2013-05-23 15:36 - 2013-05-23 15:36 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\WinRAR
2013-05-23 14:59 - 2013-05-23 14:59 - 00000956 ____A C:\Users\Heinz\Desktop\Dubstep.lnk
2013-05-23 14:22 - 2013-05-23 14:22 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Auslogics
2013-05-23 14:22 - 2013-05-23 14:22 - 00000000 ____D C:\Program Files (x86)\Auslogics
2013-05-23 13:08 - 2013-05-22 15:13 - 00000000 ____D C:\Program Files\Java
2013-05-23 12:20 - 2013-05-23 12:20 - 00000640 ____A C:\Users\Heinz\Desktop\Thomas.lnk
2013-05-23 12:16 - 2013-05-23 12:16 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2013-05-23 12:13 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\NDF
2013-05-23 11:38 - 2013-05-23 11:38 - 00000000 ___HD C:\ProgramData\CanonBJ
2013-05-23 11:38 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\spool
2013-05-23 11:11 - 2013-05-22 14:42 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Creative
2013-05-23 11:10 - 2013-05-23 11:10 - 00000000 ____D C:\ProgramData\Creative
2013-05-23 11:10 - 2013-05-21 20:49 - 00000000 ____D C:\Users\Heinz\AppData\Local\TOSHIBA
2013-05-23 11:09 - 2013-05-23 04:49 - 00000000 ___RD C:\Windows\BrowserChoice
2013-05-23 11:09 - 2012-11-13 19:14 - 00000000 ____D C:\ProgramData\PRICache
2013-05-23 04:52 - 2012-11-13 19:52 - 00000000 ____D C:\Program Files\mcafee.com
2013-05-23 04:49 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\oobe
2013-05-23 04:47 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-05-23 04:46 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-05-23 04:46 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-05-23 04:45 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-05-23 04:45 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-05-23 04:45 - 2012-07-26 09:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-05-23 04:44 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2013-05-23 04:44 - 2012-07-26 09:49 - 00000000 ____D C:\Windows\SysWOW64\winrm
2013-05-23 04:44 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-05-23 04:43 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-05-23 04:43 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-05-23 04:43 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\Com
2013-05-23 04:43 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\migwiz
2013-05-23 04:43 - 2012-07-26 09:49 - 00000000 ____D C:\Windows\SysWOW64\WCN
2013-05-23 04:43 - 2012-07-26 09:49 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2013-05-23 04:43 - 2012-07-26 09:49 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2013-05-23 04:43 - 2012-07-26 09:49 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2013-05-23 04:43 - 2012-07-26 09:49 - 00000000 ____D C:\Windows\System32\winrm
2013-05-23 04:43 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-05-23 04:40 - 2012-07-26 09:49 - 00000000 ____D C:\Windows\System32\WCN
2013-05-23 04:40 - 2012-07-26 09:49 - 00000000 ____D C:\Windows\System32\slmgr
2013-05-23 04:40 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Sysprep
2013-05-23 04:40 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\System32\Dism
2013-05-23 04:39 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\SystemResetPlatform
2013-05-23 04:39 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\Com
2013-05-23 04:39 - 2012-07-26 09:49 - 00000000 ____D C:\Windows\System32\Printing_Admin_Scripts
2013-05-22 15:58 - 2012-11-13 19:52 - 00000000 ____D C:\ProgramData\McAfee
2013-05-22 15:57 - 2012-11-13 19:52 - 00000000 ____D C:\Program Files\Common Files\mcafee
2013-05-22 15:53 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2013-05-22 15:28 - 2013-05-22 15:28 - 00000000 ____D C:\sources
2013-05-22 15:14 - 2013-05-22 15:09 - 00000000 ____D C:\Program Files\Paint.NET
2013-05-22 15:13 - 2013-05-22 15:13 - 01092512 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-05-22 15:13 - 2013-05-22 15:13 - 00971680 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-05-22 15:13 - 2013-05-22 15:13 - 00311200 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-05-22 15:13 - 2013-05-22 15:13 - 00188832 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-05-22 15:13 - 2013-05-22 15:13 - 00188320 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-05-22 15:13 - 2013-05-22 15:13 - 00108448 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-05-22 15:13 - 2013-05-22 15:13 - 00000000 ____D C:\Program Files\7-Zip
2013-05-22 14:59 - 2013-05-22 14:59 - 00000000 ____D C:\Program Files (x86)\Yontoo
2013-05-22 14:53 - 2013-05-22 14:53 - 00000000 ____D C:\Users\Heinz\AppData\Local\Microsoft Help
2013-05-22 14:51 - 2013-05-22 14:51 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-05-22 14:51 - 2013-05-22 14:51 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-05-22 14:48 - 2013-05-22 14:48 - 00000000 ____D C:\Users\Heinz\AppData\Local\Downloaded Installations
2013-05-22 14:45 - 2013-05-22 14:45 - 00000000 ___HD C:\Program Files (x86)\Creative Installation Information
2013-05-22 14:45 - 2013-05-22 14:43 - 00000286 __RAH C:\Windows\ctfile.rfc
2013-05-22 14:45 - 2013-05-22 14:34 - 00000000 ____D C:\Program Files\Creative
2013-05-22 14:45 - 2013-05-22 14:33 - 00000000 ____D C:\Program Files (x86)\Creative
2013-05-22 14:42 - 2013-05-22 14:42 - 00466520 ____A (Creative Labs) C:\Windows\System32\wrap_oal.dll
2013-05-22 14:42 - 2013-05-22 14:42 - 00445016 ____A (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2013-05-22 14:42 - 2013-05-22 14:42 - 00123480 ____A (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\System32\OpenAL32.dll
2013-05-22 14:42 - 2013-05-22 14:42 - 00109144 ____A (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2013-05-22 14:31 - 2013-05-22 14:30 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Nero
2013-05-22 14:30 - 2013-05-22 14:29 - 00000000 ____D C:\Program Files\K-Lite Codec Pack x64
2013-05-22 14:30 - 2013-05-22 14:28 - 00000000 ____D C:\Users\Heinz\AppData\Local\Nero
2013-05-22 14:15 - 2013-05-22 14:15 - 00000355 ____A C:\Users\Heinz\Desktop\Computer.lnk
2013-05-22 14:14 - 2013-05-22 14:14 - 00000000 ____D C:\Program Files\Classic Shell
2013-05-22 14:12 - 2013-05-22 14:12 - 00000000 ____D C:\Users\Heinz\AppData\LocalGoogle
2013-05-22 14:12 - 2013-05-21 20:47 - 00000000 ____D C:\Program Files (x86)\Google
2013-05-22 14:11 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-05-22 14:10 - 2013-05-22 14:10 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-05-22 14:09 - 2013-05-22 14:09 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-05-22 14:09 - 2013-05-22 14:09 - 00000000 ____D C:\Program Files\CCleaner
2013-05-22 14:09 - 2013-05-22 14:09 - 00000000 ____D C:\Program Files\AVAST Software
2013-05-22 14:09 - 2013-05-22 14:07 - 00000000 ____D C:\ProgramData\AVAST Software
2013-05-22 05:56 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System32\restore
2013-05-22 00:49 - 2012-07-26 07:26 - 00262144 __ASH C:\Windows\System32\config\ELAM
2013-05-21 20:49 - 2013-05-21 20:49 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\ATI
2013-05-21 20:49 - 2013-05-21 20:49 - 00000000 ____D C:\Users\Heinz\AppData\Local\ATI
2013-05-21 20:47 - 2013-05-21 20:47 - 00000000 ____D C:\Users\Heinz\AppData\Roaming\Macromedia
2013-05-21 20:47 - 2013-05-21 20:47 - 00000000 ____D C:\Users\Heinz\AppData\Local\Deployment
2013-05-21 20:47 - 2013-05-21 20:47 - 00000000 ____D C:\Users\Heinz\AppData\Local\Apps\2.0
2013-05-21 20:45 - 2012-11-13 19:46 - 00000000 ____D C:\ProgramData\Toshiba
2013-05-21 20:44 - 2013-05-21 20:44 - 00000000 ____D C:\Users\Heinz\AppData\Local\SRS Labs
2013-05-21 20:44 - 2013-05-21 20:44 - 00000000 ____D C:\ProgramData\ToshibaEurope
2013-05-21 20:42 - 2013-05-21 20:42 - 00000000 ____D C:\Users\Heinz\AppData\Local\VirtualStore
2013-05-21 20:41 - 2013-05-21 20:41 - 00000020 ___SH C:\Users\Heinz\ntuser.ini
2013-05-09 10:59 - 2013-05-22 14:10 - 01025808 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-05-09 10:59 - 2013-05-22 14:10 - 00378432 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-05-09 10:59 - 2013-05-22 14:10 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-05-09 10:59 - 2013-05-22 14:10 - 00080816 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-05-09 10:59 - 2013-05-22 14:10 - 00072016 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2013-05-09 10:59 - 2013-05-22 14:10 - 00065336 ____A C:\Windows\System32\Drivers\aswRvrt.sys
2013-05-09 10:59 - 2013-05-22 14:10 - 00064288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-05-09 10:59 - 2013-05-22 14:10 - 00033400 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-05-09 10:58 - 2013-05-22 14:10 - 00287840 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-05-09 10:58 - 2013-05-22 14:09 - 00041664 ____A (AVAST Software) C:\Windows\avastSS.scr

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-02 03:00

==================== End Of Log ============================
         

Alt 08.06.2013, 12:41   #14
Trancegott
 
Windows System immer bei 20% Systemauslastung, Virus vermutet - Standard

Windows System immer bei 20% Systemauslastung, Virus vermutet



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-06-2013
Ran by Thomas Terpelle at 2013-06-08 12:40:06 Run:
Running from E:\Thomas\Downloads\Setups
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Adobe Reader XI (11.0.03) - Deutsch (Version: 11.0.03)
Aloha TriPeaks (Version: 2.2.0.98)
AMD Accelerated Video Transcoding (Version: 12.5.100.20918)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
Atheros Bluetooth Filter Driver Package (Version: 2.0.0.3)
Atheros Driver Installation Program (Version: 10.0)
Auslogics Disk Defrag (Version: 3.6)
avast! Free Antivirus (Version: 8.0.1489.0)
Bejeweled 3 (Version: 2.2.0.98)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2012.0918.260.3365)
Catalyst Control Center Graphics Previews Common (Version: 2012.0918.260.3365)
Catalyst Control Center InstallProxy (Version: 2012.0918.260.3365)
Catalyst Control Center Localization All (Version: 2012.0918.260.3365)
CCC Help Chinese Standard (Version: 2012.0918.0259.3365)
CCC Help Chinese Traditional (Version: 2012.0918.0259.3365)
CCC Help Czech (Version: 2012.0918.0259.3365)
CCC Help Danish (Version: 2012.0918.0259.3365)
CCC Help Dutch (Version: 2012.0918.0259.3365)
CCC Help English (Version: 2012.0918.0259.3365)
CCC Help Finnish (Version: 2012.0918.0259.3365)
CCC Help French (Version: 2012.0918.0259.3365)
CCC Help German (Version: 2012.0918.0259.3365)
CCC Help Greek (Version: 2012.0918.0259.3365)
CCC Help Hungarian (Version: 2012.0918.0259.3365)
CCC Help Italian (Version: 2012.0918.0259.3365)
CCC Help Japanese (Version: 2012.0918.0259.3365)
CCC Help Korean (Version: 2012.0918.0259.3365)
CCC Help Norwegian (Version: 2012.0918.0259.3365)
CCC Help Polish (Version: 2012.0918.0259.3365)
CCC Help Portuguese (Version: 2012.0918.0259.3365)
CCC Help Russian (Version: 2012.0918.0259.3365)
CCC Help Spanish (Version: 2012.0918.0259.3365)
CCC Help Swedish (Version: 2012.0918.0259.3365)
CCC Help Thai (Version: 2012.0918.0259.3365)
CCC Help Turkish (Version: 2012.0918.0259.3365)
ccc-utility64 (Version: 2012.0918.260.3365)
CCleaner (Version: 4.01)
Chuzzle Deluxe (Version: 2.2.0.95)
Classic Shell (Version: 3.6.7)
Creative System Information (Version: 1.10)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition
Dolby Digital Live Pack (Version: 3.01)
Empress of the Deep - The Darkest Secret (Version: 2.2.0.98)
Google Chrome (Version: 27.0.1453.110)
Google Drive (Version: 1.9.4536.8202)
Google Update Helper (Version: 1.3.21.145)
Intel AppUp(SM) center (Version: 3.6.1.33268.15)
Intel(R) Management Engine Components (Version: 8.1.0.1252)
Intel(R) Rapid Storage Technology (Version: 11.5.2.1001)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Island Tribe (Version: 2.2.0.98)
Java 7 Update 21 (64-bit) (Version: 7.0.210)
JDownloader 0.9 (Version: 0.9)
Jewel Quest Solitaire 2 (Version: 2.2.0.98)
K-Lite Codec Pack 9.9.0 (64-bit) (Version: 9.9.0)
K-Lite Mega Codec Pack 9.9.0 (Version: 9.9.0)
Magic Academy (Version: 2.2.0.98)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017)
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017)
Music Manager
Nero 12 Essentials Toshiba (Version: 12.0.00600)
Nero BackItUp (Version: 12.0.3000)
Nero BackItUp Help (CHM) (Version: 12.0.3000)
Nero Blu-ray Player (Version: 12.0.17500)
Nero Blu-ray Player Help (CHM) (Version: 12.0.4000)
Nero BurnRights (Version: 12.0.5000)
Nero BurnRights Help (CHM) (Version: 12.0.5000)
Nero ControlCenter (Version: 11.0.15300)
Nero ControlCenter Help (CHM) (Version: 12.0.5000)
Nero Core Components (Version: 11.0.18200)
Nero Express (Version: 12.0.20000)
Nero Express Help (CHM) (Version: 12.0.5000)
Nero Kwik Media (Version: 1.18.18900)
Nero Kwik Media Help (CHM) (Version: 12.0.4000)
Nero Kwik Themes Basic (Version: 12.0.11500)
Nero Launcher (Version: 12.2.6000)
Nero RescueAgent (Version: 12.0.9000)
Nero RescueAgent Help (CHM) (Version: 12.0.3000)
Nero SharedVideoCodecs (Version: 1.0.12100.2.0)
Nero Update (Version: 11.0.11800.31.0)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017)
Paint.NET v3.5.10 (Version: 3.60.0)
Peggle Nights (Version: 2.2.0.98)
Plants vs. Zombies - Game of the Year (Version: 2.2.0.98)
Polar Bowler (Version: 2.2.0.97)
Premium Sound HD (Version: 1.12.5000)
Prerequisite installer (Version: 12.0.0002)
Realtek Ethernet Controller Driver (Version: 8.3.730.2012)
Realtek High Definition Audio Driver (Version: 6.0.1.6738)
Realtek USB 2.0 Card Reader (Version: 6.1.8400.30136)
Samsung Kies (Version: 2.5.3.13034_9)
Samsung Magician (Version: 4.1.0)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.22.0)
Shared C Run-time for x64 (Version: 10.0.0)
Sound Blaster X-Fi Surround 5.1 Pro (Version: 1.0)
Synaptics Pointing Device Driver (Version: 16.2.10.5)
TOSHIBA Desktop Assist (Version: 1.00.08.6402)
TOSHIBA eco Utility (Version: 2.0.0.6415)
TOSHIBA Function Key (Version: 1.00.6626.6406)
TOSHIBA Manuals (Version: 10.10)
Toshiba Password Utility (Version: 2.00.972)
TOSHIBA PC Health Monitor (Version: 1.8.17.640104)
TOSHIBA Recovery Media Creator (Version: 2.2.1.54043006)
TOSHIBA Resolution+ Plug-in for Windows Media Player (Version: 1.2.2.00)
TOSHIBA Service Station (Version: 2.4.4)
TOSHIBA System Driver (Version: 1.00.0015)
TOSHIBA System Settings (Version: 1.00.0002.32002)
Toshiba TEMPRO (Version: 4.2.2)
TOSHIBA VIDEO PLAYER (Version: 5.1.0.12-A)
Unified Remote (Version: 2.8.1.0)
Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition
Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2768004) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726961) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition
Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752025) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752094) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752101) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760343) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition
Update for Microsoft Office 2013 (KB2767860) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768333) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768349) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768355) 64-Bit Edition
Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2760334) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2768011) 64-Bit Edition
Update for Microsoft Outlook 2013 (KB2810015) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2727013) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2810019) 64-Bit Edition
Update for Microsoft Visio 2013 (KB2810008) 64-Bit Edition
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition
Update for Microsoft Word 2013 (KB2752073) 64-Bit Edition
Update for Microsoft Word 2013 (KB2768007) 64-Bit Edition
Update for Microsoft Word 2013 (KB2768337) 64-Bit Edition
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life (Version: 2.2.0.98)
Welcome App (Start-up experience) (Version: 12.0.14000)
WildTangent Games (Version: 1.0.3.0)
WildTangent Games App (Toshiba Games) (Version: 4.0.9.7)
Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net  (03/11/2013 10.0.0.234) (Version: 03/11/2013 10.0.0.234)
Windows Driver Package - Qualcomm Atheros Communications Inc. Net  (03/11/2013 10.0.0.234) (Version: 03/11/2013 10.0.0.234)
XMedia Recode version 3.1.6.0 (Version: 3.1.6.0)
Yontoo 2.053 (Version: 2.053)

==================== Restore Points  =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/08/2013 03:06:42 AM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80070422).

Error: (06/07/2013 06:43:31 PM) (Source: ESENT) (User: )
Description: taskhostex (2080) WebCacheLocal: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Users\Heinz\AppData\Local\Microsoft\Windows\WebCache\V010000D.log.

Error: (06/07/2013 06:01:35 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\Users\Heinz\AppData\Local\Temp\{83B65863-2DD4-4E7E-BCEB-0745C73A3EB8}\setup.exe -removeonly /z "UNINSTALL" -media_path:"C:\Program Files (x86)\InstallShield Installation Information\{D4DE3DB4-7734-47E5-8D92-B80146311406}\" -tempdisk1folder:"C:\Users\Heinz\AppData\Local\Temp\{83B65863-2DD4-4E7E-BCEB-0745C73A3EB8}\"; Description = Removed Samsung Data Migration; Error = 0x80070422).

Error: (06/07/2013 01:29:59 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.18046 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 5764.  Message ID: [0x2509].

Error: (06/07/2013 01:21:20 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.18046 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 6608.  Message ID: [0x2509].

Error: (06/07/2013 01:18:06 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.18046 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 6288.  Message ID: [0x2509].

Error: (06/07/2013 01:16:58 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.18046 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 1064.  Message ID: [0x2509].

Error: (06/07/2013 01:14:11 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.18046 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 3348.  Message ID: [0x2509].

Error: (06/07/2013 01:03:50 PM) (Source: ESENT) (User: )
Description: SearchIndexer (4228) Windows: The database engine stopped the instance (0) with error (-510).



Internal Timing Sequence: [1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.016, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000, [11] 0.000, [12] 0.000, [13] 0.000, [14] 0.000, [15] 0.000.

Error: (06/07/2013 01:03:50 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


Details:
	The content index catalog is corrupt.   0xc0041801 (0xc0041801)


System errors:
=============
Error: (06/07/2013 06:43:27 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (06/07/2013 02:18:31 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Boot Delay Start Service service failed to start due to the following error: 
%%2

Error: (06/07/2013 02:18:27 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (06/07/2013 02:12:45 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Boot Delay Start Service service failed to start due to the following error: 
%%2

Error: (06/07/2013 02:12:42 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (06/07/2013 01:26:20 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Boot Delay Start Service service failed to start due to the following error: 
%%2

Error: (06/07/2013 01:26:17 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT AUTHORITY)
Description: 0xc000014d0

Error: (06/07/2013 01:02:43 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Boot Delay Start Service service failed to start due to the following error: 
%%2

Error: (06/07/2013 01:02:42 PM) (Source: BugCheck) (User: )
Description: 0x00000024 (0x000000b50019060b, 0xfffff8801aa2faf8, 0xfffff8801aa2f330, 0xfffff88001858b7c)C:\windows\MEMORY.DMP060713-4875-01

Error: (06/07/2013 01:02:41 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:49:52 PM on ?6/?7/?2013 was unexpected.


Microsoft Office Sessions:
=========================
Error: (06/08/2013 03:06:42 AM) (Source: System Restore)(User: )
Description: C:\windows\system32\srtasks.exe ExecuteScheduledSPPCreationScheduled Checkpoint0x80070422

Error: (06/07/2013 06:43:31 PM) (Source: ESENT)(User: )
Description: taskhostex2080WebCacheLocal: C:\Users\Heinz\AppData\Local\Microsoft\Windows\WebCache\V010000D.log-1811 (0xfffff8ed)

Error: (06/07/2013 06:01:35 PM) (Source: System Restore)(User: )
Description: C:\Users\Heinz\AppData\Local\Temp\{83B65863-2DD4-4E7E-BCEB-0745C73A3EB8}\setup.exe -removeonly /z "UNINSTALL" -media_path:"C:\Program Files (x86)\InstallShield Installation Information\{D4DE3DB4-7734-47E5-8D92-B80146311406}\" -tempdisk1folder:"C:\Users\Heinz\AppData\Local\Temp\{83B65863-2DD4-4E7E-BCEB-0745C73A3EB8}\"Removed Samsung Data Migration0x80070422

Error: (06/07/2013 01:29:59 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.18046 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 5764.  Message ID: [0x2509].

Error: (06/07/2013 01:21:20 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.18046 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 6608.  Message ID: [0x2509].

Error: (06/07/2013 01:18:06 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.18046 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 6288.  Message ID: [0x2509].

Error: (06/07/2013 01:16:58 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.18046 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 1064.  Message ID: [0x2509].

Error: (06/07/2013 01:14:11 PM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.18046 - There was a failure initializing profiling API attach infrastructure.  This process will not allow a profiler to attach.  HRESULT: 0x80004005.  Process ID (decimal): 3348.  Message ID: [0x2509].

Error: (06/07/2013 01:03:50 PM) (Source: ESENT)(User: )
Description: SearchIndexer4228Windows: 0-510[1] 0.000, [2] 0.000, [3] 0.000, [4] 0.000, [5] 0.016, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000, [11] 0.000, [12] 0.000, [13] 0.000, [14] 0.000, [15] 0.000.

Error: (06/07/2013 01:03:50 PM) (Source: Windows Search Service)(User: )
Description: 
Details:
	The content index catalog is corrupt.   0xc0041801 (0xc0041801)
The catalog is corrupt


==================== Memory info =========================== 

Percentage of memory in use: 22%
Total physical RAM: 8143.22 MB
Available physical RAM: 6306.03 MB
Total Pagefile: 16335.22 MB
Available Pagefile: 14211.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:124.24 GB) (Free:80.11 GB) NTFS (Disk=0 Partition=4)
Drive e: (Daten) (Fixed) (Total:89.61 GB) (Free:35.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238 GB) (Disk ID: 6D00BD82)

Partition: GPT Partition Type
==================== End Of Log ============================
         
Ich habe gestern den simplen CCleaner laufen lassen mit Registry check, seitdem ist das nicht wieder aufgetreten.
Ich bin zwar froh, würde aber trotzdem gerne wissen wieso das was gebracht hat (also ob Sie sich daraus einen Reim machen können wo das Problem lag).

Aber trotzdem

Alt 08.06.2013, 14:00   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Windows System immer bei 20% Systemauslastung, Virus vermutet - Standard

Windows System immer bei 20% Systemauslastung, Virus vermutet



Teste das mal, die Logs sind sauber
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows System immer bei 20% Systemauslastung, Virus vermutet
acrobat update, auslastung, avast, avast!, dateien, einfach, erklären, freeware, https, keinerlei, laufe, laufen, maleware, malewarebytes, nichts, problem, programm, system, systemauslastung, verdächtige, vermute, vermutet, version, virenprogramm, virus, weiterhelfen, windows, windows system



Ähnliche Themen: Windows System immer bei 20% Systemauslastung, Virus vermutet


  1. Virus auf Mac vermutet
    Plagegeister aller Art und deren Bekämpfung - 25.01.2015 (6)
  2. GIF-Virus auf Trojaner-Board vermutet
    Plagegeister aller Art und deren Bekämpfung - 08.08.2014 (2)
  3. Win7 Laptop sehr langsam, Virus vermutet
    Plagegeister aller Art und deren Bekämpfung - 31.10.2013 (11)
  4. Windows XP: trojaner (svchst.exe) vermutet (~100%cpu-auslastung)
    Log-Analyse und Auswertung - 28.09.2013 (14)
  5. mbamservice.exe Trojaner / Virus vermutet / Internet / Rechner langsam
    Plagegeister aller Art und deren Bekämpfung - 18.07.2013 (15)
  6. C:\ProgramDAta\lsass.exe - Ein Virus? Auch ansonsten Virenbefall vermutet
    Plagegeister aller Art und deren Bekämpfung - 01.11.2012 (15)
  7. Problem mit Ram und Geschwindigkeit des PC's virus vermutet
    Log-Analyse und Auswertung - 19.10.2012 (7)
  8. Trojaner/? Virus ? ...System wird immer langsamer .....was kann ich tun
    Plagegeister aller Art und deren Bekämpfung - 07.03.2012 (8)
  9. flashutil9d, mscorsvw, und Systemauslastung, Ist mein System okay?
    Log-Analyse und Auswertung - 17.02.2012 (1)
  10. Avira zeigt Virus an, dieser taucht aber nach Löschversuch immer wieder auf. Trojaner vermutet.
    Log-Analyse und Auswertung - 18.02.2011 (1)
  11. Virus vermutet, finde ihn aber nicht!
    Log-Analyse und Auswertung - 16.12.2010 (1)
  12. Virus oder Trojaner legt das System lahm, Sweet.Home wird vermutet
    Plagegeister aller Art und deren Bekämpfung - 25.05.2010 (3)
  13. Verdacht auf Virus/Trojaner / Systemauslastung
    Log-Analyse und Auswertung - 17.06.2008 (6)
  14. Was befindet sich in meinem System? (trojaner vermutet)
    Log-Analyse und Auswertung - 08.01.2008 (0)
  15. Systemauslastung immer 100%
    Alles rund um Windows - 23.10.2005 (1)
  16. Windows Explorer 100% Systemauslastung
    Plagegeister aller Art und deren Bekämpfung - 15.12.2004 (3)
  17. Virus/Trojaner schließt Anti Troj + 100% Systemauslastung
    Plagegeister aller Art und deren Bekämpfung - 10.11.2003 (3)

Zum Thema Windows System immer bei 20% Systemauslastung, Virus vermutet - Hallo, ich habe ein Problem mit meinem PC. Undzwar ist dieser vom System (auch wenn ich nichts mache) immer 15-20% ausgelastet. Ich habe schon ein Virenprogramm (avast! in der Freeware - Windows System immer bei 20% Systemauslastung, Virus vermutet...
Archiv
Du betrachtest: Windows System immer bei 20% Systemauslastung, Virus vermutet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.