Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2013 01
Ran by SYSTEM on MININT-12CR4NN on 28-12-2013 20:26:35
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet001
[b]ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.[/b]

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [TosNC] - C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe [595816 2010-03-19] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [896032 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [505696 2009-11-05] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] - C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-04-06] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe [35760 2009-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Bing Bar] - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\mswinext.exe [243032 2010-03-04] (Microsoft Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\mcafee.com\agent\mcagent.exe [1465304 2010-01-26] (McAfee, Inc.)
HKLM-x32\...\Run: [NBAgent] - C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [1086760 2010-03-08] (Nero AG)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HWSetup] - C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] - C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2009-12-25] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [SVPWUTIL] - C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2010-02-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TWebCamera] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-02-23] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [ToshibaServiceStation] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM\...\RunOnce: [Unattend0000000001{8994ABF8-6760-4D8B-BBEE-D6E261CCBB5D}] - C:\Toshiba\Preinst\postoobe.cmd [586 2009-07-16] ()
HKU\Default\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [4581280 2010-03-03] (TOSHIBA)
HKU\Default User\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [4581280 2010-03-03] (TOSHIBA)
HKU\Siwy\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [4581280 2010-03-03] (TOSHIBA)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Siwy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

==================== Services (Whitelisted) =================

S2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
S2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [509416 2009-12-30] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199032 2010-01-05] (McAfee, Inc.)
S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [244840 2010-01-05] (McAfee, Inc.)
S2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [148520 2010-01-05] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-02-10] (Toshiba Europe GmbH)

==================== Drivers (Whitelisted) ====================

S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [62416 2010-01-05] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [121504 2010-01-05] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [189880 2010-01-05] (McAfee, Inc.)
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [440688 2010-01-05] (McAfee, Inc.)
S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [528232 2010-01-05] (McAfee, Inc.)
S1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75288 2010-01-05] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [93840 2010-01-05] (McAfee, Inc.)
S0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [279752 2010-01-05] (McAfee, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-28 20:26 - 2013-12-28 20:26 - 00000000 ____D C:\FRST
2013-12-27 09:55 - 2013-12-27 09:55 - 00000020 ___SH C:\Users\Siwy\ntuser.ini
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\Vorlagen
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\Startmenü
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\Netzwerkumgebung
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\Lokale Einstellungen
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\Eigene Dateien
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\Druckumgebung
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\Documents\Eigene Musik
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\Documents\Eigene Bilder
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\AppData\Local\Verlauf
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\AppData\Local\Anwendungsdaten
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\Anwendungsdaten
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Programme
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 ____D C:\users\Siwy
2013-12-27 09:55 - 2010-04-15 01:29 - 00000000 ____D C:\Users\Siwy\AppData\Roaming\Macromedia
2013-12-27 09:53 - 2013-12-28 10:37 - 00000000 __RSH C:\Windows\SysWOW64\Drivers\TOSHIBA_Satellite L670D_11486-GR_PSK3NE-00500.MRK
2013-12-27 09:51 - 2013-12-27 09:51 - 00000000 ____D C:\Windows\OemDrv
2013-12-27 09:49 - 2013-12-27 09:49 - 00000000 _____ C:\Windows\NDSTray.INI
2013-12-27 09:46 - 2009-10-07 09:13 - 00070200 _____ (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2013-12-27 09:46 - 2009-10-07 09:13 - 00028728 _____ (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2013-12-27 09:40 - 2013-12-27 09:43 - 00000000 ____D C:\ProgramData\TOSHIBA
2013-12-27 09:39 - 2009-06-22 08:06 - 00035008 _____ (TOSHIBA Corporation) C:\Windows\System32\Drivers\PGEffect.sys
2013-12-27 09:35 - 1999-10-12 10:47 - 00024576 _____ (Toshiba) C:\Windows\SysWOW64\TSCI.dll
2013-12-27 09:35 - 1999-10-12 10:45 - 00024576 _____ (Toshiba) C:\Windows\SysWOW64\THCI.dll
2013-12-27 09:32 - 2013-12-27 09:44 - 00000000 ____D C:\Windows\Downloaded Installations
2013-12-27 09:30 - 2013-12-27 09:31 - 00000000 ____D C:\ProgramData\win7_64
2013-12-27 09:30 - 2013-12-27 09:31 - 00000000 ____D C:\ProgramData\win7_32
2013-12-27 09:30 - 2013-12-27 09:30 - 00000000 ____D C:\Windows\SysWOW64\Microsoft.VC80.MFC
2013-12-27 09:30 - 2013-12-27 09:30 - 00000000 ____D C:\Windows\System32\Microsoft.VC80.MFC
2013-12-27 09:30 - 2013-12-27 09:30 - 00000000 ____D C:\ProgramData\xp
2013-12-27 09:30 - 2013-12-27 09:30 - 00000000 ____D C:\ProgramData\vista64
2013-12-27 09:30 - 2013-12-27 09:30 - 00000000 ____D C:\ProgramData\vista32
2013-12-27 09:30 - 2010-03-04 07:44 - 00049664 _____ (COMPAL ELECTRONIC INC.) C:\Windows\System32\HWS_Ctrl.dll
2013-12-27 09:30 - 2010-03-04 07:44 - 00008192 _____ (COMPAL ELECTRONIC INC.) C:\Windows\System32\TSBWLS.dll
2013-12-27 09:29 - 2010-02-01 01:29 - 07367200 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsUStoricon.dll
2013-12-27 09:29 - 2010-02-01 01:29 - 07367200 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RTSUSTORicon.dll
2013-12-27 09:29 - 2010-02-01 01:29 - 00422432 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtsUStor.dll
2013-12-27 09:29 - 2010-02-01 01:29 - 00232992 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RtsUStor.sys
2013-12-27 09:27 - 2013-12-27 09:28 - 00003346 _____ C:\RHDSetup.log
2013-12-27 09:27 - 2013-12-27 09:27 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-12-27 09:27 - 2013-12-27 09:27 - 00000000 ____D C:\Program Files\Realtek
2013-12-27 09:27 - 2010-03-22 02:21 - 02719504 _____ (Waves Audio Ltd.) C:\Windows\System32\WavesGUILib.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 02298400 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTKVHD64.sys
2013-12-27 09:27 - 2010-03-22 02:21 - 02197264 _____ (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioEQ.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 01929760 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtPgEx64.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 01660448 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO64.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 01247776 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 01210912 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RTCOM64.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 00612384 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RTSnMg64.cpl
2013-12-27 09:27 - 2010-03-22 02:21 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\System32\SRSTSX64.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 00477216 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtkApi64.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 00372936 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEP64A.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 00338848 _____ (Fortemedia Corporation) C:\Windows\System32\FMAPO64.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 00332320 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtlCPAPI64.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 00325904 _____ (Waves Audio Ltd.) C:\Windows\System32\MaxxAudioAPO20.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 00307920 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DHT64.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 00307920 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DAA64.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\System32\SRSTSH64.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 00201928 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RTEED64A.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\System32\SRSHP64.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 00168288 _____ (Andrea Electronics Corporation) C:\Windows\System32\AERTAC64.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\System32\SRSWOW64.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 00149536 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCfg64.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\System32\AERTAR64.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 00099016 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEL64A.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 00076488 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RTEEG64A.dll
2013-12-27 09:27 - 2010-03-22 02:21 - 00069664 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RCoInst64.dll
2013-12-27 09:27 - 2009-12-02 06:01 - 01691680 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RHDMEx64.dll
2013-12-27 09:27 - 2009-12-02 06:01 - 01638432 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtkHDM64.dll
2013-12-27 09:27 - 2009-12-02 06:01 - 00213280 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RtHDMIVX.sys
2013-12-27 09:27 - 2009-12-02 06:01 - 00064032 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RHCoInst64.dll
2013-12-27 09:27 - 2009-03-08 20:32 - 00304640 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RH3DAA64.dll
2013-12-27 09:27 - 2009-03-08 20:31 - 00304640 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RH3DHT64.dll
2013-12-27 09:26 - 2013-12-27 09:29 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-12-27 09:26 - 2010-01-05 15:46 - 00189984 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RTInstaller64.exe
2013-12-27 09:24 - 2013-12-27 09:24 - 00000000 ____D C:\Program Files (x86)\Atheros
2013-12-27 09:24 - 2009-11-06 03:56 - 01550848 _____ (Atheros Communications, Inc.) C:\Windows\System32\Drivers\athrx.sys
2013-12-27 09:23 - 2013-12-27 09:24 - 00000000 ____D C:\ProgramData\Atheros
2013-12-27 09:23 - 2013-12-27 09:23 - 00000000 ____D C:\ProgramData\ATI
2013-12-27 09:20 - 2013-12-27 09:21 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-12-27 09:20 - 2013-12-27 09:20 - 00000000 ____D C:\Program Files\ATI
2013-12-27 09:19 - 2010-03-15 01:06 - 06403072 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atipmdag.sys
2013-12-27 09:19 - 2010-03-15 01:06 - 06403072 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\atikmdag.sys
2013-12-27 09:19 - 2010-03-15 01:00 - 00143360 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atiapfxx.exe
2013-12-27 09:19 - 2010-03-15 01:00 - 00033624 _____ C:\Windows\System32\atiapfxx.blb
2013-12-27 09:19 - 2010-03-15 00:59 - 00497152 _____ (ATI Technologies Inc. ) C:\Windows\System32\aticfx64.dll
2013-12-27 09:19 - 2010-03-15 00:59 - 00446464 _____ (ATI Technologies Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2013-12-27 09:19 - 2010-03-15 00:58 - 18798592 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atio6axx.dll
2013-12-27 09:19 - 2010-03-15 00:57 - 00446464 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\ATIDEMGX.dll
2013-12-27 09:19 - 2010-03-15 00:56 - 00450560 _____ (AMD) C:\Windows\System32\atieclxx.exe
2013-12-27 09:19 - 2010-03-15 00:56 - 00202752 _____ (AMD) C:\Windows\System32\atiesrxx.exe
2013-12-27 09:19 - 2010-03-15 00:54 - 00420864 _____ (ATI Technologies, Inc.) C:\Windows\System32\atipdl64.dll
2013-12-27 09:19 - 2010-03-15 00:54 - 00356352 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\atipdlxx.dll
2013-12-27 09:19 - 2010-03-15 00:54 - 00274432 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\Oemdspif.dll
2013-12-27 09:19 - 2010-03-15 00:54 - 00120320 _____ (AMD) C:\Windows\System32\atitmm64.dll
2013-12-27 09:19 - 2010-03-15 00:54 - 00059392 _____ (ATI Technologies, Inc.) C:\Windows\System32\atiedu64.dll
2013-12-27 09:19 - 2010-03-15 00:54 - 00012288 _____ (AMD) C:\Windows\System32\atimuixx.dll
2013-12-27 09:19 - 2010-03-15 00:53 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2013-12-27 09:19 - 2010-03-15 00:50 - 03131392 _____ (ATI Technologies Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2013-12-27 09:19 - 2010-03-15 00:42 - 03800064 _____ (ATI Technologies Inc. ) C:\Windows\System32\atidxx64.dll
2013-12-27 09:19 - 2010-03-15 00:38 - 14226944 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2013-12-27 09:19 - 2010-03-15 00:33 - 03703808 _____ (ATI Technologies Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2013-12-27 09:19 - 2010-03-15 00:18 - 00511072 _____ C:\Windows\System32\atiumd6a.cap
2013-12-27 09:19 - 2010-03-15 00:17 - 00055296 _____ (AMD) C:\Windows\System32\coinst.dll
2013-12-27 09:19 - 2010-03-15 00:14 - 02993152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2013-12-27 09:19 - 2010-03-15 00:13 - 00511072 _____ C:\Windows\SysWOW64\atiumdva.cap
2013-12-27 09:19 - 2010-03-15 00:13 - 00053248 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2013-12-27 09:19 - 2010-03-15 00:13 - 00043008 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\aticalrt64.dll
2013-12-27 09:19 - 2010-03-15 00:13 - 00039936 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\aticalcl64.dll
2013-12-27 09:19 - 2010-03-15 00:12 - 04781568 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\aticaldd64.dll
2013-12-27 09:19 - 2010-03-15 00:12 - 00053248 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2013-12-27 09:19 - 2010-03-15 00:11 - 03657728 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2013-12-27 09:19 - 2010-03-15 00:02 - 00053248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atimpc64.dll
2013-12-27 09:19 - 2010-03-15 00:02 - 00053248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\amdpcom64.dll
2013-12-27 09:19 - 2010-03-15 00:02 - 00052224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2013-12-27 09:19 - 2010-03-15 00:02 - 00052224 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2013-12-27 09:19 - 2010-03-15 00:01 - 00330752 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atiadlxx.dll
2013-12-27 09:19 - 2010-03-15 00:01 - 00237568 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2013-12-27 09:19 - 2010-03-15 00:01 - 00016896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6txx.dll
2013-12-27 09:19 - 2010-03-15 00:01 - 00015360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2013-12-27 09:19 - 2010-03-15 00:01 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atig6pxx.dll
2013-12-27 09:19 - 2010-03-15 00:01 - 00012800 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2013-12-27 09:19 - 2010-03-15 00:01 - 00012800 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiglpxx.dll
2013-12-27 09:19 - 2010-03-15 00:00 - 00188928 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\Drivers\atikmpag.sys
2013-12-27 09:19 - 2010-03-15 00:00 - 00036352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiuxp64.dll
2013-12-27 09:19 - 2010-03-15 00:00 - 00028160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\System32\atiu9p64.dll
2013-12-27 09:19 - 2010-03-15 00:00 - 00027648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2013-12-27 09:19 - 2010-03-15 00:00 - 00020480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2013-12-27 09:19 - 2010-03-14 23:59 - 00053248 _____ (ATI Technologies Inc.) C:\Windows\System32\Drivers\ati2erec.dll
2013-12-27 09:19 - 2010-03-02 05:57 - 00020692 _____ C:\Windows\atiogl.xml
2013-12-27 09:19 - 2010-02-25 04:55 - 00201875 _____ C:\Windows\System32\atiicdxx.dat
2013-12-27 09:19 - 2010-02-23 01:15 - 00001105 _____ C:\Windows\SysWOW64\atipblag.dat
2013-12-27 09:19 - 2010-02-23 01:15 - 00001105 _____ C:\Windows\System32\atipblag.dat
2013-12-27 09:19 - 2009-05-11 07:35 - 00118784 _____ (Advanced Micro Devices, Inc.) C:\Windows\System32\atibtmon.exe
2013-12-27 09:19 - 2009-05-05 00:00 - 00016440 _____ (Advanced Micro Devices Inc.) C:\Windows\System32\Drivers\AtiPcie.sys
2013-12-27 09:19 - 2009-02-18 03:55 - 00332288 _____ C:\Windows\System32\ATIODE.exe
2013-12-27 09:19 - 2009-02-03 06:52 - 00051200 _____ C:\Windows\System32\ATIODCLI.exe
2013-12-27 09:18 - 2013-12-27 09:55 - 00041128 _____ C:\Windows\WindowsUpdate.log
2013-12-27 09:15 - 2013-12-27 09:15 - 00000000 _____ C:\Windows\ativpsrm.bin

==================== One Month Modified Files and Folders =======

2013-12-28 20:26 - 2013-12-28 20:26 - 00000000 ____D C:\FRST
2013-12-28 10:37 - 2013-12-27 09:53 - 00000000 __RSH C:\Windows\SysWOW64\Drivers\TOSHIBA_Satellite L670D_11486-GR_PSK3NE-00500.MRK
2013-12-28 10:37 - 2009-07-13 20:51 - 00027264 _____ C:\Windows\setupact.log
2013-12-28 10:30 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-28 10:30 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-12-27 13:10 - 2009-07-13 20:45 - 00016080 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-27 13:10 - 2009-07-13 20:45 - 00016080 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-27 13:09 - 2009-07-14 09:58 - 00643866 _____ C:\Windows\System32\perfh007.dat
2013-12-27 13:09 - 2009-07-14 09:58 - 00126394 _____ C:\Windows\System32\perfc007.dat
2013-12-27 13:09 - 2009-07-13 21:13 - 01472002 _____ C:\Windows\System32\PerfStringBackup.INI
2013-12-27 10:26 - 2009-07-13 20:45 - 00006144 _____ C:\Windows\System32\umstartup.etl
2013-12-27 09:55 - 2013-12-27 09:55 - 00000020 ___SH C:\Users\Siwy\ntuser.ini
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\Vorlagen
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\Startmenü
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\Netzwerkumgebung
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\Lokale Einstellungen
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\Eigene Dateien
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\Druckumgebung
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\Documents\Eigene Musik
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\Documents\Eigene Bilder
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\AppData\Local\Verlauf
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\AppData\Local\Anwendungsdaten
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Siwy\Anwendungsdaten
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Programme
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-12-27 09:55 - 2013-12-27 09:55 - 00000000 ____D C:\users\Siwy
2013-12-27 09:55 - 2013-12-27 09:18 - 00041128 _____ C:\Windows\WindowsUpdate.log
2013-12-27 09:55 - 2010-04-15 01:26 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-12-27 09:55 - 2009-07-13 19:20 - 00000000 __RHD C:\users\Default
2013-12-27 09:55 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Windows NT
2013-12-27 09:52 - 2010-04-15 00:00 - 00000000 ____D C:\Windows\Panther
2013-12-27 09:52 - 2009-07-13 20:46 - 00003043 _____ C:\Windows\DtcInstall.log
2013-12-27 09:52 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sysprep
2013-12-27 09:51 - 2013-12-27 09:51 - 00000000 ____D C:\Windows\OemDrv
2013-12-27 09:51 - 2009-07-14 09:58 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2013-12-27 09:49 - 2013-12-27 09:49 - 00000000 _____ C:\Windows\NDSTray.INI
2013-12-27 09:49 - 2010-04-15 01:22 - 00000000 ____D C:\Program Files\TOSHIBA
2013-12-27 09:48 - 2010-04-15 01:23 - 00000000 ____D C:\Program Files (x86)\TOSHIBA
2013-12-27 09:48 - 2010-04-15 01:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-27 09:44 - 2013-12-27 09:32 - 00000000 ____D C:\Windows\Downloaded Installations
2013-12-27 09:43 - 2013-12-27 09:40 - 00000000 ____D C:\ProgramData\TOSHIBA
2013-12-27 09:31 - 2013-12-27 09:30 - 00000000 ____D C:\ProgramData\win7_64
2013-12-27 09:31 - 2013-12-27 09:30 - 00000000 ____D C:\ProgramData\win7_32
2013-12-27 09:30 - 2013-12-27 09:30 - 00000000 ____D C:\Windows\SysWOW64\Microsoft.VC80.MFC
2013-12-27 09:30 - 2013-12-27 09:30 - 00000000 ____D C:\Windows\System32\Microsoft.VC80.MFC
2013-12-27 09:30 - 2013-12-27 09:30 - 00000000 ____D C:\ProgramData\xp
2013-12-27 09:30 - 2013-12-27 09:30 - 00000000 ____D C:\ProgramData\vista64
2013-12-27 09:30 - 2013-12-27 09:30 - 00000000 ____D C:\ProgramData\vista32
2013-12-27 09:29 - 2013-12-27 09:26 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-12-27 09:28 - 2013-12-27 09:27 - 00003346 _____ C:\RHDSetup.log
2013-12-27 09:27 - 2013-12-27 09:27 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-12-27 09:27 - 2013-12-27 09:27 - 00000000 ____D C:\Program Files\Realtek
2013-12-27 09:24 - 2013-12-27 09:24 - 00000000 ____D C:\Program Files (x86)\Atheros
2013-12-27 09:24 - 2013-12-27 09:23 - 00000000 ____D C:\ProgramData\Atheros
2013-12-27 09:23 - 2013-12-27 09:23 - 00000000 ____D C:\ProgramData\ATI
2013-12-27 09:21 - 2013-12-27 09:20 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2013-12-27 09:20 - 2013-12-27 09:20 - 00000000 ____D C:\Program Files\ATI
2013-12-27 09:19 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-12-27 09:15 - 2013-12-27 09:15 - 00000000 _____ C:\Windows\ativpsrm.bin
2013-12-27 09:15 - 2010-04-15 00:04 - 00003540 _____ C:\Windows\TSSysprep.log

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================


==================== Memory info =========================== 

Percentage of memory in use: 14%
Total physical RAM: 4091.68 MB
Available physical RAM: 3508.84 MB
Total Pagefile: 4089.83 MB
Available Pagefile: 3498.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:232.42 GB) (Free:211.36 GB) NTFS
Drive d: (Data) (Fixed) (Total:232.95 GB) (Free:88.66 GB) NTFS
Drive e: (SYSTEM) (Fixed) (Total:0.39 GB) (Free:0.18 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.16 GB) (Free:0 GB) UDF
Drive h: (USB-HDD) (Fixed) (Total:298.09 GB) (Free:108.88 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: A84C4D4B)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=232 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 298 GB) (Disk ID: E6120A8E)
Partition 1: (Not Active) - (Size=298 GB) - (Type=07 NTFS)


LastRegBack: 2010-04-15 00:01

==================== End Of Log ============================