Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: trojan dropper:win32/bunt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 03.10.2016, 15:43   #1
Juro346
 
trojan dropper:win32/bunt - Standard

trojan dropper:win32/bunt



Moin Moin,

ich habe gestern den Windows-Defender durchlaufen lassen. Dieser hat folgenden Meldung ergeben: trojan dropper:win32/bunt (welchen er als "schwerwiegend" einstufte). Ebenfalls bat er mir an, diese Datei zu entfernen, was ich dann auch bestätigt habe.

Nach einem weiteren Durchlauf zeigte er mir dann keine weitere Trojaner Meldung mehr an.

Ich gehe aber mal nicht davon aus, dass der Trojaner nicht so einfach entfernt wurde.

Meine Frage also, was kann/sollte ich noch tun, um den Trojaner vollständig zu beseitigen?

lG Juro

PS: Ich nutze kein weiteres Antivirenprogram, neben Windows-Defender

Alt 03.10.2016, 19:27   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
trojan dropper:win32/bunt - Standard

trojan dropper:win32/bunt





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.



Los geht's:

Schritt 1


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 04.10.2016, 14:45   #3
Juro346
 
trojan dropper:win32/bunt - Standard

trojan dropper:win32/bunt



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
durchgeführt von Julius (Administrator) auf JULIUS-PC (04-10-2016 15:37:51)
Gestartet von C:\Users\Julius\Downloads
Geladene Profile: Julius (Verfügbare Profile: Julius)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
konnte nicht auf den Prozess zugreifen -> Memory Compression
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\sihost.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Megaify Software Co., Ltd.) C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Users\Julius\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(TeamSpeak Systems GmbH) C:\Users\Julius\Desktop\teamspeak\ts3client_win64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SystemSettingsBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-28] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [937984 2014-11-21] (AVM Berlin)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [8886976 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [8886976 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-645722510-4007608099-3805512291-1001\...\Run: [Spotify Web Helper] => C:\Users\Julius\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1529456 2016-09-23] (Spotify Ltd)
HKU\S-1-5-21-645722510-4007608099-3805512291-1001\...\Run: [OneDrive] => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\OneDrive.exe [633024 2016-09-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileSyncShell64.dll [2016-09-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileSyncShell64.dll [2016-09-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileSyncShell64.dll [2016-09-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileSyncShell64.dll [2016-09-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileSyncShell64.dll [2016-09-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncShell.dll [2016-09-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncShell.dll [2016-09-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncShell.dll [2016-09-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncShell.dll [2016-09-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncShell.dll [2016-09-28] (Microsoft Corporation)
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ATTENTION

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-645722510-4007608099-3805512291-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2016-07-16] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-07-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{009009a0-5aea-43e2-a3ab-57af5a3c803a}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Julius\AppData\Roaming\Mozilla\Firefox\Profiles\uhu9xfyn.default
FF NewTab: hxxp://www.trotux.com/?z=f028d07922f61937a5fc749g5z8m7w1zfoaz8t3t0e&from=isr&uid=OCZ-VERTEX2_OCZ-2LHDJM0E3N1CCSP7&type=hp
FF DefaultSearchEngine: trotux
FF SelectedSearchEngine: trotux
FF Homepage: hxxp://www.trotux.com/?z=f028d07922f61937a5fc749g5z8m7w1zfoaz8t3t0e&from=isr&uid=OCZ-VERTEX2_OCZ-2LHDJM0E3N1CCSP7&type=hp
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF SearchPlugin: C:\Users\Julius\AppData\Roaming\Mozilla\Firefox\Profiles\uhu9xfyn.default\searchplugins\m0c9rg9e.xml [2016-10-02]
FF Extension: Default - D:\firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-05-06]
StartMenuInternet: FIREFOX.EXE - D:\firefox\firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2016-06-25]
CHR Extension: (Google Slides) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-13]
CHR Extension: (Google Docs) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-13]
CHR Extension: (Google Drive) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-13]
CHR Extension: (YouTube) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-13]
CHR Extension: (Adblock Plus) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-13]
CHR Extension: (Google Sheets) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-13]
CHR Extension: (Google Docs Offline) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-13]
CHR Extension: (Gmail) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-13]
CHR Extension: (Chrome Media Router) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-06-24]

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AJRouter; C:\Windows\System32\AJRouter.dll [24576 2016-07-16] (Microsoft Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321536 2016-07-16] (Microsoft Corporation)
R2 CDPSvc; C:\Windows\System32\CDPSvc.dll [409088 2016-07-16] (Microsoft Corporation)
S3 ClipSVC; C:\Windows\System32\ClipSVC.dll [729328 2016-07-16] (Microsoft Corporation)
R2 Coerlasy; C:\Program Files (x86)\Kzerlybervush\procaentvlotCollector.dll [276992 2016-10-02] () [Datei ist nicht signiert]
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [764936 2016-09-28] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [483840 2016-09-28] (Microsoft Corporation)
S3 DcpSvc; C:\Windows\system32\dcpsvc.dll [183808 2016-07-16] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [34304 2016-07-16] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [93184 2016-07-16] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [407552 2016-07-16] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [298496 2016-07-16] (Microsoft Corporation)
S3 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [57344 2016-07-16] (Microsoft Corporation)
R2 DoSvc; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 DoSvc; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R3 DsSvc; C:\Windows\System32\DsSvc.dll [152576 2016-07-16] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [140800 2016-07-16] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [285696 2016-07-16] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [804864 2016-09-28] (Microsoft Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [202240 2016-07-16] (Microsoft Corporation)
R3 lfsvc; C:\Windows\System32\lfsvc.dll [37376 2016-07-16] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [26112 2016-09-28] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [77312 2016-09-28] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2016-09-28] (Microsoft Corporation)
R3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [265216 2016-07-16] (Microsoft Corporation)
S3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [326656 2016-07-16] (Microsoft Corporation)
S3 NgcSvc; C:\Windows\system32\ngcsvc.dll [983040 2016-07-16] (Microsoft Corporation)
S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [781824 2016-09-28] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [650752 2016-07-16] (Microsoft Corporation)
R3 RmSvc; C:\Windows\System32\RMapi.dll [141312 2016-07-16] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1312768 2016-09-28] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [417792 2016-07-16] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation)
S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [590848 2016-07-16] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [4136448 2016-07-16] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [3369984 2016-07-16] (Microsoft Corporation)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [287744 2016-07-16] (Microsoft Corporation)
R2 tiledatamodelsvc; C:\Windows\system32\tileobjserver.dll [574976 2016-07-16] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [95232 2016-09-28] (Microsoft Corporation)
R2 UserManager; C:\Windows\System32\usermgr.dll [1020928 2016-07-16] (Microsoft Corporation)
R3 UsoSvc; C:\Windows\system32\usocore.dll [539136 2016-09-28] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [349696 2016-07-16] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\icsvc.dll [305152 2016-07-16] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2016-07-16] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [83456 2016-09-28] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [568832 2016-09-28] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [436224 2016-07-16] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [614912 2016-07-16] (Microsoft Corporation)
R2 WpnService; C:\Windows\system32\WpnService.dll [234496 2016-07-16] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [1014784 2016-09-28] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1159680 2016-07-16] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1025536 2016-07-16] (Microsoft Corporation)

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2014-11-21] (AVM Berlin)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533856 2016-07-16] (QLogic Corporation)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2016-07-16] (Windows (R) Win 7 DDK provider)
S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [38912 2016-07-16] (Microsoft Corporation)
S3 CapImg; C:\Windows\System32\drivers\capimg.sys [117248 2016-07-16] (Microsoft Corporation)
S2 CDPUserSvc; No ImagePath
R2 CDPUserSvc_9add761; No ImagePath
S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [346976 2016-07-16] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104160 2016-07-16] (Chelsio Communications)
R2 clreg; C:\Windows\System32\drivers\registry.sys [70144 2016-07-16] (Microsoft Corporation)
S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [38752 2016-07-16] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys [39936 2016-07-16] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3418976 2016-07-16] (QLogic Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [88576 2016-07-16] (Microsoft Corporation)
S3 fwlanusb5_nv2; C:\Windows\system32\DRIVERS\fwlanusb5_nv2.sys [1322824 2014-11-21] (AVM GmbH)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20480 2016-07-16] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2016-07-16] (Microsoft Corporation)
S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [50016 2016-07-16] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [73568 2016-09-28] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2016-07-16] (Intel(R) Corporation)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [81408 2016-07-16] (Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [176384 2016-07-16] (Intel Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [526176 2016-07-16] (Mellanox)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [45920 2016-07-16] (Microsoft Corporation)
S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [105824 2016-07-16] (LSI Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [101216 2016-07-16] (Avago Technologies)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [59744 2016-07-16] (Avago Technologies)
S3 MessagingService; No ImagePath
S3 MessagingService_9add761; No ImagePath
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [842584 2016-07-16] (Mellanox)
R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [48128 2016-07-16] (Microsoft Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175616 2016-09-28] (Microsoft Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [108896 2016-07-16] (Mellanox)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2224128 2016-07-16] (MediaTek Inc.)
S2 OneSyncSvc; No ImagePath
R2 OneSyncSvc_9add761; No ImagePath
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58720 2016-07-16] (Avago Technologies)
S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [61792 2016-07-16] (Avago Technologies)
S3 PimIndexMaintenanceSvc; No ImagePath
R3 PimIndexMaintenanceSvc_9add761; No ImagePath
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [928608 2016-07-16] (Microsoft Corporation)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [88416 2016-07-16] (Microsoft Corporation)
S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [123904 2016-07-16] (Microsoft Corporation)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [78336 2016-07-16] (Microsoft Corporation)
S0 storufs; C:\Windows\System32\drivers\storufs.sys [32096 2016-07-16] (Microsoft Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [95744 2016-07-16] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [50688 2016-07-16] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45568 2016-07-16] (Microsoft Corporation)
S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [263008 2016-07-16] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [96608 2016-07-16] (Microsoft Corporation)
S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [137056 2016-07-16] (Microsoft Corporation)
S3 UnistoreSvc; No ImagePath
R3 UnistoreSvc_9add761; No ImagePath
S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [28512 2016-07-16] (Microsoft Corporation)
S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [57696 2016-07-16] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [27488 2016-07-16] (Microsoft Corporation)
S3 UserDataSvc; No ImagePath
R3 UserDataSvc_9add761; No ImagePath
S3 vhf; C:\Windows\System32\drivers\vhf.sys [32256 2016-07-16] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16224 2016-07-16] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [119648 2016-07-16] (Microsoft Corporation)
R2 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [66560 2016-07-16] (Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [719360 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [107032 2016-07-16] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2016-07-16] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [32096 2016-07-16] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [64864 2016-07-16] (Mellanox)
S3 WpnUserService; No ImagePath
S3 WpnUserService_9add761; No ImagePath
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [258560 2016-07-16] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [43520 2016-09-28] (Microsoft Corporation)
U3 idsvc; No ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: DcpSvc -> C:\Windows\system32\dcpsvc.dll (Microsoft Corporation)
NETSVC: RetailDemo -> C:\Windows\system32\RDXService.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: dosvc -> No ServiceDLL Path.
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVCx32: NetSetupSvc -> C:\Windows\SysWOW64\NetSetupSvc.dll ==> Keine Datei
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> Keine Datei

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-04 15:37 - 2016-10-04 15:38 - 00025202 _____ C:\Users\Julius\Downloads\FRST.txt
2016-10-04 15:37 - 2016-10-04 15:37 - 02169856 _____ (Farbar) C:\Users\Julius\Downloads\FRST64.exe
2016-10-04 15:37 - 2016-10-04 15:37 - 00000000 ____D C:\FRST
2016-10-03 16:04 - 2016-10-03 16:04 - 00000306 __RSH C:\Users\Julius\ntuser.pol
2016-10-02 18:17 - 2016-10-02 19:44 - 00000000 ____D C:\Users\Julius\AppData\Roaming\NotepadPlusPlusApp
2016-10-02 18:17 - 2016-10-02 18:17 - 00008992 _____ C:\WINDOWS\System32\Tasks\Fakthertuverge Controls
2016-10-02 18:17 - 2016-10-02 18:17 - 00002560 _____ C:\Users\Julius\AppData\Local\uninstallro.exe
2016-10-02 18:17 - 2016-10-02 18:17 - 00000306 __RSH C:\ProgramData\ntuser.pol
2016-10-02 18:16 - 2016-10-02 18:20 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Ghasetion
2016-10-02 18:16 - 2016-10-02 18:17 - 00000000 ____D C:\Users\Julius\AppData\Local\Vieent
2016-10-02 18:16 - 2016-10-02 18:16 - 00000000 ____D C:\Program Files (x86)\Kzerlybervush
2016-10-02 18:13 - 2016-10-02 18:13 - 00000000 ____D C:\Users\Julius\AppData\Roaming\WinRAR
2016-10-02 18:12 - 2016-10-02 18:12 - 03953939 _____ C:\Users\Julius\Downloads\Nicht bestätigt 717478.crdownload
2016-10-02 18:12 - 2016-10-02 18:12 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-10-02 18:12 - 2016-10-02 18:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-10-02 18:11 - 2016-10-02 18:12 - 00000000 ____D C:\Program Files\WinRAR
2016-10-02 18:11 - 2016-10-02 18:11 - 02305864 _____ C:\Users\Julius\Downloads\winrar-x64-540d.exe
2016-10-02 18:01 - 2016-10-02 18:01 - 03953939 _____ C:\Users\Julius\Downloads\Sylenth1 2.2.rar
2016-09-28 17:22 - 2016-09-28 16:32 - 00000000 ___DC C:\WINDOWS\Panther
2016-09-28 17:19 - 2016-09-28 17:19 - 00000000 ____D C:\Windows.old
2016-09-28 17:18 - 2016-09-28 17:18 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 22566400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 20965248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-09-28 17:18 - 2016-09-28 17:18 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-09-28 17:18 - 2016-09-28 17:18 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 08156592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 08122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 07813472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 07623680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-28 17:18 - 2016-09-28 17:18 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-28 17:18 - 2016-09-28 17:18 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02630144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02481768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02256224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02217472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02214784 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02183792 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-28 17:18 - 2016-09-28 17:18 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-28 17:18 - 2016-09-28 17:18 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01966288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01905664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01853232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01707512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01430208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-28 17:18 - 2016-09-28 17:18 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01280352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01217880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 01123360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-28 17:18 - 2016-09-28 17:18 - 00996192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-28 17:18 - 2016-09-28 17:18 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00959104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00955520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00885824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00853344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00755656 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00650240 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00552288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00450392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-28 17:18 - 2016-09-28 17:18 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00303968 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-28 17:18 - 2016-09-28 17:18 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-09-28 17:18 - 2016-09-28 17:18 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00133472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AddressParser.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactActivation.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-28 17:18 - 2016-09-28 17:18 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-28 17:18 - 2016-09-28 17:18 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccessRes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-09-28 17:18 - 2016-09-28 17:18 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-09-28 17:18 - 2016-09-28 17:18 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneutilRes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 17187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 07220224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 06653592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 05684736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 03435008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 03116544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-28 17:17 - 2016-09-28 17:17 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 02947072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01491968 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01099616 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-28 17:17 - 2016-09-28 17:17 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00988000 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-28 17:17 - 2016-09-28 17:17 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00959488 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00942432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-28 17:17 - 2016-09-28 17:17 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-28 17:17 - 2016-09-28 17:17 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00773200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00681304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00601200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-28 17:17 - 2016-09-28 17:17 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-28 17:17 - 2016-09-28 17:17 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00461312 _____ (Microsoft) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00405344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-09-28 17:17 - 2016-09-28 17:17 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-28 17:17 - 2016-09-28 17:17 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-28 17:17 - 2016-09-28 17:17 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-09-28 17:17 - 2016-09-28 17:17 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-28 17:17 - 2016-09-28 17:17 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-28 17:17 - 2016-09-28 17:17 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-09-28 17:14 - 2016-07-15 20:29 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-09-28 17:14 - 2016-07-15 20:29 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-09-28 17:14 - 2016-07-15 20:14 - 06354944 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-09-28 17:14 - 2016-07-15 19:45 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2016-09-28 17:14 - 2016-07-15 19:29 - 05489664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2016-09-28 17:13 - 2016-09-28 17:13 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\Program Files\MSBuild
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\inetpub
2016-09-28 17:11 - 2016-09-28 17:11 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-09-28 17:11 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-28 17:11 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-28 17:11 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-28 17:11 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-28 17:11 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-28 17:11 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-28 16:43 - 2016-09-28 16:43 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-28 16:41 - 2016-09-28 16:42 - 00000000 ____D C:\Users\Julius\AppData\Local\ConnectedDevicesPlatform
2016-09-28 16:41 - 2016-09-28 16:41 - 00000020 ___SH C:\Users\Julius\ntuser.ini
2016-09-28 16:33 - 2016-09-28 16:33 - 00000000 ____D C:\ProgramData\USOShared
2016-09-28 16:32 - 2016-09-28 16:32 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-09-28 16:32 - 2016-09-28 16:32 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 __SHD C:\Recovery
2016-09-28 16:31 - 2016-09-29 17:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-28 16:31 - 2016-09-28 22:41 - 00002798 _____ C:\WINDOWS\System32\Tasks\DriverToolkit Autorun
2016-09-28 16:31 - 2016-09-28 16:31 - 00003650 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-28 16:31 - 2016-09-28 16:31 - 00003426 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-28 16:31 - 2016-09-28 16:31 - 00002824 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-09-28 16:31 - 2016-09-28 16:31 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2016-09-28 16:29 - 2016-09-28 16:31 - 00013702 _____ C:\WINDOWS\comsetup.log
2016-09-28 16:29 - 2016-09-28 16:29 - 00002360 _____ C:\WINDOWS\PFRO.log
2016-09-28 16:28 - 2016-09-28 16:28 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-28 16:26 - 2016-09-28 16:28 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-09-28 16:26 - 2016-09-28 16:26 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-09-28 16:26 - 2016-09-28 14:40 - 00024662 _____ C:\WINDOWS\iis_gather.log
2016-09-28 16:25 - 2016-10-03 23:13 - 00000000 ____D C:\Users\Julius
2016-09-28 16:25 - 2016-09-29 17:45 - 01728396 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-28 16:25 - 2016-09-28 16:41 - 00000000 ___RD C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-09-28 16:25 - 2016-09-28 16:25 - 01604148 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Vorlagen
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Startmenü
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Netzwerkumgebung
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Lokale Einstellungen
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Eigene Dateien
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Druckumgebung
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Documents\Eigene Musik
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Documents\Eigene Bilder
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\AppData\Local\Verlauf
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\AppData\Local\Anwendungsdaten
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Anwendungsdaten
2016-09-28 16:25 - 2016-07-16 13:48 - 00000000 ___RD C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-09-28 16:25 - 2016-07-16 13:47 - 00000000 ___RD C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-09-28 16:25 - 2016-07-16 13:47 - 00000000 ___RD C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-09-28 16:25 - 2016-07-16 13:47 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-09-28 16:25 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-09-28 16:24 - 2016-09-28 16:26 - 00029624 _____ C:\WINDOWS\iis.log
2016-09-28 16:24 - 2016-09-28 16:26 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-28 16:24 - 2016-09-28 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-09-28 16:24 - 2016-09-28 16:24 - 00062133 _____ C:\WINDOWS\SysWOW64\CCCInstall_201609281624265330.log
2016-09-28 16:24 - 2016-09-28 16:24 - 00000000 ____D C:\Program Files\ATI Technologies
2016-09-28 16:24 - 2016-09-28 16:24 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-09-28 16:23 - 2016-09-28 16:32 - 00015966 _____ C:\WINDOWS\setupact.log
2016-09-28 16:23 - 2016-09-28 16:23 - 00000156 _____ C:\WINDOWS\setuperr.log
2016-09-28 16:23 - 2016-09-28 16:23 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-09-28 16:23 - 2016-09-28 16:23 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-09-28 16:23 - 2016-09-28 16:23 - 00000000 ____D C:\Program Files\AMD
2016-09-28 16:23 - 2016-09-28 16:23 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2016-09-28 16:22 - 2016-10-03 19:44 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-28 16:22 - 2016-09-28 16:29 - 00194296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-28 16:22 - 2016-09-28 16:22 - 00029998 _____ C:\WINDOWS\system32\NetSetupMig.log
2016-09-27 18:50 - 2016-09-27 18:50 - 00000000 ____D C:\SoundBanks
2016-09-27 18:50 - 2016-09-27 18:50 - 00000000 ____D C:\Skins
2016-09-27 18:50 - 2016-09-27 18:50 - 00000000 ____D C:\Presets
2016-09-25 21:53 - 2016-09-28 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
2016-09-25 21:53 - 2016-09-25 21:53 - 00000000 ____D C:\Program Files\Steinberg
2016-09-25 21:51 - 2016-09-25 21:51 - 00000000 ____D C:\Program Files\LennarDigital
2016-09-25 21:49 - 2016-09-25 21:49 - 16724230 _____ C:\Users\Julius\Downloads\Sylenth1DemoWin.zip
2016-09-25 21:46 - 2016-09-25 21:46 - 00006409 _____ C:\Users\Julius\Downloads\FLRegkey.Reg

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-04 15:30 - 2016-06-12 23:35 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2016-10-03 23:13 - 2016-08-22 22:15 - 00000380 _____ C:\WINDOWS\Tasks\DriverToolkit Autorun.job
2016-10-03 23:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\sru
2016-10-03 22:32 - 2016-06-13 18:10 - 00000000 ____D C:\Users\Julius\AppData\Local\Spotify
2016-10-03 21:46 - 2016-06-13 18:08 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Spotify
2016-10-02 18:17 - 2009-07-14 05:20 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-10-02 17:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-01 16:44 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-09-30 14:34 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-29 17:45 - 2016-07-17 00:51 - 00593682 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-29 17:45 - 2016-07-17 00:51 - 00126644 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-29 17:39 - 2016-07-16 08:04 - 02621440 _____ C:\WINDOWS\system32\config\BBI
2016-09-29 11:49 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-09-28 17:22 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\uk-UA
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\th-TH
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-RS
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\sl-SI
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\sk-SK
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\ro-RO
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\hr-HR
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\he-IL
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\fr-CA
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\bg-BG
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\ar-SA
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-28 17:19 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-28 17:19 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-28 17:14 - 2016-07-17 00:52 - 00000000 ____D C:\WINDOWS\OCR
2016-09-28 17:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-28 17:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-09-28 17:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-28 17:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-09-28 17:12 - 2016-07-16 13:44 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2016-09-28 17:12 - 2016-07-16 13:44 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2016-09-28 17:12 - 2016-07-16 13:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2016-09-28 17:12 - 2016-07-16 13:44 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2016-09-28 17:12 - 2016-07-16 13:44 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2016-09-28 17:12 - 2016-07-16 13:44 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2016-09-28 17:12 - 2016-07-16 13:43 - 01414144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-09-28 17:12 - 2016-07-16 13:43 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-09-28 17:12 - 2016-07-16 13:43 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-09-28 17:12 - 2016-07-16 13:43 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-09-28 17:12 - 2016-07-16 13:43 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-09-28 17:12 - 2016-07-16 13:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-09-28 17:12 - 2016-07-16 13:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-09-28 17:12 - 2016-07-16 13:43 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-09-28 17:12 - 2016-07-16 13:43 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-09-28 16:58 - 2016-06-14 16:47 - 00000000 ____D C:\Users\Julius\AppData\Local\Packages
2016-09-28 16:44 - 2016-06-16 12:44 - 00002425 _____ C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-28 16:44 - 2016-06-16 12:44 - 00000000 ___RD C:\Users\Julius\OneDrive
2016-09-28 16:33 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-09-28 16:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-09-28 16:32 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-09-28 16:32 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-09-28 16:32 - 2016-07-16 08:04 - 00000000 __RHD C:\Users\Default
2016-09-28 16:31 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-09-28 16:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-09-28 16:30 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media
2016-09-28 16:30 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-28 16:30 - 2016-06-14 16:26 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-09-28 16:28 - 2016-08-24 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
2016-09-28 16:28 - 2016-08-22 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
2016-09-28 16:28 - 2016-08-09 21:34 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2016-09-28 16:28 - 2016-08-09 21:29 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2016-09-28 16:28 - 2016-07-16 13:49 - 00004176 _____ C:\WINDOWS\DtcInstall.log
2016-09-28 16:28 - 2016-07-16 13:47 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-09-28 16:28 - 2016-07-16 13:47 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-09-28 16:28 - 2016-07-16 13:47 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-09-28 16:28 - 2016-07-16 13:47 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-09-28 16:28 - 2016-07-16 13:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-09-28 16:28 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-09-28 16:28 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2016-09-28 16:27 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-09-28 16:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-09-28 16:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-28 16:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-09-28 16:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-28 16:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\IME
2016-09-28 16:26 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-09-28 16:26 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-09-28 16:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Recovery
2016-09-28 16:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\System
2016-09-28 16:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\schemas
2016-09-28 16:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-09-28 16:26 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-28 16:26 - 2016-07-10 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2016-09-28 16:26 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Microsoft Games
2016-09-28 16:24 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-28 16:24 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-09-28 16:24 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-28 16:24 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-09-28 16:23 - 2016-06-14 16:21 - 00000000 ____D C:\AMD
2016-09-28 14:37 - 2016-07-17 01:55 - 00000000 ___HD C:\$WINDOWS.~BT
2016-09-28 14:28 - 2016-06-13 17:04 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-28 13:28 - 2016-06-13 17:04 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-26 19:20 - 2016-08-21 16:29 - 00125059 _____ C:\WINDOWS\avmfwlanci.log
2016-09-24 17:45 - 2016-08-01 14:11 - 00000000 ____D C:\Users\Julius\Desktop\iu7zgföä
2016-09-17 12:29 - 2016-06-13 17:06 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-17 12:29 - 2016-06-13 17:06 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-14 11:39 - 2016-06-13 10:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-14 11:35 - 2016-06-13 10:00 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-07 18:32 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 18:32 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
         
__________________

Alt 04.10.2016, 14:56   #4
Juro346
 
trojan dropper:win32/bunt - Standard

trojan dropper:win32/bunt



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
durchgeführt von Julius (Administrator) auf JULIUS-PC (04-10-2016 15:37:51)
Gestartet von C:\Users\Julius\Downloads
Geladene Profile: Julius (Verfügbare Profile: Julius)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
konnte nicht auf den Prozess zugreifen -> Memory Compression
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\sihost.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Megaify Software Co., Ltd.) C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Users\Julius\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(TeamSpeak Systems GmbH) C:\Users\Julius\Desktop\teamspeak\ts3client_win64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SystemSettingsBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-28] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [937984 2014-11-21] (AVM Berlin)
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [8886976 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [8886976 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-645722510-4007608099-3805512291-1001\...\Run: [Spotify Web Helper] => C:\Users\Julius\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1529456 2016-09-23] (Spotify Ltd)
HKU\S-1-5-21-645722510-4007608099-3805512291-1001\...\Run: [OneDrive] => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\OneDrive.exe [633024 2016-09-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileSyncShell64.dll [2016-09-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileSyncShell64.dll [2016-09-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileSyncShell64.dll [2016-09-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileSyncShell64.dll [2016-09-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileSyncShell64.dll [2016-09-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncShell.dll [2016-09-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncShell.dll [2016-09-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncShell.dll [2016-09-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncShell.dll [2016-09-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncShell.dll [2016-09-28] (Microsoft Corporation)
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ATTENTION

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-645722510-4007608099-3805512291-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2016-07-16] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-07-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{009009a0-5aea-43e2-a3ab-57af5a3c803a}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Julius\AppData\Roaming\Mozilla\Firefox\Profiles\uhu9xfyn.default
FF NewTab: hxxp://www.trotux.com/?z=f028d07922f61937a5fc749g5z8m7w1zfoaz8t3t0e&from=isr&uid=OCZ-VERTEX2_OCZ-2LHDJM0E3N1CCSP7&type=hp
FF DefaultSearchEngine: trotux
FF SelectedSearchEngine: trotux
FF Homepage: hxxp://www.trotux.com/?z=f028d07922f61937a5fc749g5z8m7w1zfoaz8t3t0e&from=isr&uid=OCZ-VERTEX2_OCZ-2LHDJM0E3N1CCSP7&type=hp
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF SearchPlugin: C:\Users\Julius\AppData\Roaming\Mozilla\Firefox\Profiles\uhu9xfyn.default\searchplugins\m0c9rg9e.xml [2016-10-02]
FF Extension: Default - D:\firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-05-06]
StartMenuInternet: FIREFOX.EXE - D:\firefox\firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2016-06-25]
CHR Extension: (Google Slides) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-13]
CHR Extension: (Google Docs) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-13]
CHR Extension: (Google Drive) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-13]
CHR Extension: (YouTube) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-13]
CHR Extension: (Adblock Plus) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-13]
CHR Extension: (Google Sheets) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-13]
CHR Extension: (Google Docs Offline) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-13]
CHR Extension: (Gmail) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-13]
CHR Extension: (Chrome Media Router) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-06-24]

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AJRouter; C:\Windows\System32\AJRouter.dll [24576 2016-07-16] (Microsoft Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321536 2016-07-16] (Microsoft Corporation)
R2 CDPSvc; C:\Windows\System32\CDPSvc.dll [409088 2016-07-16] (Microsoft Corporation)
S3 ClipSVC; C:\Windows\System32\ClipSVC.dll [729328 2016-07-16] (Microsoft Corporation)
R2 Coerlasy; C:\Program Files (x86)\Kzerlybervush\procaentvlotCollector.dll [276992 2016-10-02] () [Datei ist nicht signiert]
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [764936 2016-09-28] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\SysWOW64\coremessaging.dll [483840 2016-09-28] (Microsoft Corporation)
S3 DcpSvc; C:\Windows\system32\dcpsvc.dll [183808 2016-07-16] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [34304 2016-07-16] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [93184 2016-07-16] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [407552 2016-07-16] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\SysWOW64\Windows.Internal.Management.dll [298496 2016-07-16] (Microsoft Corporation)
S3 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [57344 2016-07-16] (Microsoft Corporation)
R2 DoSvc; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 DoSvc; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R3 DsSvc; C:\Windows\System32\DsSvc.dll [152576 2016-07-16] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [140800 2016-07-16] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [285696 2016-07-16] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [804864 2016-09-28] (Microsoft Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [202240 2016-07-16] (Microsoft Corporation)
R3 lfsvc; C:\Windows\System32\lfsvc.dll [37376 2016-07-16] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [26112 2016-09-28] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [77312 2016-09-28] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2016-09-28] (Microsoft Corporation)
R3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [265216 2016-07-16] (Microsoft Corporation)
S3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [326656 2016-07-16] (Microsoft Corporation)
S3 NgcSvc; C:\Windows\system32\ngcsvc.dll [983040 2016-07-16] (Microsoft Corporation)
S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [781824 2016-09-28] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [650752 2016-07-16] (Microsoft Corporation)
R3 RmSvc; C:\Windows\System32\RMapi.dll [141312 2016-07-16] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1312768 2016-09-28] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [417792 2016-07-16] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation)
S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [590848 2016-07-16] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [4136448 2016-07-16] (Microsoft Corporation)
R3 StateRepository; C:\Windows\SysWOW64\windows.staterepository.dll [3369984 2016-07-16] (Microsoft Corporation)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [287744 2016-07-16] (Microsoft Corporation)
R2 tiledatamodelsvc; C:\Windows\system32\tileobjserver.dll [574976 2016-07-16] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [95232 2016-09-28] (Microsoft Corporation)
R2 UserManager; C:\Windows\System32\usermgr.dll [1020928 2016-07-16] (Microsoft Corporation)
R3 UsoSvc; C:\Windows\system32\usocore.dll [539136 2016-09-28] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [349696 2016-07-16] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\icsvc.dll [305152 2016-07-16] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2016-07-16] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [83456 2016-09-28] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [568832 2016-09-28] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [436224 2016-07-16] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [614912 2016-07-16] (Microsoft Corporation)
R2 WpnService; C:\Windows\system32\WpnService.dll [234496 2016-07-16] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [1014784 2016-09-28] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1159680 2016-07-16] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1025536 2016-07-16] (Microsoft Corporation)

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2014-11-21] (AVM Berlin)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533856 2016-07-16] (QLogic Corporation)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2016-07-16] (Windows (R) Win 7 DDK provider)
S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [38912 2016-07-16] (Microsoft Corporation)
S3 CapImg; C:\Windows\System32\drivers\capimg.sys [117248 2016-07-16] (Microsoft Corporation)
S2 CDPUserSvc; No ImagePath
R2 CDPUserSvc_9add761; No ImagePath
S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [346976 2016-07-16] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104160 2016-07-16] (Chelsio Communications)
R2 clreg; C:\Windows\System32\drivers\registry.sys [70144 2016-07-16] (Microsoft Corporation)
S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [38752 2016-07-16] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys [39936 2016-07-16] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3418976 2016-07-16] (QLogic Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [88576 2016-07-16] (Microsoft Corporation)
S3 fwlanusb5_nv2; C:\Windows\system32\DRIVERS\fwlanusb5_nv2.sys [1322824 2014-11-21] (AVM GmbH)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20480 2016-07-16] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2016-07-16] (Microsoft Corporation)
S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [50016 2016-07-16] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [73568 2016-09-28] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2016-07-16] (Intel(R) Corporation)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [81408 2016-07-16] (Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [176384 2016-07-16] (Intel Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [526176 2016-07-16] (Mellanox)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [45920 2016-07-16] (Microsoft Corporation)
S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [105824 2016-07-16] (LSI Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [101216 2016-07-16] (Avago Technologies)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [59744 2016-07-16] (Avago Technologies)
S3 MessagingService; No ImagePath
S3 MessagingService_9add761; No ImagePath
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [842584 2016-07-16] (Mellanox)
R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [48128 2016-07-16] (Microsoft Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175616 2016-09-28] (Microsoft Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [108896 2016-07-16] (Mellanox)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2224128 2016-07-16] (MediaTek Inc.)
S2 OneSyncSvc; No ImagePath
R2 OneSyncSvc_9add761; No ImagePath
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58720 2016-07-16] (Avago Technologies)
S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [61792 2016-07-16] (Avago Technologies)
S3 PimIndexMaintenanceSvc; No ImagePath
R3 PimIndexMaintenanceSvc_9add761; No ImagePath
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [928608 2016-07-16] (Microsoft Corporation)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [88416 2016-07-16] (Microsoft Corporation)
S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [123904 2016-07-16] (Microsoft Corporation)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [78336 2016-07-16] (Microsoft Corporation)
S0 storufs; C:\Windows\System32\drivers\storufs.sys [32096 2016-07-16] (Microsoft Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [95744 2016-07-16] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [50688 2016-07-16] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45568 2016-07-16] (Microsoft Corporation)
S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [263008 2016-07-16] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [96608 2016-07-16] (Microsoft Corporation)
S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [137056 2016-07-16] (Microsoft Corporation)
S3 UnistoreSvc; No ImagePath
R3 UnistoreSvc_9add761; No ImagePath
S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [28512 2016-07-16] (Microsoft Corporation)
S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [57696 2016-07-16] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [27488 2016-07-16] (Microsoft Corporation)
S3 UserDataSvc; No ImagePath
R3 UserDataSvc_9add761; No ImagePath
S3 vhf; C:\Windows\System32\drivers\vhf.sys [32256 2016-07-16] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16224 2016-07-16] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [119648 2016-07-16] (Microsoft Corporation)
R2 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [66560 2016-07-16] (Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [719360 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [107032 2016-07-16] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2016-07-16] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [32096 2016-07-16] (Mellanox)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [64864 2016-07-16] (Mellanox)
S3 WpnUserService; No ImagePath
S3 WpnUserService_9add761; No ImagePath
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [258560 2016-07-16] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [43520 2016-09-28] (Microsoft Corporation)
U3 idsvc; No ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: XblGameSave -> C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
NETSVC: UserManager -> C:\Windows\System32\usermgr.dll (Microsoft Corporation)
NETSVC: DmEnrollmentSvc -> C:\Windows\system32\Windows.Internal.Management.dll (Microsoft Corporation)
NETSVC: dmwappushservice -> C:\Windows\system32\dmwappushsvc.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)
NETSVC: XboxNetApiSvc -> C:\Windows\system32\XboxNetApiSvc.dll (Microsoft Corporation)
NETSVC: DcpSvc -> C:\Windows\system32\dcpsvc.dll (Microsoft Corporation)
NETSVC: RetailDemo -> C:\Windows\system32\RDXService.dll (Microsoft Corporation)
NETSVC: NetSetupSvc -> C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
NETSVC: dosvc -> No ServiceDLL Path.
NETSVC: XblAuthManager -> C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
NETSVC: UsoSvc -> C:\Windows\system32\usocore.dll (Microsoft Corporation)
NETSVCx32: NetSetupSvc -> C:\Windows\SysWOW64\NetSetupSvc.dll ==> Keine Datei
NETSVCx32: UserManager -> C:\Windows\SysWOW64\usermgr.dll ==> Keine Datei

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-04 15:37 - 2016-10-04 15:38 - 00025202 _____ C:\Users\Julius\Downloads\FRST.txt
2016-10-04 15:37 - 2016-10-04 15:37 - 02169856 _____ (Farbar) C:\Users\Julius\Downloads\FRST64.exe
2016-10-04 15:37 - 2016-10-04 15:37 - 00000000 ____D C:\FRST
2016-10-03 16:04 - 2016-10-03 16:04 - 00000306 __RSH C:\Users\Julius\ntuser.pol
2016-10-02 18:17 - 2016-10-02 19:44 - 00000000 ____D C:\Users\Julius\AppData\Roaming\NotepadPlusPlusApp
2016-10-02 18:17 - 2016-10-02 18:17 - 00008992 _____ C:\WINDOWS\System32\Tasks\Fakthertuverge Controls
2016-10-02 18:17 - 2016-10-02 18:17 - 00002560 _____ C:\Users\Julius\AppData\Local\uninstallro.exe
2016-10-02 18:17 - 2016-10-02 18:17 - 00000306 __RSH C:\ProgramData\ntuser.pol
2016-10-02 18:16 - 2016-10-02 18:20 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Ghasetion
2016-10-02 18:16 - 2016-10-02 18:17 - 00000000 ____D C:\Users\Julius\AppData\Local\Vieent
2016-10-02 18:16 - 2016-10-02 18:16 - 00000000 ____D C:\Program Files (x86)\Kzerlybervush
2016-10-02 18:13 - 2016-10-02 18:13 - 00000000 ____D C:\Users\Julius\AppData\Roaming\WinRAR
2016-10-02 18:12 - 2016-10-02 18:12 - 03953939 _____ C:\Users\Julius\Downloads\Nicht bestätigt 717478.crdownload
2016-10-02 18:12 - 2016-10-02 18:12 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-10-02 18:12 - 2016-10-02 18:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-10-02 18:11 - 2016-10-02 18:12 - 00000000 ____D C:\Program Files\WinRAR
2016-10-02 18:11 - 2016-10-02 18:11 - 02305864 _____ C:\Users\Julius\Downloads\winrar-x64-540d.exe
2016-10-02 18:01 - 2016-10-02 18:01 - 03953939 _____ C:\Users\Julius\Downloads\Sylenth1 2.2.rar
2016-09-28 17:22 - 2016-09-28 16:32 - 00000000 ___DC C:\WINDOWS\Panther
2016-09-28 17:19 - 2016-09-28 17:19 - 00000000 ____D C:\Windows.old
2016-09-28 17:18 - 2016-09-28 17:18 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 22566400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 20965248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-09-28 17:18 - 2016-09-28 17:18 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-09-28 17:18 - 2016-09-28 17:18 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 08156592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 08122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 07813472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 07623680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-28 17:18 - 2016-09-28 17:18 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-28 17:18 - 2016-09-28 17:18 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02630144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02481768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02256224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02217472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02214784 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02183792 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-28 17:18 - 2016-09-28 17:18 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-28 17:18 - 2016-09-28 17:18 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01966288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01905664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01853232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01707512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01430208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-28 17:18 - 2016-09-28 17:18 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01280352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01217880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 01123360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-28 17:18 - 2016-09-28 17:18 - 00996192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-28 17:18 - 2016-09-28 17:18 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00959104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00955520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00885824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00853344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00755656 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00650240 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00552288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00450392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-28 17:18 - 2016-09-28 17:18 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00303968 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-28 17:18 - 2016-09-28 17:18 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-09-28 17:18 - 2016-09-28 17:18 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00133472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AddressParser.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactActivation.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-28 17:18 - 2016-09-28 17:18 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-28 17:18 - 2016-09-28 17:18 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccessRes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-09-28 17:18 - 2016-09-28 17:18 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-09-28 17:18 - 2016-09-28 17:18 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneutilRes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 17187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 07220224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 06653592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 05684736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 03435008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 03116544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-28 17:17 - 2016-09-28 17:17 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 02947072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01491968 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01099616 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-28 17:17 - 2016-09-28 17:17 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00988000 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-28 17:17 - 2016-09-28 17:17 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00959488 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00942432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-28 17:17 - 2016-09-28 17:17 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-28 17:17 - 2016-09-28 17:17 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00773200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00681304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00601200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-28 17:17 - 2016-09-28 17:17 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-28 17:17 - 2016-09-28 17:17 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00461312 _____ (Microsoft) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00405344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-09-28 17:17 - 2016-09-28 17:17 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-28 17:17 - 2016-09-28 17:17 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-28 17:17 - 2016-09-28 17:17 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-09-28 17:17 - 2016-09-28 17:17 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-28 17:17 - 2016-09-28 17:17 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-28 17:17 - 2016-09-28 17:17 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-09-28 17:14 - 2016-07-15 20:29 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-09-28 17:14 - 2016-07-15 20:29 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-09-28 17:14 - 2016-07-15 20:14 - 06354944 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-09-28 17:14 - 2016-07-15 19:45 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2016-09-28 17:14 - 2016-07-15 19:29 - 05489664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2016-09-28 17:13 - 2016-09-28 17:13 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\Program Files\MSBuild
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\inetpub
2016-09-28 17:11 - 2016-09-28 17:11 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-09-28 17:11 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-28 17:11 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-28 17:11 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-28 17:11 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-28 17:11 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-28 17:11 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-28 16:43 - 2016-09-28 16:43 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-28 16:41 - 2016-09-28 16:42 - 00000000 ____D C:\Users\Julius\AppData\Local\ConnectedDevicesPlatform
2016-09-28 16:41 - 2016-09-28 16:41 - 00000020 ___SH C:\Users\Julius\ntuser.ini
2016-09-28 16:33 - 2016-09-28 16:33 - 00000000 ____D C:\ProgramData\USOShared
2016-09-28 16:32 - 2016-09-28 16:32 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-09-28 16:32 - 2016-09-28 16:32 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 __SHD C:\Recovery
2016-09-28 16:31 - 2016-09-29 17:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-28 16:31 - 2016-09-28 22:41 - 00002798 _____ C:\WINDOWS\System32\Tasks\DriverToolkit Autorun
2016-09-28 16:31 - 2016-09-28 16:31 - 00003650 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-28 16:31 - 2016-09-28 16:31 - 00003426 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-28 16:31 - 2016-09-28 16:31 - 00002824 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-09-28 16:31 - 2016-09-28 16:31 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2016-09-28 16:29 - 2016-09-28 16:31 - 00013702 _____ C:\WINDOWS\comsetup.log
2016-09-28 16:29 - 2016-09-28 16:29 - 00002360 _____ C:\WINDOWS\PFRO.log
2016-09-28 16:28 - 2016-09-28 16:28 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-28 16:26 - 2016-09-28 16:28 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-09-28 16:26 - 2016-09-28 16:26 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-09-28 16:26 - 2016-09-28 14:40 - 00024662 _____ C:\WINDOWS\iis_gather.log
2016-09-28 16:25 - 2016-10-03 23:13 - 00000000 ____D C:\Users\Julius
2016-09-28 16:25 - 2016-09-29 17:45 - 01728396 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-28 16:25 - 2016-09-28 16:41 - 00000000 ___RD C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-09-28 16:25 - 2016-09-28 16:25 - 01604148 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Vorlagen
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Startmenü
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Netzwerkumgebung
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Lokale Einstellungen
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Eigene Dateien
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Druckumgebung
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Documents\Eigene Musik
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Documents\Eigene Bilder
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\AppData\Local\Verlauf
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\AppData\Local\Anwendungsdaten
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Anwendungsdaten
2016-09-28 16:25 - 2016-07-16 13:48 - 00000000 ___RD C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-09-28 16:25 - 2016-07-16 13:47 - 00000000 ___RD C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2016-09-28 16:25 - 2016-07-16 13:47 - 00000000 ___RD C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2016-09-28 16:25 - 2016-07-16 13:47 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2016-09-28 16:25 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-09-28 16:24 - 2016-09-28 16:26 - 00029624 _____ C:\WINDOWS\iis.log
2016-09-28 16:24 - 2016-09-28 16:26 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-28 16:24 - 2016-09-28 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-09-28 16:24 - 2016-09-28 16:24 - 00062133 _____ C:\WINDOWS\SysWOW64\CCCInstall_201609281624265330.log
2016-09-28 16:24 - 2016-09-28 16:24 - 00000000 ____D C:\Program Files\ATI Technologies
2016-09-28 16:24 - 2016-09-28 16:24 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-09-28 16:23 - 2016-09-28 16:32 - 00015966 _____ C:\WINDOWS\setupact.log
2016-09-28 16:23 - 2016-09-28 16:23 - 00000156 _____ C:\WINDOWS\setuperr.log
2016-09-28 16:23 - 2016-09-28 16:23 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-09-28 16:23 - 2016-09-28 16:23 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-09-28 16:23 - 2016-09-28 16:23 - 00000000 ____D C:\Program Files\AMD
2016-09-28 16:23 - 2016-09-28 16:23 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2016-09-28 16:22 - 2016-10-03 19:44 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-28 16:22 - 2016-09-28 16:29 - 00194296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-28 16:22 - 2016-09-28 16:22 - 00029998 _____ C:\WINDOWS\system32\NetSetupMig.log
2016-09-27 18:50 - 2016-09-27 18:50 - 00000000 ____D C:\SoundBanks
2016-09-27 18:50 - 2016-09-27 18:50 - 00000000 ____D C:\Skins
2016-09-27 18:50 - 2016-09-27 18:50 - 00000000 ____D C:\Presets
2016-09-25 21:53 - 2016-09-28 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
2016-09-25 21:53 - 2016-09-25 21:53 - 00000000 ____D C:\Program Files\Steinberg
2016-09-25 21:51 - 2016-09-25 21:51 - 00000000 ____D C:\Program Files\LennarDigital
2016-09-25 21:49 - 2016-09-25 21:49 - 16724230 _____ C:\Users\Julius\Downloads\Sylenth1DemoWin.zip
2016-09-25 21:46 - 2016-09-25 21:46 - 00006409 _____ C:\Users\Julius\Downloads\FLRegkey.Reg

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-04 15:30 - 2016-06-12 23:35 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2016-10-03 23:13 - 2016-08-22 22:15 - 00000380 _____ C:\WINDOWS\Tasks\DriverToolkit Autorun.job
2016-10-03 23:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\sru
2016-10-03 22:32 - 2016-06-13 18:10 - 00000000 ____D C:\Users\Julius\AppData\Local\Spotify
2016-10-03 21:46 - 2016-06-13 18:08 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Spotify
2016-10-02 18:17 - 2009-07-14 05:20 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-10-02 17:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-01 16:44 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-09-30 14:34 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-29 17:45 - 2016-07-17 00:51 - 00593682 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-29 17:45 - 2016-07-17 00:51 - 00126644 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-29 17:39 - 2016-07-16 08:04 - 02621440 _____ C:\WINDOWS\system32\config\BBI
2016-09-29 11:49 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-09-28 17:22 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\uk-UA
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\th-TH
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-RS
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\sl-SI
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\sk-SK
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\ro-RO
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\hr-HR
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\he-IL
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\fr-CA
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\bg-BG
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\ar-SA
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-28 17:19 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-28 17:19 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-28 17:14 - 2016-07-17 00:52 - 00000000 ____D C:\WINDOWS\OCR
2016-09-28 17:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-28 17:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-09-28 17:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-28 17:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-09-28 17:12 - 2016-07-16 13:44 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2016-09-28 17:12 - 2016-07-16 13:44 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2016-09-28 17:12 - 2016-07-16 13:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2016-09-28 17:12 - 2016-07-16 13:44 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2016-09-28 17:12 - 2016-07-16 13:44 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2016-09-28 17:12 - 2016-07-16 13:44 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2016-09-28 17:12 - 2016-07-16 13:43 - 01414144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-09-28 17:12 - 2016-07-16 13:43 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-09-28 17:12 - 2016-07-16 13:43 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-09-28 17:12 - 2016-07-16 13:43 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-09-28 17:12 - 2016-07-16 13:43 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-09-28 17:12 - 2016-07-16 13:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-09-28 17:12 - 2016-07-16 13:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-09-28 17:12 - 2016-07-16 13:43 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-09-28 17:12 - 2016-07-16 13:43 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-09-28 16:58 - 2016-06-14 16:47 - 00000000 ____D C:\Users\Julius\AppData\Local\Packages
2016-09-28 16:44 - 2016-06-16 12:44 - 00002425 _____ C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
         

Alt 04.10.2016, 14:59   #5
Juro346
 
trojan dropper:win32/bunt - Standard

trojan dropper:win32/bunt



Code:
ATTFilter
2016-09-28 16:44 - 2016-06-16 12:44 - 00000000 ___RD C:\Users\Julius\OneDrive
2016-09-28 16:33 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-09-28 16:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-09-28 16:32 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-09-28 16:32 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-09-28 16:32 - 2016-07-16 08:04 - 00000000 __RHD C:\Users\Default
2016-09-28 16:31 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-09-28 16:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-09-28 16:30 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media
2016-09-28 16:30 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-28 16:30 - 2016-06-14 16:26 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-09-28 16:28 - 2016-08-24 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
2016-09-28 16:28 - 2016-08-22 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
2016-09-28 16:28 - 2016-08-09 21:34 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2016-09-28 16:28 - 2016-08-09 21:29 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2016-09-28 16:28 - 2016-07-16 13:49 - 00004176 _____ C:\WINDOWS\DtcInstall.log
2016-09-28 16:28 - 2016-07-16 13:47 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-09-28 16:28 - 2016-07-16 13:47 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-09-28 16:28 - 2016-07-16 13:47 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2016-09-28 16:28 - 2016-07-16 13:47 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2016-09-28 16:28 - 2016-07-16 13:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-09-28 16:28 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-09-28 16:28 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2016-09-28 16:27 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-09-28 16:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-09-28 16:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-28 16:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-09-28 16:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-28 16:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\IME
2016-09-28 16:26 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-09-28 16:26 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-09-28 16:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Recovery
2016-09-28 16:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\System
2016-09-28 16:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\schemas
2016-09-28 16:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-09-28 16:26 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-28 16:26 - 2016-07-10 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2016-09-28 16:26 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Microsoft Games
2016-09-28 16:24 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-28 16:24 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-09-28 16:24 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-28 16:24 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-09-28 16:23 - 2016-06-14 16:21 - 00000000 ____D C:\AMD
2016-09-28 14:37 - 2016-07-17 01:55 - 00000000 ___HD C:\$WINDOWS.~BT
2016-09-28 14:28 - 2016-06-13 17:04 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-28 13:28 - 2016-06-13 17:04 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-26 19:20 - 2016-08-21 16:29 - 00125059 _____ C:\WINDOWS\avmfwlanci.log
2016-09-24 17:45 - 2016-08-01 14:11 - 00000000 ____D C:\Users\Julius\Desktop\iu7zgföä
2016-09-17 12:29 - 2016-06-13 17:06 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-17 12:29 - 2016-06-13 17:06 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-14 11:39 - 2016-06-13 10:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-14 11:35 - 2016-06-13 10:00 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-07 18:32 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 18:32 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-10-02 18:17 - 2016-10-02 18:17 - 0002560 _____ () C:\Users\Julius\AppData\Local\uninstallro.exe

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Julius\FL Studio VSTi (Multi).dll
C:\Users\Julius\FL Studio VSTi.dll


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-28 16:22

==================== Ende von log ============================
         
Addition-Editor
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-07-2015
durchgeführt von Julius (2016-10-04 15:39:10)
Gestartet von C:\Users\Julius\Downloads
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-645722510-4007608099-3805512291-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-645722510-4007608099-3805512291-503 - Limited - Disabled)
Gast (S-1-5-21-645722510-4007608099-3805512291-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-645722510-4007608099-3805512291-1002 - Limited - Enabled)
Julius (S-1-5-21-645722510-4007608099-3805512291-1001 - Administrator - Enabled) => C:\Users\Julius

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version:  - Skybox Labs)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 06.20.00 - AVM Berlin)
DriverToolkit version 8.5.0.0 (HKLM-x32\...\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1) (Version: 8.5.0.0 - Megaify Software)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Spotify (HKU\S-1-5-21-645722510-4007608099-3805512291-1001\...\Spotify) (Version: 1.0.38.171.g5e1cd7b2 - Spotify AB)
Sylenth1 Demo v3.026 (HKLM\...\Sylenth1v3_is1) (Version:  - )
Windows-Treiberpaket - Ralink (netr28ux) Net  (01/20/2010 3.00.11.0000) (HKLM\...\44D0E75D0F17B16C080D9EB1151844CB5929D67F) (Version: 01/20/2010 3.00.11.0000 - Ralink)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-645722510-4007608099-3805512291-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-645722510-4007608099-3805512291-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-645722510-4007608099-3805512291-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-645722510-4007608099-3805512291-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-645722510-4007608099-3805512291-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-645722510-4007608099-3805512291-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-645722510-4007608099-3805512291-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-645722510-4007608099-3805512291-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-645722510-4007608099-3805512291-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-645722510-4007608099-3805512291-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-645722510-4007608099-3805512291-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-645722510-4007608099-3805512291-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

ATTENTION: Systemwiederherstellung ist deaktiviert

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {002E612E-385D-4E40-8F13-204610C5F922} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2016-07-16] (Microsoft Corporation)
Task: {014833AD-91B1-4001-B63A-A4F945E2BDFB} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2016-07-16] (Microsoft Corporation)
Task: {037B4F73-6E94-4A49-86C9-0E49FAA942F6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime No Task File <==== ATTENTION
Task: {03896D04-23AB-4F74-A27D-B1B71EE41E2C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2016-07-16] (Microsoft Corporation)
Task: {06BB1EBB-0053-418A-AD00-B8F42B3DF200} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation
Task: {0C2F1C93-059D-4D1C-817A-4E9FE0CC44FB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {1046A648-3CA4-4DE3-9B4E-FEC045442AA5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {11EF8237-224D-4CF9-9039-61D08754EA5D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-09-28] (Microsoft Corporation)
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {172F940E-13E6-4467-86BE-554DCDDBAB87} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-13] (Google Inc.)
Task: {184784E2-6ACB-4154-BD0F-A955BE13F177} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {18D42855-914E-40C7-ACA4-0A5D842BE027} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2016-07-16] (Microsoft Corporation)
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {228339E4-3B99-4864-9C09-845335192CF2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION
Task: {2410276A-AC66-4BC8-81DE-59EEA5BA7D65} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2016-09-28] (Microsoft Corporation)
Task: {27289761-9B5B-4B81-9B39-98F208E7AAF4} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {3389204E-CD80-4BD5-B144-9DE18A8B65F3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {33967F1F-606F-440E-8503-630278A85455} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2016-07-16] (Microsoft Corporation)
Task: {33E70FA6-955B-4A5E-8597-CE2D40686E91} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {34826D50-0B05-4366-8E1D-5FEBDE510615} - System32\Tasks\Microsoft\Windows\NlaSvc\WiFiTask => C:\Windows\System32\WiFiTask.exe [2016-09-28] (Microsoft Corporation)
Task: {35A41E3D-CFF5-4BAA-97C7-2C61FE6BAD5B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2016-07-16] (Microsoft Corporation)
Task: {393BAFBA-0FA2-444A-B1C5-25FD4160225A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION
Task: {3FAAF78C-F4FF-4079-9B5F-877CA71112EA} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {417E3654-607E-4360-BBCE-D0721D917354} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe [2015-07-01] (Megaify Software Co., Ltd.)
Task: {43DF67E8-D733-48FA-98F2-4E6D341E4A79} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattelrunner.exe [2016-09-28] (Microsoft Corporation)
Task: {4DE96D1E-A1EB-47F1-86A0-01A13CA8D75D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff
Task: {55648B7A-C5C8-4898-A83D-CB95AF2C0F55} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\Windows\system32\spaceman.exe [2016-07-16] (Microsoft Corporation)
Task: {5654DFBB-E797-4758-B9A0-8BAE94A91F1D} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\Windows\System32\dusmtask.exe [2016-07-16] (Microsoft Corporation)
Task: {5A0986BC-560A-4D24-81E3-FAFD260EE3E5} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2016-09-28] (Microsoft Corporation)
Task: {5AEDFF02-1493-491A-8B77-88FA8F5E9F04} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent
Task: {5BE91AA6-4313-4E4B-9C09-33DBE53D8152} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {5FAAF530-ED1B-4F7B-AD7B-1694AA0B202B} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask
Task: {6232090F-3BD0-4E1F-960B-78CBA797F685} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {635A185A-88AD-4B41-9344-B07C284A75E9} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2016-07-16] (Microsoft Corporation)
Task: {63AFBA0E-CC0B-45B3-B4B8-F34E81F49AB0} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {672202B3-6BBC-430F-A89A-7B511174B938} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime No Task File <==== ATTENTION
Task: {6AFCFE4D-B65D-4288-A48C-94BDEDEB28C7} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {6B1AE720-1359-4B9E-9C0F-60167361EF01} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {6D1C0035-5CAD-4340-A533-D63C9853BCC9} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization
Task: {6D4DFD1D-909C-45F7-9379-D239E1C63F8D} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange
Task: {6E07D3C4-DF11-4E24-B0B0-BC0844DA0226} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload => C:\Windows\system32\dmclient.exe [2016-07-16] (Microsoft Corporation)
Task: {6E25BF3E-228D-4FFA-8D97-DCDFF17AF9BC} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6E8AE752-C5D2-4B34-B351-338B4370A342} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {7AC5E1E2-2FD3-40CD-8842-88CE53A3609C} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {7E7280E4-311A-4CE7-A53D-6F8B9219821E} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2016-07-16] (Microsoft Corporation)
Task: {7FDA2E6C-1017-4105-A244-43C22E117F87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-13] (Google Inc.)
Task: {88E79EA8-476F-4682-AA64-247AC1763213} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION
Task: {89F888E6-0FFF-48C3-98FF-0F41F6219F96} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\Windows\system32\usoclient.exe [2016-07-16] (Microsoft Corporation)
Task: {8D791FAA-0257-4EBC-A6DD-74E842528806} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange
Task: {8FAFFE32-0C9D-4A64-A9D7-A15ABD1E680C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {9093EF7B-83FE-4C32-A6D7-EEFC040689A0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings => C:\Windows\system32\usoclient.exe [2016-07-16] (Microsoft Corporation)
Task: {93BCA715-4DF2-4C17-9600-BB648A67FB88} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate
Task: {9421FFF0-CD24-4F40-B591-01BDB9181D11} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {96039B2C-0D06-4109-85BA-F664330218D7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\Windows\system32\usoclient.exe [2016-07-16] (Microsoft Corporation)
Task: {960B9C5F-029D-49D5-B985-40AAA2795B98} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {96FBB1D0-D278-46AD-8361-023AB7B9B974} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {9851188E-AC07-4F36-BA28-6D00BB2C9C46} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2016-09-28] (Microsoft Corporation)
Task: {A46DE6F9-3C51-4EC9-81B7-555336A9192C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {A8EAB3E0-2EB0-4E97-9F61-C564CAAB99A0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {A9E097E4-2314-41D6-813A-2B260382CB4E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {AA8F6B16-32FE-4B91-BF8A-4437783EAE5F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {AA9415D4-2A2D-43AA-99FA-0952FEE4AD70} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2016-07-16] (Microsoft Corporation)
Task: {AC180D7C-CC27-4E37-B332-5CC8AD9979D4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {ACBD7FB1-A692-4B46-80B5-C0C115621F26} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask
Task: {ADBC423D-99EB-4510-AC43-9608E0B90489} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2016-09-28] (Microsoft Corporation)
Task: {B19D696C-B36F-42B9-9DEE-DCB6503AF293} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION
Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6
Task: {B6EE76B2-4F82-4E15-9345-C867A29CBAD0} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2016-09-28] (Microsoft Corporation)
Task: {B99E0356-708C-4161-8693-F06794F8129D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask
Task: {BDDEF317-2692-422F-AEA2-FFD67DC7CEA3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice
Task: {BFCB2200-E59D-47F7-9D21-B3E1E9C7D19C} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\Windows\system32\ProvTool.exe [2016-09-28] (Microsoft Corporation)
Task: {C125018F-0B81-4B64-B7DC-0E01220E5D0E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange
Task: {C3D41B36-DA45-4F09-9701-474496574735} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {C54BA01F-4A55-4F25-84C4-F441FF067C02} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2016-07-16] (Microsoft Corporation)
Task: {C6721620-E946-44B0-B279-4E6BEBB3F3B9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1
Task: {C988B5B1-C8B4-43C1-95A9-D11DF6252E22} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {CC636E49-0109-402B-A40B-A37C29069A95} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {CD19BC8A-E9FE-49ED-92A5-0E1194F69F00} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {CFAF368C-FD41-43C0-A230-AE70D76F6883} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync
Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork
Task: {D226C671-4BCA-4B18-B914-5B4EBDB8737F} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update
Task: {D394BE25-2E16-45D4-AAB2-3E8861A09351} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {D3C4106A-D511-42C6-9716-465644534C87} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)
Task: {D941F53F-7907-4FBE-B1E7-69EBD5B3A5D8} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {DAAA7567-895C-4480-8092-7ACEA31BD131} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {DAB886E6-0C52-4861-A3AB-25013B4EBE96} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask
Task: {DBC49B44-659C-4396-A983-648CECC0A813} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2016-07-16] (Microsoft Corporation)
Task: {DDAECFC0-67E3-4062-BF25-CD685F73B394} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck
Task: {E02DA91B-E205-47B3-83E1-508F8736CF29} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {E4276D3F-2A90-41AD-8A36-2B50F0B8EC0A} - \Microsoft\Windows\Setup\gwx\rundetector No Task File <==== ATTENTION
Task: {E4F72EEE-1F0B-4D24-9BDA-A7F5FE09DBD2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2016-09-28] (Microsoft Corporation)
Task: {E63E015C-0945-42F6-A156-6E03FDF565F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION
Task: {E7B04252-97CA-42C6-9920-F58B76B2C3E1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24
Task: {EA9BAA00-6604-4A27-8A73-AFA65F0EE1B3} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {ECEDC57D-8965-4EB1-BD6F-84791D928E23} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)
Task: {EE74E7C4-CD5A-4890-9C38-2D97C9F3CAF1} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation
Task: {EEA11AE2-2E36-401A-85A1-FBB532C73088} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate
Task: {EF4ECAC9-02AA-4461-9247-AD0F6D7DA945} - System32\Tasks\Fakthertuverge Controls => C:\Program Files (x86)\Kzerlybervush\mple.exe [2016-10-02] (Glarysoft Ltd)
Task: {F200B6AE-7AD3-4DF7-B3EB-F1356CA5D011} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe [2016-09-28] (Microsoft Corporation)
Task: {FA47DB48-2518-46F4-8E0F-550CB600F416} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-26] (Microsoft Corporation)
Task: {FC2DC14F-4ECD-41DF-8E8F-9F7B941E9F6D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => 0x000A010021A5B7CE7FADED48A49089FA1F7C2E864600D400000000003C000A00200000000014730F000000000513040020200401000000000000000000000000000000000000180043003A005C00570049004E0044004F00570053005C006500780070006C006F007200650072002E0065007800650000000C002F004E004F0055004100430043004800450043004B000000000018004500780070006C006F007200650072005300680065006C006C0055006E0065006C00650076006100740065006400000000000000080003130400000000000000
Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => 0x000A010034372C56B119524F9AC0A386DC32406F46004A01000000003C000A00200000000014730F040001400013040000208001E007090003001C000C0003002600E6010000370043003A005C00500072006F006700720061006D002000460069006C00650073002000280078003800360029005C0044007200690076006500720054006F006F006C006B00690074005C0044007200690076006500720054006F006F006C006B00690074002E0065007800650000000A002D002D006100750074006F00720075006E000000000011004A0075006C006900750073002D00500043005C004A0075006C00690075007300000025005300740061007200740075007000200044007200690076006500720054006F006F006C006B006900740020004100750074006F006D00610074006900630061006C006C0079002E000000000008000000000000000000010030000000CF07010001000000000000000000000000000000000000000000000007000000010000000000000000000000
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-02-15 21:01 - 2016-02-15 21:01 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-28 16:43 - 2016-09-28 16:43 - 01864384 _____ () C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-28 17:17 - 2016-09-28 17:18 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-09-28 17:17 - 2016-09-28 17:18 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-09-28 17:17 - 2016-09-28 17:18 - 35250688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-06-26 12:31 - 2016-08-03 16:43 - 00174872 _____ () C:\Users\Julius\Desktop\teamspeak\quazip.dll
2016-06-26 12:31 - 2016-08-03 16:43 - 00103192 _____ () C:\Users\Julius\Desktop\teamspeak\soundbackends\directsound_win64.dll
2016-06-26 12:31 - 2016-08-03 16:43 - 00107800 _____ () C:\Users\Julius\Desktop\teamspeak\soundbackends\windowsaudiosession_win64.dll
2016-06-26 12:31 - 2016-08-03 16:43 - 00312088 _____ () C:\Users\Julius\Desktop\teamspeak\plugins\clientquery_plugin.dll
2016-06-26 12:31 - 2016-08-03 16:43 - 00485656 _____ () C:\Users\Julius\Desktop\teamspeak\plugins\teamspeak_control_plugin.dll
2016-09-17 12:29 - 2016-09-14 04:52 - 02280264 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-17 12:29 - 2016-09-14 04:52 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll
2016-10-02 18:16 - 2016-10-02 18:16 - 00276992 _____ () c:\program files (x86)\kzerlybervush\procaentvlotcollector.dll
2016-08-22 21:11 - 2014-02-17 19:13 - 00092984 _____ () C:\Program Files (x86)\DriverToolkit\zlibwapi.dll
2016-09-28 16:43 - 2016-09-28 16:43 - 01383616 _____ () C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-09-28 16:43 - 2016-09-28 16:43 - 00118976 _____ () C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Program Files\ATI Technologies:Win32App_1
AlternateDataStreams: C:\Program Files\WinRAR:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\ATI Technologies:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\DriverToolkit:Win32App_1

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-645722510-4007608099-3805512291-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Julius\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{86255fbd-1d87-4c91-8140-f5ed6488cfd1}.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-645722510-4007608099-3805512291-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{EE6FFF15-9CC6-4785-BFA9-15C81DCE701E}] => (Allow) D:\steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{560658C8-F721-439B-8884-7886F3399964}] => (Allow) D:\steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{01C78E78-220B-4056-9681-0BF566D6529C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FDC02179-243F-4229-8705-F106E434BA4D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{459A6F27-4383-46AD-A8CC-5276092BCA95}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{95E50E49-AF14-4837-92B0-20F7D90E6DCF}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{53409D46-5CEE-4E26-8B38-687019B3000C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{2F9ED04C-D4C2-4FA5-92B9-1FC1E5B0AB67}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{B1955676-CAAA-45C3-85E9-D577163C9D42}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [UDP Query User{1772F8B6-F868-4026-9A65-A4714A33870B}D:\gta5.exe] => (Allow) D:\gta5.exe
FirewallRules: [TCP Query User{F4445EBA-9779-4B0D-99C4-6447CDEAAE5F}D:\gta5.exe] => (Allow) D:\gta5.exe
FirewallRules: [{2D75605E-54EE-4F34-B81F-70446C212C55}] => (Allow) D:\steam\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{C0AD95F8-F9CB-4F6E-8EAC-BBBA0DF69D1C}] => (Allow) D:\steam\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{A1863633-39A1-4490-B34A-8BAB64395356}] => (Allow) D:\steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{72E80D19-A441-4888-80D6-62CC0FF8B5F3}] => (Allow) D:\steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{9D495E89-80E0-4961-BC69-E8C4BBE77B9E}] => (Allow) D:\steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{1065D040-D23E-4860-A24D-62E040A3E0C4}] => (Allow) D:\steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{F3C84D8A-62FF-4A67-8518-4BBF893E9FF6}] => (Allow) D:\steam\steamapps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{70D9D2ED-746F-441E-8581-F4EAE7910B6B}] => (Allow) D:\steam\steamapps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{0C330423-6A8B-4610-B356-430A9FEEB9A4}] => (Allow) D:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CE327D22-BFA4-48AE-8C00-E10DC13D4905}] => (Allow) D:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{149A73B5-20C6-4A90-BB42-F2933AE3A9C1}] => (Allow) D:\steam\bin\steamwebhelper.exe
FirewallRules: [{65B74624-9B57-4843-BB07-38C6EC9AD05E}] => (Allow) D:\steam\bin\steamwebhelper.exe
FirewallRules: [{B84DC422-E904-4BC7-A4F9-B515087CADED}] => (Allow) D:\steam\Steam.exe
FirewallRules: [{B7023AE1-F1B1-4B1A-A307-91E5B5256112}] => (Allow) D:\steam\Steam.exe
FirewallRules: [UDP Query User{6B3F0347-BF65-43B1-9BFA-F3DDA50389A9}C:\users\julius\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julius\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{26324FFB-E34C-4518-96BF-2092A38B655F}C:\users\julius\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julius\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{3C2E6339-99C1-4AF6-9173-EF45484D83A5}C:\users\julius\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julius\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{93735795-7091-4A05-920F-05A7368FFCBD}C:\users\julius\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julius\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9589E184-B98E-4ECF-827B-C2A751070A3F}] => (Allow) C:\WINDOWS\system32\rundll32.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: XPS MiniView
Description: XPS MiniView
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/02/2016 06:21:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x10e8
Startzeit der fehlerhaften Anwendung: 0xmicrosoftedgecp.exe0
Pfad der fehlerhaften Anwendung: microsoftedgecp.exe1
Pfad des fehlerhaften Moduls: microsoftedgecp.exe2
Berichtskennung: microsoftedgecp.exe3
Vollständiger Name des fehlerhaften Pakets: microsoftedgecp.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoftedgecp.exe5

Error: (10/02/2016 06:21:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x10e8
Startzeit der fehlerhaften Anwendung: 0xmicrosoftedgecp.exe0
Pfad der fehlerhaften Anwendung: microsoftedgecp.exe1
Pfad des fehlerhaften Moduls: microsoftedgecp.exe2
Berichtskennung: microsoftedgecp.exe3
Vollständiger Name des fehlerhaften Pakets: microsoftedgecp.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoftedgecp.exe5

Error: (10/02/2016 01:37:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/02/2016 01:37:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/30/2016 08:47:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: Bei der Aktivierung der App „Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/30/2016 02:36:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/29/2016 11:47:05 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.


Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (09/28/2016 05:28:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/28/2016 05:23:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/28/2016 05:18:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (10/04/2016 03:30:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/04/2016 03:30:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/04/2016 03:30:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/03/2016 04:04:54 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/03/2016 04:04:54 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/03/2016 04:04:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/02/2016 06:21:40 PM) (Source: DCOM) (EventID: 10016) (User: JULIUS-PC)
Description: AnwendungsspezifischLokalAktivierung{9E175B6D-F52A-11D8-B9A5-505054503030}{9E175B9C-F52A-11D8-B9A5-505054503030}Julius-PCJuliusS-1-5-21-645722510-4007608099-3805512291-1001LocalHost (unter Verwendung von LRPC)Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbweS-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194

Error: (10/02/2016 06:17:02 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "Coerlasy" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (10/02/2016 05:32:28 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/02/2016 05:32:28 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office:
=========================
Error: (10/02/2016 06:21:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: microsoftedgecp.exe11.0.14393.8257a55786unknown0.0.0.000000000c0000604000000000000000010e801d21cc90ece1a83C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exeunknownf1ce499e-832f-4742-a7a8-7707bcc4741dMicrosoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbweMicrosoftEdge

Error: (10/02/2016 06:21:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: microsoftedgecp.exe11.0.14393.8257a55786unknown0.0.0.000000000c0000604000000000000000010e801d21cc90ece1a83C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exeunknown98474a72-a19e-4801-ada6-8d81e648c1c6Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbweMicrosoftEdge

Error: (10/02/2016 01:37:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App-2144927141

Error: (10/02/2016 01:37:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (09/30/2016 08:47:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen-2144927142

Error: (09/30/2016 02:36:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: Microsoft.WindowsMaps_8wekyb3d8bbwe!App-2144927148

Error: (09/29/2016 11:47:05 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: 
Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (09/28/2016 05:28:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: Microsoft.WindowsMaps_8wekyb3d8bbwe!App-2144927148

Error: (09/28/2016 05:23:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: Microsoft.WindowsMaps_8wekyb3d8bbwe!App-2144927148

Error: (09/28/2016 05:18:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: Microsoft.WindowsMaps_8wekyb3d8bbwe!App-2144927148


==================== Speicherinformationen =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Percentage of memory in use: 25%
Total physical RAM: 8125.94 MB
Available physical RAM: 6067.84 MB
Total Virtual: 16317.94 MB
Available Virtual: 14012.94 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.81 GB) (Free:63.02 GB) NTFS
Drive d: (Daten) (Fixed) (Total:465.76 GB) (Free:274.16 GB) NTFS
Drive e: (techno mix) (CDROM) (Total:4.37 GB) (Free:3.92 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 3C58B301)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 3D84F66C)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von log ============================
         


Alt 04.10.2016, 17:35   #6
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
trojan dropper:win32/bunt - Standard

trojan dropper:win32/bunt



Hi,

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> trojan dropper:win32/bunt

Alt 05.10.2016, 15:45   #7
Juro346
 
trojan dropper:win32/bunt - Standard

trojan dropper:win32/bunt



ich hoffe dass ist das Richtige:

Code:
ATTFilter
16:43:10.0547 0x272c  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
16:43:17.0357 0x272c  ============================================================
16:43:17.0357 0x272c  Current date / time: 2016/10/05 16:43:17.0357
16:43:17.0357 0x272c  SystemInfo:
16:43:17.0357 0x272c  
16:43:17.0357 0x272c  OS Version: 10.0.14393 ServicePack: 0.0
16:43:17.0357 0x272c  Product type: Workstation
16:43:17.0357 0x272c  ComputerName: JULIUS-PC
16:43:17.0358 0x272c  UserName: Julius
16:43:17.0358 0x272c  Windows directory: C:\WINDOWS
16:43:17.0358 0x272c  System windows directory: C:\WINDOWS
16:43:17.0358 0x272c  Running under WOW64
16:43:17.0358 0x272c  Processor architecture: Intel x64
16:43:17.0358 0x272c  Number of processors: 4
16:43:17.0358 0x272c  Page size: 0x1000
16:43:17.0358 0x272c  Boot type: Normal boot
16:43:17.0358 0x272c  CodeIntegrityOptions = 0x00000001
16:43:17.0358 0x272c  ============================================================
16:43:17.0417 0x272c  KLMD registered as C:\WINDOWS\system32\drivers\75971823.sys
16:43:17.0417 0x272c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.187, osProperties = 0x19
16:43:17.0488 0x272c  System UUID: {39186A2B-A2CF-AD98-9E7B-8E54B2EC98A2}
16:43:17.0840 0x272c  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:43:17.0858 0x272c  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:43:17.0927 0x272c  ============================================================
16:43:17.0927 0x272c  \Device\Harddisk0\DR0:
16:43:17.0928 0x272c  MBR partitions:
16:43:17.0928 0x272c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:43:17.0928 0x272c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDD9F800
16:43:17.0928 0x272c  \Device\Harddisk1\DR1:
16:43:17.0928 0x272c  MBR partitions:
16:43:17.0928 0x272c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
16:43:17.0928 0x272c  ============================================================
16:43:17.0929 0x272c  C: <-> \Device\Harddisk0\DR0\Partition2
16:43:17.0950 0x272c  D: <-> \Device\Harddisk1\DR1\Partition1
16:43:17.0950 0x272c  ============================================================
16:43:17.0950 0x272c  Initialize success
16:43:17.0950 0x272c  ============================================================
16:44:05.0056 0x1668  ============================================================
16:44:05.0056 0x1668  Scan started
16:44:05.0056 0x1668  Mode: Manual; 
16:44:05.0056 0x1668  ============================================================
16:44:05.0056 0x1668  KSN ping started
16:44:05.0773 0x1668  KSN ping finished: true
16:44:06.0532 0x1668  ================ Scan system memory ========================
16:44:06.0532 0x1668  System memory - ok
16:44:06.0533 0x1668  ================ Scan services =============================
16:44:06.0612 0x1668  1394ohci - ok
16:44:06.0619 0x1668  3ware - ok
16:44:06.0627 0x1668  ACPI - ok
16:44:06.0635 0x1668  AcpiDev - ok
16:44:06.0642 0x1668  acpiex - ok
16:44:06.0651 0x1668  acpipagr - ok
16:44:06.0661 0x1668  AcpiPmi - ok
16:44:06.0669 0x1668  acpitime - ok
16:44:06.0685 0x1668  ADP80XX - ok
16:44:06.0698 0x1668  AFD - ok
16:44:06.0713 0x1668  ahcache - ok
16:44:06.0721 0x1668  AJRouter - ok
16:44:06.0730 0x1668  ALG - ok
16:44:06.0747 0x1668  [ BBADD85854BFB5D43C60B7AC8EEA3DBA, 968C043ABEA46F5C79525863B3FE2681AC0FA4202036C9EFD20B408DECF407E2 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
16:44:06.0755 0x1668  AMD External Events Utility - ok
16:44:06.0772 0x1668  AmdK8 - ok
16:44:06.0781 0x1668  amdkmdag - ok
16:44:06.0809 0x1668  [ 17BA5C907E14947574CBB788F4CEB85F, EAA3DBF436637C58666A91905E388287FC54334EBB2589A00727EB09AC4870E3 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
16:44:06.0823 0x1668  amdkmdap - ok
16:44:06.0832 0x1668  AmdPPM - ok
16:44:06.0840 0x1668  amdsata - ok
16:44:06.0850 0x1668  amdsbs - ok
16:44:06.0858 0x1668  amdxata - ok
16:44:06.0868 0x1668  AppHostSvc - ok
16:44:06.0875 0x1668  AppID - ok
16:44:06.0883 0x1668  AppIDSvc - ok
16:44:06.0891 0x1668  Appinfo - ok
16:44:06.0901 0x1668  applockerfltr - ok
16:44:06.0909 0x1668  AppReadiness - ok
16:44:06.0919 0x1668  AppXSvc - ok
16:44:06.0928 0x1668  arcsas - ok
16:44:06.0973 0x1668  aspnet_state - ok
16:44:06.0981 0x1668  AsyncMac - ok
16:44:06.0990 0x1668  atapi - ok
16:44:07.0007 0x1668  [ 0966FD5BAB1F9BE200875E9EED0A0A13, F4BE70C0581B51ED6DAE6412A5FF74AE310BF88DE89C5A5E5880BEED543B01D7 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
16:44:07.0010 0x1668  AtiHDAudioService - ok
16:44:07.0017 0x1668  AudioEndpointBuilder - ok
16:44:07.0027 0x1668  Audiosrv - ok
16:44:07.0036 0x1668  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\WINDOWS\system32\drivers\avmeject.sys
16:44:07.0038 0x1668  avmeject - ok
16:44:07.0046 0x1668  AxInstSV - ok
16:44:07.0055 0x1668  b06bdrv - ok
16:44:07.0065 0x1668  BasicDisplay - ok
16:44:07.0075 0x1668  BasicRender - ok
16:44:07.0091 0x1668  bcmfn - ok
16:44:07.0102 0x1668  bcmfn2 - ok
16:44:07.0110 0x1668  BDESVC - ok
16:44:07.0119 0x1668  Beep - ok
16:44:07.0129 0x1668  BFE - ok
16:44:07.0138 0x1668  BITS - ok
16:44:07.0146 0x1668  bowser - ok
16:44:07.0155 0x1668  BrokerInfrastructure - ok
16:44:07.0163 0x1668  Browser - ok
16:44:07.0172 0x1668  BthAvrcpTg - ok
16:44:07.0181 0x1668  BthEnum - ok
16:44:07.0190 0x1668  BthHFEnum - ok
16:44:07.0199 0x1668  bthhfhid - ok
16:44:07.0208 0x1668  BthHFSrv - ok
16:44:07.0217 0x1668  BTHMODEM - ok
16:44:07.0226 0x1668  BthPan - ok
16:44:07.0235 0x1668  BTHPORT - ok
16:44:07.0242 0x1668  bthserv - ok
16:44:07.0253 0x1668  BTHUSB - ok
16:44:07.0261 0x1668  buttonconverter - ok
16:44:07.0270 0x1668  CapImg - ok
16:44:07.0280 0x1668  cdfs - ok
16:44:07.0288 0x1668  CDPSvc - ok
16:44:07.0298 0x1668  CDPUserSvc - ok
16:44:07.0312 0x1668  cdrom - ok
16:44:07.0322 0x1668  CertPropSvc - ok
16:44:07.0332 0x1668  cht4iscsi - ok
16:44:07.0340 0x1668  cht4vbd - ok
16:44:07.0348 0x1668  circlass - ok
16:44:07.0357 0x1668  CLFS - ok
16:44:07.0368 0x1668  ClipSVC - ok
16:44:07.0381 0x1668  clreg - ok
16:44:07.0405 0x1668  CmBatt - ok
16:44:07.0415 0x1668  CNG - ok
16:44:07.0424 0x1668  cnghwassist - ok
16:44:07.0441 0x1668  [ 6F4385A829DCFC21180E12F6D0155F1C, 698B53106E25632D0259E0620787510B0881C7494CCAE2CDF4FAC1115E2D0C0C ] Coerlasy        C:\Program Files (x86)\Kzerlybervush\procaentvlotCollector.dll
16:44:07.0447 0x1668  Coerlasy - ok
16:44:07.0481 0x1668  CompositeBus - ok
16:44:07.0488 0x1668  COMSysApp - ok
16:44:07.0498 0x1668  condrv - ok
16:44:07.0507 0x1668  CoreMessagingRegistrar - ok
16:44:07.0525 0x1668  CryptSvc - ok
16:44:07.0533 0x1668  dam - ok
16:44:07.0546 0x1668  DcomLaunch - ok
16:44:07.0555 0x1668  DcpSvc - ok
16:44:07.0563 0x1668  defragsvc - ok
16:44:07.0572 0x1668  DeviceAssociationService - ok
16:44:07.0580 0x1668  DeviceInstall - ok
16:44:07.0590 0x1668  DevQueryBroker - ok
16:44:07.0598 0x1668  Dfsc - ok
16:44:07.0609 0x1668  Dhcp - ok
16:44:07.0620 0x1668  diagnosticshub.standardcollector.service - ok
16:44:07.0630 0x1668  DiagTrack - ok
16:44:07.0638 0x1668  disk - ok
16:44:07.0646 0x1668  DmEnrollmentSvc - ok
16:44:07.0655 0x1668  dmvsc - ok
16:44:07.0664 0x1668  dmwappushservice - ok
16:44:07.0673 0x1668  Dnscache - ok
16:44:07.0685 0x1668  dot3svc - ok
16:44:07.0694 0x1668  DPS - ok
16:44:07.0704 0x1668  drmkaud - ok
16:44:07.0713 0x1668  DsmSvc - ok
16:44:07.0722 0x1668  DsSvc - ok
16:44:07.0729 0x1668  DXGKrnl - ok
16:44:07.0739 0x1668  e1express - ok
16:44:07.0747 0x1668  EapHost - ok
16:44:07.0755 0x1668  ebdrv - ok
16:44:07.0766 0x1668  EFS - ok
16:44:07.0777 0x1668  EhStorClass - ok
16:44:07.0787 0x1668  EhStorTcgDrv - ok
16:44:07.0794 0x1668  embeddedmode - ok
16:44:07.0804 0x1668  EntAppSvc - ok
16:44:07.0819 0x1668  ErrDev - ok
16:44:07.0836 0x1668  EventSystem - ok
16:44:07.0843 0x1668  exfat - ok
16:44:07.0854 0x1668  fastfat - ok
16:44:07.0863 0x1668  Fax - ok
16:44:07.0873 0x1668  fdc - ok
16:44:07.0885 0x1668  fdPHost - ok
16:44:07.0893 0x1668  FDResPub - ok
16:44:07.0901 0x1668  fhsvc - ok
16:44:07.0912 0x1668  FileCrypt - ok
16:44:07.0922 0x1668  FileInfo - ok
16:44:07.0931 0x1668  Filetrace - ok
16:44:07.0940 0x1668  flpydisk - ok
16:44:07.0951 0x1668  FltMgr - ok
16:44:07.0959 0x1668  FontCache - ok
16:44:07.0971 0x1668  FontCache3.0.0.0 - ok
16:44:07.0979 0x1668  FrameServer - ok
16:44:07.0989 0x1668  FsDepends - ok
16:44:07.0998 0x1668  Fs_Rec - ok
16:44:08.0006 0x1668  fvevol - ok
16:44:08.0055 0x1668  [ 0D2843C3C676B852D0B01CEA1E1DAE6C, 2F2751E09725D52008865F08A08F9989BCC4BA07FBC11B3BEF4332DC463CFC63 ] fwlanusb5_nv2   C:\WINDOWS\system32\DRIVERS\fwlanusb5_nv2.sys
16:44:08.0082 0x1668  fwlanusb5_nv2 - ok
16:44:08.0096 0x1668  gencounter - ok
16:44:08.0105 0x1668  genericusbfn - ok
16:44:08.0114 0x1668  GPIOClx0101 - ok
16:44:08.0122 0x1668  gpsvc - ok
16:44:08.0131 0x1668  GpuEnergyDrv - ok
16:44:08.0143 0x1668  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:44:08.0147 0x1668  gupdate - ok
16:44:08.0157 0x1668  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:44:08.0160 0x1668  gupdatem - ok
16:44:08.0169 0x1668  HdAudAddService - ok
16:44:08.0179 0x1668  HDAudBus - ok
16:44:08.0188 0x1668  HidBatt - ok
16:44:08.0198 0x1668  HidBth - ok
16:44:08.0207 0x1668  hidi2c - ok
16:44:08.0216 0x1668  hidinterrupt - ok
16:44:08.0226 0x1668  HidIr - ok
16:44:08.0236 0x1668  hidserv - ok
16:44:08.0245 0x1668  HidUsb - ok
16:44:08.0257 0x1668  HomeGroupListener - ok
16:44:08.0266 0x1668  HomeGroupProvider - ok
16:44:08.0275 0x1668  HpSAMD - ok
16:44:08.0287 0x1668  HTTP - ok
16:44:08.0295 0x1668  HvHost - ok
16:44:08.0303 0x1668  hvservice - ok
16:44:08.0312 0x1668  hwpolicy - ok
16:44:08.0325 0x1668  hyperkbd - ok
16:44:08.0334 0x1668  i8042prt - ok
16:44:08.0342 0x1668  iagpio - ok
16:44:08.0350 0x1668  iai2c - ok
16:44:08.0360 0x1668  iaLPSS2i_GPIO2 - ok
16:44:08.0371 0x1668  iaLPSS2i_I2C - ok
16:44:08.0381 0x1668  iaLPSSi_GPIO - ok
16:44:08.0391 0x1668  iaLPSSi_I2C - ok
16:44:08.0399 0x1668  iaStorAV - ok
16:44:08.0410 0x1668  iaStorV - ok
16:44:08.0419 0x1668  ibbus - ok
16:44:08.0428 0x1668  icssvc - ok
16:44:08.0441 0x1668  IKEEXT - ok
16:44:08.0448 0x1668  IndirectKmd - ok
16:44:08.0468 0x1668  intelide - ok
16:44:08.0477 0x1668  intelpep - ok
16:44:08.0487 0x1668  intelppm - ok
16:44:08.0496 0x1668  iorate - ok
16:44:08.0504 0x1668  IpFilterDriver - ok
16:44:08.0515 0x1668  iphlpsvc - ok
16:44:08.0524 0x1668  IPMIDRV - ok
16:44:08.0533 0x1668  IPNAT - ok
16:44:08.0541 0x1668  irda - ok
16:44:08.0549 0x1668  IRENUM - ok
16:44:08.0558 0x1668  irmon - ok
16:44:08.0567 0x1668  isapnp - ok
16:44:08.0577 0x1668  iScsiPrt - ok
16:44:08.0587 0x1668  kbdclass - ok
16:44:08.0595 0x1668  kbdhid - ok
16:44:08.0604 0x1668  kdnic - ok
16:44:08.0611 0x1668  KeyIso - ok
16:44:08.0621 0x1668  KSecDD - ok
16:44:08.0633 0x1668  KSecPkg - ok
16:44:08.0643 0x1668  ksthunk - ok
16:44:08.0653 0x1668  KtmRm - ok
16:44:08.0662 0x1668  LanmanServer - ok
16:44:08.0671 0x1668  LanmanWorkstation - ok
16:44:08.0684 0x1668  lfsvc - ok
16:44:08.0692 0x1668  LicenseManager - ok
16:44:08.0703 0x1668  lltdio - ok
16:44:08.0712 0x1668  lltdsvc - ok
16:44:08.0721 0x1668  lmhosts - ok
16:44:08.0733 0x1668  LSI_SAS - ok
16:44:08.0742 0x1668  LSI_SAS2i - ok
16:44:08.0750 0x1668  LSI_SAS3i - ok
16:44:08.0759 0x1668  LSI_SSS - ok
16:44:08.0768 0x1668  LSM - ok
16:44:08.0776 0x1668  luafv - ok
16:44:08.0787 0x1668  MapsBroker - ok
16:44:08.0797 0x1668  megasas - ok
16:44:08.0806 0x1668  megasr - ok
16:44:08.0815 0x1668  MessagingService - ok
16:44:08.0829 0x1668  mlx4_bus - ok
16:44:08.0840 0x1668  MMCSS - ok
16:44:08.0849 0x1668  Modem - ok
16:44:08.0858 0x1668  monitor - ok
16:44:08.0867 0x1668  mouclass - ok
16:44:08.0879 0x1668  mouhid - ok
16:44:08.0887 0x1668  mountmgr - ok
16:44:08.0895 0x1668  mpsdrv - ok
16:44:08.0907 0x1668  MpsSvc - ok
16:44:08.0917 0x1668  MQAC - ok
16:44:08.0927 0x1668  MRxDAV - ok
16:44:08.0936 0x1668  mrxsmb - ok
16:44:08.0945 0x1668  mrxsmb10 - ok
16:44:08.0954 0x1668  mrxsmb20 - ok
16:44:08.0962 0x1668  MsBridge - ok
16:44:08.0972 0x1668  MSDTC - ok
16:44:08.0989 0x1668  Msfs - ok
16:44:09.0000 0x1668  msgpiowin32 - ok
16:44:09.0008 0x1668  mshidkmdf - ok
16:44:09.0018 0x1668  mshidumdf - ok
16:44:09.0027 0x1668  msisadrv - ok
16:44:09.0038 0x1668  MSiSCSI - ok
16:44:09.0045 0x1668  msiserver - ok
16:44:09.0053 0x1668  MSKSSRV - ok
16:44:09.0062 0x1668  MsLldp - ok
16:44:09.0071 0x1668  MSMQ - ok
16:44:09.0080 0x1668  MSPCLOCK - ok
16:44:09.0088 0x1668  MSPQM - ok
16:44:09.0099 0x1668  MsRPC - ok
16:44:09.0111 0x1668  mssmbios - ok
16:44:09.0119 0x1668  MSTEE - ok
16:44:09.0128 0x1668  MTConfig - ok
16:44:09.0138 0x1668  Mup - ok
16:44:09.0146 0x1668  mvumis - ok
16:44:09.0159 0x1668  NativeWifiP - ok
16:44:09.0167 0x1668  NcaSvc - ok
16:44:09.0175 0x1668  NcbService - ok
16:44:09.0184 0x1668  NcdAutoSetup - ok
16:44:09.0192 0x1668  ndfltr - ok
16:44:09.0202 0x1668  NDIS - ok
16:44:09.0210 0x1668  NdisCap - ok
16:44:09.0219 0x1668  NdisImPlatform - ok
16:44:09.0227 0x1668  NdisTapi - ok
16:44:09.0236 0x1668  Ndisuio - ok
16:44:09.0248 0x1668  NdisVirtualBus - ok
16:44:09.0258 0x1668  NdisWan - ok
16:44:09.0265 0x1668  ndiswanlegacy - ok
16:44:09.0273 0x1668  ndproxy - ok
16:44:09.0281 0x1668  Ndu - ok
16:44:09.0290 0x1668  NetAdapterCx - ok
16:44:09.0298 0x1668  NetBIOS - ok
16:44:09.0310 0x1668  NetBT - ok
16:44:09.0318 0x1668  Netlogon - ok
16:44:09.0329 0x1668  Netman - ok
16:44:09.0346 0x1668  NetMsmqActivator - ok
16:44:09.0352 0x1668  NetPipeActivator - ok
16:44:09.0364 0x1668  netprofm - ok
16:44:09.0373 0x1668  netr28ux - ok
16:44:09.0383 0x1668  NetSetupSvc - ok
16:44:09.0388 0x1668  NetTcpActivator - ok
16:44:09.0396 0x1668  NetTcpPortSharing - ok
16:44:09.0415 0x1668  NgcCtnrSvc - ok
16:44:09.0423 0x1668  NgcSvc - ok
16:44:09.0434 0x1668  NlaSvc - ok
16:44:09.0442 0x1668  Npfs - ok
16:44:09.0451 0x1668  npsvctrig - ok
16:44:09.0461 0x1668  nsi - ok
16:44:09.0471 0x1668  nsiproxy - ok
16:44:09.0483 0x1668  NTFS - ok
16:44:09.0491 0x1668  Null - ok
16:44:09.0500 0x1668  nvraid - ok
16:44:09.0510 0x1668  nvstor - ok
16:44:09.0518 0x1668  OneSyncSvc - ok
16:44:09.0531 0x1668  p2pimsvc - ok
16:44:09.0542 0x1668  p2psvc - ok
16:44:09.0549 0x1668  Parport - ok
16:44:09.0558 0x1668  partmgr - ok
16:44:09.0567 0x1668  PcaSvc - ok
16:44:09.0575 0x1668  pci - ok
16:44:09.0585 0x1668  pciide - ok
16:44:09.0595 0x1668  pcmcia - ok
16:44:09.0606 0x1668  pcw - ok
16:44:09.0620 0x1668  pdc - ok
16:44:09.0628 0x1668  PEAUTH - ok
16:44:09.0641 0x1668  percsas2i - ok
16:44:09.0649 0x1668  percsas3i - ok
16:44:09.0702 0x1668  PerfHost - ok
16:44:09.0725 0x1668  PhoneSvc - ok
16:44:09.0735 0x1668  PimIndexMaintenanceSvc - ok
16:44:09.0746 0x1668  pla - ok
16:44:09.0755 0x1668  PlugPlay - ok
16:44:09.0763 0x1668  PNRPAutoReg - ok
16:44:09.0771 0x1668  PNRPsvc - ok
16:44:09.0779 0x1668  PolicyAgent - ok
16:44:09.0792 0x1668  Power - ok
16:44:09.0801 0x1668  PptpMiniport - ok
16:44:09.0925 0x1668  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
16:44:09.0996 0x1668  PrintNotify - ok
16:44:10.0013 0x1668  Processor - ok
16:44:10.0021 0x1668  ProfSvc - ok
16:44:10.0027 0x1668  Psched - ok
16:44:10.0036 0x1668  QWAVE - ok
16:44:10.0045 0x1668  QWAVEdrv - ok
16:44:10.0054 0x1668  RasAcd - ok
16:44:10.0061 0x1668  RasAgileVpn - ok
16:44:10.0070 0x1668  RasAuto - ok
16:44:10.0078 0x1668  Rasl2tp - ok
16:44:10.0087 0x1668  RasMan - ok
16:44:10.0095 0x1668  RasPppoe - ok
16:44:10.0103 0x1668  RasSstp - ok
16:44:10.0112 0x1668  rdbss - ok
16:44:10.0124 0x1668  rdpbus - ok
16:44:10.0132 0x1668  RDPDR - ok
16:44:10.0147 0x1668  RdpVideoMiniport - ok
16:44:10.0157 0x1668  rdyboost - ok
16:44:10.0167 0x1668  ReFSv1 - ok
16:44:10.0174 0x1668  RemoteAccess - ok
16:44:10.0183 0x1668  RemoteRegistry - ok
16:44:10.0191 0x1668  RetailDemo - ok
16:44:10.0202 0x1668  RFCOMM - ok
16:44:10.0213 0x1668  RmSvc - ok
16:44:10.0220 0x1668  RpcEptMapper - ok
16:44:10.0234 0x1668  RpcLocator - ok
16:44:10.0244 0x1668  RpcSs - ok
16:44:10.0258 0x1668  rspndr - ok
16:44:10.0273 0x1668  s3cap - ok
16:44:10.0280 0x1668  SamSs - ok
16:44:10.0289 0x1668  sbp2port - ok
16:44:10.0296 0x1668  SCardSvr - ok
16:44:10.0306 0x1668  ScDeviceEnum - ok
16:44:10.0315 0x1668  scfilter - ok
16:44:10.0323 0x1668  Schedule - ok
16:44:10.0332 0x1668  scmbus - ok
16:44:10.0339 0x1668  scmdisk0101 - ok
16:44:10.0349 0x1668  SCPolicySvc - ok
16:44:10.0356 0x1668  sdbus - ok
16:44:10.0365 0x1668  SDRSVC - ok
16:44:10.0373 0x1668  sdstor - ok
16:44:10.0380 0x1668  seclogon - ok
16:44:10.0388 0x1668  SENS - ok
16:44:10.0394 0x1668  SensorDataService - ok
16:44:10.0404 0x1668  SensorService - ok
16:44:10.0411 0x1668  SensrSvc - ok
16:44:10.0419 0x1668  SerCx - ok
16:44:10.0439 0x1668  SerCx2 - ok
16:44:10.0445 0x1668  Serenum - ok
16:44:10.0455 0x1668  Serial - ok
16:44:10.0463 0x1668  sermouse - ok
16:44:10.0483 0x1668  SessionEnv - ok
16:44:10.0500 0x1668  sfloppy - ok
16:44:10.0509 0x1668  SharedAccess - ok
16:44:10.0517 0x1668  ShellHWDetection - ok
16:44:10.0526 0x1668  shpamsvc - ok
16:44:10.0533 0x1668  SiSRaid2 - ok
16:44:10.0541 0x1668  SiSRaid4 - ok
16:44:10.0550 0x1668  smphost - ok
16:44:10.0559 0x1668  SmsRouter - ok
16:44:10.0581 0x1668  SNMPTRAP - ok
16:44:10.0591 0x1668  spaceport - ok
16:44:10.0600 0x1668  SpbCx - ok
16:44:10.0609 0x1668  Spooler - ok
16:44:10.0618 0x1668  sppsvc - ok
16:44:10.0626 0x1668  srv - ok
16:44:10.0635 0x1668  srv2 - ok
16:44:10.0643 0x1668  srvnet - ok
16:44:10.0653 0x1668  SSDPSRV - ok
16:44:10.0663 0x1668  SstpSvc - ok
16:44:10.0682 0x1668  StateRepository - ok
16:44:10.0727 0x1668  [ E06AA279D85877268E34E9A9BC41F560, 6EFE7E3850CD19B919053293B6D8CB61CC638D3B1626BB62594C681625132689 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:44:10.0756 0x1668  Steam Client Service - ok
16:44:10.0767 0x1668  stexstor - ok
16:44:10.0774 0x1668  stisvc - ok
16:44:10.0781 0x1668  storahci - ok
16:44:10.0798 0x1668  storflt - ok
16:44:10.0805 0x1668  stornvme - ok
16:44:10.0814 0x1668  storqosflt - ok
16:44:10.0822 0x1668  StorSvc - ok
16:44:10.0830 0x1668  storufs - ok
16:44:10.0839 0x1668  storvsc - ok
16:44:10.0848 0x1668  svsvc - ok
16:44:10.0857 0x1668  swenum - ok
16:44:10.0867 0x1668  swprv - ok
16:44:10.0875 0x1668  Synth3dVsc - ok
16:44:10.0883 0x1668  SysMain - ok
16:44:10.0891 0x1668  SystemEventsBroker - ok
16:44:10.0899 0x1668  TabletInputService - ok
16:44:10.0908 0x1668  TapiSrv - ok
16:44:10.0917 0x1668  Tcpip - ok
16:44:10.0925 0x1668  Tcpip6 - ok
16:44:10.0937 0x1668  tcpipreg - ok
16:44:10.0948 0x1668  tdx - ok
16:44:10.0956 0x1668  terminpt - ok
16:44:10.0964 0x1668  TermService - ok
16:44:10.0973 0x1668  Themes - ok
16:44:10.0981 0x1668  TieringEngineService - ok
16:44:10.0990 0x1668  tiledatamodelsvc - ok
16:44:10.0997 0x1668  TimeBrokerSvc - ok
16:44:11.0006 0x1668  TPM - ok
16:44:11.0014 0x1668  TrkWks - ok
16:44:11.0021 0x1668  TrustedInstaller - ok
16:44:11.0034 0x1668  tsusbflt - ok
16:44:11.0042 0x1668  TsUsbGD - ok
16:44:11.0051 0x1668  tunnel - ok
16:44:11.0060 0x1668  tzautoupdate - ok
16:44:11.0067 0x1668  UASPStor - ok
16:44:11.0076 0x1668  UcmCx0101 - ok
16:44:11.0087 0x1668  UcmTcpciCx0101 - ok
16:44:11.0095 0x1668  UcmUcsi - ok
16:44:11.0103 0x1668  Ucx01000 - ok
16:44:11.0110 0x1668  UdeCx - ok
16:44:11.0117 0x1668  udfs - ok
16:44:11.0126 0x1668  UEFI - ok
16:44:11.0135 0x1668  Ufx01000 - ok
16:44:11.0143 0x1668  UfxChipidea - ok
16:44:11.0151 0x1668  ufxsynopsys - ok
16:44:11.0168 0x1668  UI0Detect - ok
16:44:11.0177 0x1668  umbus - ok
16:44:11.0185 0x1668  UmPass - ok
16:44:11.0193 0x1668  UmRdpService - ok
16:44:11.0201 0x1668  UnistoreSvc - ok
16:44:11.0212 0x1668  upnphost - ok
16:44:11.0221 0x1668  UrsChipidea - ok
16:44:11.0229 0x1668  UrsCx01000 - ok
16:44:11.0237 0x1668  UrsSynopsys - ok
16:44:11.0245 0x1668  usbccgp - ok
16:44:11.0254 0x1668  usbcir - ok
16:44:11.0263 0x1668  usbehci - ok
16:44:11.0273 0x1668  usbhub - ok
16:44:11.0283 0x1668  USBHUB3 - ok
16:44:11.0292 0x1668  usbohci - ok
16:44:11.0298 0x1668  usbprint - ok
16:44:11.0306 0x1668  usbser - ok
16:44:11.0315 0x1668  USBSTOR - ok
16:44:11.0323 0x1668  usbuhci - ok
16:44:11.0330 0x1668  USBXHCI - ok
16:44:11.0345 0x1668  UserDataSvc - ok
16:44:11.0357 0x1668  UserManager - ok
16:44:11.0367 0x1668  UsoSvc - ok
16:44:11.0374 0x1668  VaultSvc - ok
16:44:11.0384 0x1668  vdrvroot - ok
16:44:11.0392 0x1668  vds - ok
16:44:11.0398 0x1668  VerifierExt - ok
16:44:11.0407 0x1668  vhdmp - ok
16:44:11.0414 0x1668  vhf - ok
16:44:11.0423 0x1668  vmbus - ok
16:44:11.0430 0x1668  VMBusHID - ok
16:44:11.0439 0x1668  vmgid - ok
16:44:11.0447 0x1668  vmicguestinterface - ok
16:44:11.0456 0x1668  vmicheartbeat - ok
16:44:11.0464 0x1668  vmickvpexchange - ok
16:44:11.0474 0x1668  vmicrdv - ok
16:44:11.0480 0x1668  vmicshutdown - ok
16:44:11.0488 0x1668  vmictimesync - ok
16:44:11.0495 0x1668  vmicvmsession - ok
16:44:11.0504 0x1668  vmicvss - ok
16:44:11.0512 0x1668  volmgr - ok
16:44:11.0521 0x1668  volmgrx - ok
16:44:11.0528 0x1668  volsnap - ok
16:44:11.0537 0x1668  volume - ok
16:44:11.0544 0x1668  vpci - ok
16:44:11.0553 0x1668  vsmraid - ok
16:44:11.0561 0x1668  VSS - ok
16:44:11.0570 0x1668  VSTXRAID - ok
16:44:11.0579 0x1668  vwifibus - ok
16:44:11.0589 0x1668  vwififlt - ok
16:44:11.0598 0x1668  vwifimp - ok
16:44:11.0608 0x1668  W32Time - ok
16:44:11.0661 0x1668  w3logsvc - ok
16:44:11.0668 0x1668  W3SVC - ok
16:44:11.0676 0x1668  WacomPen - ok
16:44:11.0684 0x1668  WalletService - ok
16:44:11.0691 0x1668  wanarp - ok
16:44:11.0698 0x1668  wanarpv6 - ok
16:44:11.0706 0x1668  WAS - ok
16:44:11.0714 0x1668  wbengine - ok
16:44:11.0723 0x1668  WbioSrvc - ok
16:44:11.0730 0x1668  wcifs - ok
16:44:11.0739 0x1668  Wcmsvc - ok
16:44:11.0748 0x1668  wcncsvc - ok
16:44:11.0756 0x1668  wcnfs - ok
16:44:11.0765 0x1668  WdBoot - ok
16:44:11.0775 0x1668  Wdf01000 - ok
16:44:11.0785 0x1668  WdFilter - ok
16:44:11.0795 0x1668  WdiServiceHost - ok
16:44:11.0802 0x1668  WdiSystemHost - ok
16:44:11.0810 0x1668  wdiwifi - ok
16:44:11.0819 0x1668  WdNisDrv - ok
16:44:11.0825 0x1668  WdNisSvc - ok
16:44:11.0835 0x1668  WebClient - ok
16:44:11.0842 0x1668  Wecsvc - ok
16:44:11.0851 0x1668  WEPHOSTSVC - ok
16:44:11.0859 0x1668  wercplsupport - ok
16:44:11.0867 0x1668  WerSvc - ok
16:44:11.0875 0x1668  WFPLWFS - ok
16:44:11.0885 0x1668  WiaRpc - ok
16:44:11.0892 0x1668  WIMMount - ok
16:44:11.0897 0x1668  WinDefend - ok
16:44:11.0915 0x1668  WindowsTrustedRT - ok
16:44:11.0923 0x1668  WindowsTrustedRTProxy - ok
16:44:11.0933 0x1668  WinHttpAutoProxySvc - ok
16:44:11.0942 0x1668  WinMad - ok
16:44:11.0955 0x1668  Winmgmt - ok
16:44:11.0962 0x1668  WinRM - ok
16:44:11.0979 0x1668  WINUSB - ok
16:44:11.0986 0x1668  WinVerbs - ok
16:44:11.0994 0x1668  wisvc - ok
16:44:12.0003 0x1668  WlanSvc - ok
16:44:12.0011 0x1668  wlidsvc - ok
16:44:12.0019 0x1668  WmiAcpi - ok
16:44:12.0031 0x1668  wmiApSrv - ok
16:44:12.0038 0x1668  WMPNetworkSvc - ok
16:44:12.0047 0x1668  Wof - ok
16:44:12.0060 0x1668  workfolderssvc - ok
16:44:12.0068 0x1668  WPDBusEnum - ok
16:44:12.0078 0x1668  WpdUpFltr - ok
16:44:12.0087 0x1668  WpnService - ok
16:44:12.0095 0x1668  WpnUserService - ok
16:44:12.0108 0x1668  ws2ifsl - ok
16:44:12.0116 0x1668  wscsvc - ok
16:44:12.0124 0x1668  WSDPrintDevice - ok
16:44:12.0131 0x1668  WSearch - ok
16:44:12.0143 0x1668  wuauserv - ok
16:44:12.0151 0x1668  WudfPf - ok
16:44:12.0158 0x1668  WUDFRd - ok
16:44:12.0167 0x1668  wudfsvc - ok
16:44:12.0174 0x1668  WUDFWpdFs - ok
16:44:12.0184 0x1668  WwanSvc - ok
16:44:12.0192 0x1668  XblAuthManager - ok
16:44:12.0201 0x1668  XblGameSave - ok
16:44:12.0209 0x1668  xboxgip - ok
16:44:12.0218 0x1668  XboxNetApiSvc - ok
16:44:12.0226 0x1668  xinputhid - ok
16:44:12.0231 0x1668  ================ Scan global ===============================
16:44:12.0262 0x1668  [ Global ] - ok
16:44:12.0262 0x1668  ================ Scan MBR ==================================
16:44:12.0267 0x1668  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:44:12.0421 0x1668  \Device\Harddisk0\DR0 - ok
16:44:12.0439 0x1668  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:44:12.0451 0x1668  \Device\Harddisk1\DR1 - ok
16:44:12.0452 0x1668  ================ Scan VBR ==================================
16:44:12.0453 0x1668  [ 014AFD868BD0049D18D642FD5BC2F6E2 ] \Device\Harddisk0\DR0\Partition1
16:44:12.0455 0x1668  \Device\Harddisk0\DR0\Partition1 - ok
16:44:12.0460 0x1668  [ 5520853F5E4F50F2882077AEDDAB2738 ] \Device\Harddisk0\DR0\Partition2
16:44:12.0462 0x1668  \Device\Harddisk0\DR0\Partition2 - ok
16:44:12.0468 0x1668  [ 7FEE470E99E743FD34E26F9BA9BC50D1 ] \Device\Harddisk1\DR1\Partition1
16:44:12.0470 0x1668  \Device\Harddisk1\DR1\Partition1 - ok
16:44:12.0471 0x1668  ================ Scan generic autorun ======================
16:44:12.0476 0x1668  Logitech Download Assistant - ok
16:44:12.0477 0x1668  WindowsDefender - ok
16:44:12.0510 0x1668  [ 4C6AAABB264526A9C845A39AEBB79B69, B27F869E8B44CC5F1F9ADCA53AA848C16D706587ED9C7F995AE59BF9B0426523 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
16:44:12.0524 0x1668  StartCCC - ok
16:44:12.0554 0x1668  [ 4B5985DC72C3546A890C881A6EA5BE5A, CEB1B4F63517E9E4F7E473A70EE1B1968AD45AD41C6900CE38040F8CF857D98F ] C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
16:44:12.0571 0x1668  AVMWlanClient - ok
16:44:12.0607 0x1668  OneDriveSetup - ok
16:44:12.0610 0x1668  OneDriveSetup - ok
16:44:12.0657 0x1668  [ 49610A409DFAE252AE6A07E400013178, 4191C5BF1BF0E029F58F71BC9B06C1A817FA6250EC6F33C6C680EDE4A2B47F19 ] C:\Users\Julius\AppData\Roaming\Spotify\SpotifyWebHelper.exe
16:44:12.0686 0x1668  Spotify Web Helper - ok
16:44:12.0710 0x1668  [ 1D7DD340E13DF9585EABB849CFC3E11B, 31CCD9753402DC030C641214B4ECB48A757BCD9F427A143A88745C62EFF87766 ] C:\Users\Julius\AppData\Local\Microsoft\OneDrive\OneDrive.exe
16:44:12.0722 0x1668  OneDrive - ok
16:44:12.0724 0x1668  Waiting for KSN requests completion. In queue: 14
16:44:13.0745 0x1668  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x61100 ( enabled : updated )
16:44:13.0751 0x1668  Win FW state via NFP2: enabled ( trusted )
16:44:14.0170 0x1668  ============================================================
16:44:14.0170 0x1668  Scan finished
16:44:14.0170 0x1668  ============================================================
16:44:14.0182 0x0464  Detected object count: 0
16:44:14.0182 0x0464  Actual detected object count: 0
         
ps: es wurde nichts gefunden

Alt 05.10.2016, 19:18   #8
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
trojan dropper:win32/bunt - Standard

trojan dropper:win32/bunt



Scan bitte wiederholen und richtige Einstellungen wählen - so wie in der Anleitung beschrieben.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 06.10.2016, 16:03   #9
Juro346
 
trojan dropper:win32/bunt - Standard

trojan dropper:win32/bunt



Oh, tut mir Leid, nun hab ich es richtig gemacht:

Code:
ATTFilter
16:57:22.0354 0x2248  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
16:57:26.0132 0x2248  ============================================================
16:57:26.0132 0x2248  Current date / time: 2016/10/06 16:57:26.0132
16:57:26.0132 0x2248  SystemInfo:
16:57:26.0132 0x2248  
16:57:26.0132 0x2248  OS Version: 10.0.14393 ServicePack: 0.0
16:57:26.0132 0x2248  Product type: Workstation
16:57:26.0132 0x2248  ComputerName: JULIUS-PC
16:57:26.0132 0x2248  UserName: Julius
16:57:26.0132 0x2248  Windows directory: C:\WINDOWS
16:57:26.0132 0x2248  System windows directory: C:\WINDOWS
16:57:26.0132 0x2248  Running under WOW64
16:57:26.0132 0x2248  Processor architecture: Intel x64
16:57:26.0132 0x2248  Number of processors: 4
16:57:26.0132 0x2248  Page size: 0x1000
16:57:26.0132 0x2248  Boot type: Normal boot
16:57:26.0132 0x2248  CodeIntegrityOptions = 0x00000001
16:57:26.0132 0x2248  ============================================================
16:57:26.0205 0x2248  KLMD registered as C:\WINDOWS\system32\drivers\66535329.sys
16:57:26.0205 0x2248  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.187, osProperties = 0x19
16:57:26.0270 0x2248  System UUID: {39186A2B-A2CF-AD98-9E7B-8E54B2EC98A2}
16:57:26.0625 0x2248  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:57:26.0626 0x2248  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:57:26.0688 0x2248  ============================================================
16:57:26.0688 0x2248  \Device\Harddisk0\DR0:
16:57:26.0688 0x2248  MBR partitions:
16:57:26.0688 0x2248  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:57:26.0688 0x2248  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDD9F800
16:57:26.0688 0x2248  \Device\Harddisk1\DR1:
16:57:26.0688 0x2248  MBR partitions:
16:57:26.0704 0x2248  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
16:57:26.0704 0x2248  ============================================================
16:57:26.0705 0x2248  C: <-> \Device\Harddisk0\DR0\Partition2
16:57:26.0725 0x2248  D: <-> \Device\Harddisk1\DR1\Partition1
16:57:26.0725 0x2248  ============================================================
16:57:26.0725 0x2248  Initialize success
16:57:26.0725 0x2248  ============================================================
16:58:34.0518 0x11c0  ============================================================
16:58:34.0518 0x11c0  Scan started
16:58:34.0518 0x11c0  Mode: Manual; SigCheck; TDLFS; 
16:58:34.0518 0x11c0  ============================================================
16:58:34.0518 0x11c0  KSN ping started
16:58:34.0656 0x11c0  KSN ping finished: true
16:58:34.0941 0x11c0  ================ Scan system memory ========================
16:58:34.0941 0x11c0  System memory - ok
16:58:34.0941 0x11c0  ================ Scan services =============================
16:58:35.0003 0x11c0  1394ohci - ok
16:58:35.0003 0x11c0  3ware - ok
16:58:35.0019 0x11c0  ACPI - ok
16:58:35.0019 0x11c0  AcpiDev - ok
16:58:35.0035 0x11c0  acpiex - ok
16:58:35.0041 0x11c0  acpipagr - ok
16:58:35.0041 0x11c0  AcpiPmi - ok
16:58:35.0041 0x11c0  acpitime - ok
16:58:35.0057 0x11c0  ADP80XX - ok
16:58:35.0057 0x11c0  AFD - ok
16:58:35.0073 0x11c0  ahcache - ok
16:58:35.0073 0x11c0  AJRouter - ok
16:58:35.0088 0x11c0  ALG - ok
16:58:35.0104 0x11c0  [ BBADD85854BFB5D43C60B7AC8EEA3DBA, 968C043ABEA46F5C79525863B3FE2681AC0FA4202036C9EFD20B408DECF407E2 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
16:58:35.0173 0x11c0  AMD External Events Utility - ok
16:58:35.0188 0x11c0  AmdK8 - ok
16:58:35.0188 0x11c0  amdkmdag - ok
16:58:35.0204 0x11c0  [ 17BA5C907E14947574CBB788F4CEB85F, EAA3DBF436637C58666A91905E388287FC54334EBB2589A00727EB09AC4870E3 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
16:58:35.0257 0x11c0  amdkmdap - ok
16:58:35.0257 0x11c0  AmdPPM - ok
16:58:35.0257 0x11c0  amdsata - ok
16:58:35.0273 0x11c0  amdsbs - ok
16:58:35.0273 0x11c0  amdxata - ok
16:58:35.0289 0x11c0  AppHostSvc - ok
16:58:35.0289 0x11c0  AppID - ok
16:58:35.0289 0x11c0  AppIDSvc - ok
16:58:35.0304 0x11c0  Appinfo - ok
16:58:35.0304 0x11c0  applockerfltr - ok
16:58:35.0320 0x11c0  AppReadiness - ok
16:58:35.0320 0x11c0  AppXSvc - ok
16:58:35.0320 0x11c0  arcsas - ok
16:58:35.0342 0x11c0  aspnet_state - ok
16:58:35.0358 0x11c0  AsyncMac - ok
16:58:35.0358 0x11c0  atapi - ok
16:58:35.0373 0x11c0  [ 0966FD5BAB1F9BE200875E9EED0A0A13, F4BE70C0581B51ED6DAE6412A5FF74AE310BF88DE89C5A5E5880BEED543B01D7 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
16:58:35.0405 0x11c0  AtiHDAudioService - ok
16:58:35.0405 0x11c0  AudioEndpointBuilder - ok
16:58:35.0420 0x11c0  Audiosrv - ok
16:58:35.0420 0x11c0  [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject        C:\WINDOWS\system32\drivers\avmeject.sys
16:58:35.0442 0x11c0  avmeject - ok
16:58:35.0442 0x11c0  AxInstSV - ok
16:58:35.0458 0x11c0  b06bdrv - ok
16:58:35.0458 0x11c0  BasicDisplay - ok
16:58:35.0474 0x11c0  BasicRender - ok
16:58:35.0474 0x11c0  bcmfn - ok
16:58:35.0489 0x11c0  bcmfn2 - ok
16:58:35.0489 0x11c0  BDESVC - ok
16:58:35.0489 0x11c0  Beep - ok
16:58:35.0505 0x11c0  BFE - ok
16:58:35.0505 0x11c0  BITS - ok
16:58:35.0505 0x11c0  bowser - ok
16:58:35.0520 0x11c0  BrokerInfrastructure - ok
16:58:35.0520 0x11c0  Browser - ok
16:58:35.0539 0x11c0  BthAvrcpTg - ok
16:58:35.0543 0x11c0  BthEnum - ok
16:58:35.0543 0x11c0  BthHFEnum - ok
16:58:35.0543 0x11c0  bthhfhid - ok
16:58:35.0558 0x11c0  BthHFSrv - ok
16:58:35.0558 0x11c0  BTHMODEM - ok
16:58:35.0574 0x11c0  BthPan - ok
16:58:35.0574 0x11c0  BTHPORT - ok
16:58:35.0574 0x11c0  bthserv - ok
16:58:35.0589 0x11c0  BTHUSB - ok
16:58:35.0589 0x11c0  buttonconverter - ok
16:58:35.0605 0x11c0  CapImg - ok
16:58:35.0605 0x11c0  cdfs - ok
16:58:35.0605 0x11c0  CDPSvc - ok
16:58:35.0621 0x11c0  CDPUserSvc - ok
16:58:35.0639 0x11c0  cdrom - ok
16:58:35.0643 0x11c0  CertPropSvc - ok
16:58:35.0643 0x11c0  cht4iscsi - ok
16:58:35.0643 0x11c0  cht4vbd - ok
16:58:35.0659 0x11c0  circlass - ok
16:58:35.0659 0x11c0  CLFS - ok
16:58:35.0674 0x11c0  ClipSVC - ok
16:58:35.0674 0x11c0  clreg - ok
16:58:35.0690 0x11c0  CmBatt - ok
16:58:35.0690 0x11c0  CNG - ok
16:58:35.0705 0x11c0  cnghwassist - ok
16:58:35.0721 0x11c0  [ 6F4385A829DCFC21180E12F6D0155F1C, 698B53106E25632D0259E0620787510B0881C7494CCAE2CDF4FAC1115E2D0C0C ] Coerlasy        C:\Program Files (x86)\Kzerlybervush\procaentvlotCollector.dll
16:58:35.0774 0x11c0  Coerlasy - detected UnsignedFile.Multi.Generic ( 1 )
16:58:36.0044 0x11c0  Coerlasy ( UnsignedFile.Multi.Generic ) - warning
16:58:36.0044 0x11c0  Force sending object to P2P due to detect: Coerlasy
16:58:36.0244 0x11c0  Object send P2P result: true
16:58:36.0423 0x11c0  CompositeBus - ok
16:58:36.0423 0x11c0  COMSysApp - ok
16:58:36.0443 0x11c0  condrv - ok
16:58:36.0445 0x11c0  CoreMessagingRegistrar - ok
16:58:36.0445 0x11c0  CryptSvc - ok
16:58:36.0461 0x11c0  dam - ok
16:58:36.0461 0x11c0  DcomLaunch - ok
16:58:36.0476 0x11c0  DcpSvc - ok
16:58:36.0476 0x11c0  defragsvc - ok
16:58:36.0492 0x11c0  DeviceAssociationService - ok
16:58:36.0492 0x11c0  DeviceInstall - ok
16:58:36.0492 0x11c0  DevQueryBroker - ok
16:58:36.0507 0x11c0  Dfsc - ok
16:58:36.0507 0x11c0  Dhcp - ok
16:58:36.0523 0x11c0  diagnosticshub.standardcollector.service - ok
16:58:36.0523 0x11c0  DiagTrack - ok
16:58:36.0523 0x11c0  disk - ok
16:58:36.0544 0x11c0  DmEnrollmentSvc - ok
16:58:36.0545 0x11c0  dmvsc - ok
16:58:36.0545 0x11c0  dmwappushservice - ok
16:58:36.0561 0x11c0  Dnscache - ok
16:58:36.0561 0x11c0  dot3svc - ok
16:58:36.0576 0x11c0  DPS - ok
16:58:36.0576 0x11c0  drmkaud - ok
16:58:36.0576 0x11c0  DsmSvc - ok
16:58:36.0592 0x11c0  DsSvc - ok
16:58:36.0592 0x11c0  DXGKrnl - ok
16:58:36.0608 0x11c0  e1express - ok
16:58:36.0608 0x11c0  EapHost - ok
16:58:36.0608 0x11c0  ebdrv - ok
16:58:36.0623 0x11c0  EFS - ok
16:58:36.0623 0x11c0  EhStorClass - ok
16:58:36.0623 0x11c0  EhStorTcgDrv - ok
16:58:36.0644 0x11c0  embeddedmode - ok
16:58:36.0646 0x11c0  EntAppSvc - ok
16:58:36.0646 0x11c0  ErrDev - ok
16:58:36.0661 0x11c0  EventSystem - ok
16:58:36.0661 0x11c0  exfat - ok
16:58:36.0677 0x11c0  fastfat - ok
16:58:36.0677 0x11c0  Fax - ok
16:58:36.0677 0x11c0  fdc - ok
16:58:36.0692 0x11c0  fdPHost - ok
16:58:36.0692 0x11c0  FDResPub - ok
16:58:36.0708 0x11c0  fhsvc - ok
16:58:36.0708 0x11c0  FileCrypt - ok
16:58:36.0708 0x11c0  FileInfo - ok
16:58:36.0724 0x11c0  Filetrace - ok
16:58:36.0724 0x11c0  flpydisk - ok
16:58:36.0739 0x11c0  FltMgr - ok
16:58:36.0746 0x11c0  FontCache - ok
16:58:36.0746 0x11c0  FontCache3.0.0.0 - ok
16:58:36.0746 0x11c0  FrameServer - ok
16:58:36.0761 0x11c0  FsDepends - ok
16:58:36.0761 0x11c0  Fs_Rec - ok
16:58:36.0761 0x11c0  fvevol - ok
16:58:36.0808 0x11c0  [ 0D2843C3C676B852D0B01CEA1E1DAE6C, 2F2751E09725D52008865F08A08F9989BCC4BA07FBC11B3BEF4332DC463CFC63 ] fwlanusb5_nv2   C:\WINDOWS\system32\DRIVERS\fwlanusb5_nv2.sys
16:58:36.0862 0x11c0  fwlanusb5_nv2 - ok
16:58:36.0877 0x11c0  gencounter - ok
16:58:36.0877 0x11c0  genericusbfn - ok
16:58:36.0877 0x11c0  GPIOClx0101 - ok
16:58:36.0893 0x11c0  gpsvc - ok
16:58:36.0893 0x11c0  GpuEnergyDrv - ok
16:58:36.0909 0x11c0  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:58:36.0924 0x11c0  gupdate - ok
16:58:36.0924 0x11c0  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:58:36.0946 0x11c0  gupdatem - ok
16:58:36.0946 0x11c0  HdAudAddService - ok
16:58:36.0946 0x11c0  HDAudBus - ok
16:58:36.0962 0x11c0  HidBatt - ok
16:58:36.0962 0x11c0  HidBth - ok
16:58:36.0978 0x11c0  hidi2c - ok
16:58:36.0978 0x11c0  hidinterrupt - ok
16:58:36.0978 0x11c0  HidIr - ok
16:58:36.0993 0x11c0  hidserv - ok
16:58:36.0993 0x11c0  HidUsb - ok
16:58:36.0993 0x11c0  HomeGroupListener - ok
16:58:37.0009 0x11c0  HomeGroupProvider - ok
16:58:37.0024 0x11c0  HpSAMD - ok
16:58:37.0024 0x11c0  HTTP - ok
16:58:37.0041 0x11c0  HvHost - ok
16:58:37.0047 0x11c0  hvservice - ok
16:58:37.0047 0x11c0  hwpolicy - ok
16:58:37.0062 0x11c0  hyperkbd - ok
16:58:37.0062 0x11c0  i8042prt - ok
16:58:37.0078 0x11c0  iagpio - ok
16:58:37.0078 0x11c0  iai2c - ok
16:58:37.0093 0x11c0  iaLPSS2i_GPIO2 - ok
16:58:37.0093 0x11c0  iaLPSS2i_I2C - ok
16:58:37.0109 0x11c0  iaLPSSi_GPIO - ok
16:58:37.0109 0x11c0  iaLPSSi_I2C - ok
16:58:37.0125 0x11c0  iaStorAV - ok
16:58:37.0125 0x11c0  iaStorV - ok
16:58:37.0143 0x11c0  ibbus - ok
16:58:37.0151 0x11c0  icssvc - ok
16:58:37.0161 0x11c0  IKEEXT - ok
16:58:37.0167 0x11c0  IndirectKmd - ok
16:58:37.0178 0x11c0  intelide - ok
16:58:37.0184 0x11c0  intelpep - ok
16:58:37.0190 0x11c0  intelppm - ok
16:58:37.0196 0x11c0  iorate - ok
16:58:37.0197 0x11c0  IpFilterDriver - ok
16:58:37.0197 0x11c0  iphlpsvc - ok
16:58:37.0213 0x11c0  IPMIDRV - ok
16:58:37.0213 0x11c0  IPNAT - ok
16:58:37.0213 0x11c0  irda - ok
16:58:37.0228 0x11c0  IRENUM - ok
16:58:37.0228 0x11c0  irmon - ok
16:58:37.0244 0x11c0  isapnp - ok
16:58:37.0244 0x11c0  iScsiPrt - ok
16:58:37.0244 0x11c0  kbdclass - ok
16:58:37.0259 0x11c0  kbdhid - ok
16:58:37.0259 0x11c0  kdnic - ok
16:58:37.0275 0x11c0  KeyIso - ok
16:58:37.0275 0x11c0  KSecDD - ok
16:58:37.0275 0x11c0  KSecPkg - ok
16:58:37.0296 0x11c0  ksthunk - ok
16:58:37.0297 0x11c0  KtmRm - ok
16:58:37.0297 0x11c0  LanmanServer - ok
16:58:37.0313 0x11c0  LanmanWorkstation - ok
16:58:37.0313 0x11c0  lfsvc - ok
16:58:37.0328 0x11c0  LicenseManager - ok
16:58:37.0328 0x11c0  lltdio - ok
16:58:37.0328 0x11c0  lltdsvc - ok
16:58:37.0344 0x11c0  lmhosts - ok
16:58:37.0344 0x11c0  LSI_SAS - ok
16:58:37.0360 0x11c0  LSI_SAS2i - ok
16:58:37.0360 0x11c0  LSI_SAS3i - ok
16:58:37.0360 0x11c0  LSI_SSS - ok
16:58:37.0375 0x11c0  LSM - ok
16:58:37.0375 0x11c0  luafv - ok
16:58:37.0392 0x11c0  MapsBroker - ok
16:58:37.0397 0x11c0  megasas - ok
16:58:37.0397 0x11c0  megasr - ok
16:58:37.0397 0x11c0  MessagingService - ok
16:58:37.0413 0x11c0  mlx4_bus - ok
16:58:37.0429 0x11c0  MMCSS - ok
16:58:37.0429 0x11c0  Modem - ok
16:58:37.0429 0x11c0  monitor - ok
16:58:37.0444 0x11c0  mouclass - ok
16:58:37.0444 0x11c0  mouhid - ok
16:58:37.0460 0x11c0  mountmgr - ok
16:58:37.0460 0x11c0  mpsdrv - ok
16:58:37.0460 0x11c0  MpsSvc - ok
16:58:37.0476 0x11c0  MQAC - ok
16:58:37.0476 0x11c0  MRxDAV - ok
16:58:37.0498 0x11c0  mrxsmb - ok
16:58:37.0498 0x11c0  mrxsmb10 - ok
16:58:37.0513 0x11c0  mrxsmb20 - ok
16:58:37.0513 0x11c0  MsBridge - ok
16:58:37.0529 0x11c0  MSDTC - ok
16:58:37.0545 0x11c0  Msfs - ok
16:58:37.0545 0x11c0  msgpiowin32 - ok
16:58:37.0560 0x11c0  mshidkmdf - ok
16:58:37.0560 0x11c0  mshidumdf - ok
16:58:37.0560 0x11c0  msisadrv - ok
16:58:37.0576 0x11c0  MSiSCSI - ok
16:58:37.0576 0x11c0  msiserver - ok
16:58:37.0598 0x11c0  MSKSSRV - ok
16:58:37.0598 0x11c0  MsLldp - ok
16:58:37.0598 0x11c0  MSMQ - ok
16:58:37.0614 0x11c0  MSPCLOCK - ok
16:58:37.0614 0x11c0  MSPQM - ok
16:58:37.0614 0x11c0  MsRPC - ok
16:58:37.0629 0x11c0  mssmbios - ok
16:58:37.0629 0x11c0  MSTEE - ok
16:58:37.0645 0x11c0  MTConfig - ok
16:58:37.0645 0x11c0  Mup - ok
16:58:37.0645 0x11c0  mvumis - ok
16:58:37.0660 0x11c0  NativeWifiP - ok
16:58:37.0660 0x11c0  NcaSvc - ok
16:58:37.0676 0x11c0  NcbService - ok
16:58:37.0676 0x11c0  NcdAutoSetup - ok
16:58:37.0694 0x11c0  ndfltr - ok
16:58:37.0698 0x11c0  NDIS - ok
16:58:37.0698 0x11c0  NdisCap - ok
16:58:37.0698 0x11c0  NdisImPlatform - ok
16:58:37.0714 0x11c0  NdisTapi - ok
16:58:37.0714 0x11c0  Ndisuio - ok
16:58:37.0730 0x11c0  NdisVirtualBus - ok
16:58:37.0730 0x11c0  NdisWan - ok
16:58:37.0730 0x11c0  ndiswanlegacy - ok
16:58:37.0745 0x11c0  ndproxy - ok
16:58:37.0745 0x11c0  Ndu - ok
16:58:37.0745 0x11c0  NetAdapterCx - ok
16:58:37.0761 0x11c0  NetBIOS - ok
16:58:37.0761 0x11c0  NetBT - ok
16:58:37.0776 0x11c0  Netlogon - ok
16:58:37.0776 0x11c0  Netman - ok
16:58:37.0797 0x11c0  NetMsmqActivator - ok
16:58:37.0799 0x11c0  NetPipeActivator - ok
16:58:37.0799 0x11c0  netprofm - ok
16:58:37.0814 0x11c0  netr28ux - ok
16:58:37.0814 0x11c0  NetSetupSvc - ok
16:58:37.0814 0x11c0  NetTcpActivator - ok
16:58:37.0830 0x11c0  NetTcpPortSharing - ok
16:58:37.0830 0x11c0  NgcCtnrSvc - ok
16:58:37.0845 0x11c0  NgcSvc - ok
16:58:37.0845 0x11c0  NlaSvc - ok
16:58:37.0845 0x11c0  Npfs - ok
16:58:37.0861 0x11c0  npsvctrig - ok
16:58:37.0861 0x11c0  nsi - ok
16:58:37.0861 0x11c0  nsiproxy - ok
16:58:37.0877 0x11c0  NTFS - ok
16:58:37.0877 0x11c0  Null - ok
16:58:37.0895 0x11c0  nvraid - ok
16:58:37.0899 0x11c0  nvstor - ok
16:58:37.0899 0x11c0  OneSyncSvc - ok
16:58:37.0914 0x11c0  p2pimsvc - ok
16:58:37.0914 0x11c0  p2psvc - ok
16:58:37.0914 0x11c0  Parport - ok
16:58:37.0930 0x11c0  partmgr - ok
16:58:37.0930 0x11c0  PcaSvc - ok
16:58:37.0946 0x11c0  pci - ok
16:58:37.0946 0x11c0  pciide - ok
16:58:37.0946 0x11c0  pcmcia - ok
16:58:37.0961 0x11c0  pcw - ok
16:58:37.0961 0x11c0  pdc - ok
16:58:37.0961 0x11c0  PEAUTH - ok
16:58:37.0977 0x11c0  percsas2i - ok
16:58:37.0977 0x11c0  percsas3i - ok
16:58:38.0015 0x11c0  PerfHost - ok
16:58:38.0030 0x11c0  PhoneSvc - ok
16:58:38.0030 0x11c0  PimIndexMaintenanceSvc - ok
16:58:38.0046 0x11c0  pla - ok
16:58:38.0046 0x11c0  PlugPlay - ok
16:58:38.0062 0x11c0  PNRPAutoReg - ok
16:58:38.0062 0x11c0  PNRPsvc - ok
16:58:38.0062 0x11c0  PolicyAgent - ok
16:58:38.0077 0x11c0  Power - ok
16:58:38.0077 0x11c0  PptpMiniport - ok
16:58:38.0177 0x11c0  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
16:58:38.0400 0x11c0  PrintNotify - ok
16:58:38.0416 0x11c0  Processor - ok
16:58:38.0416 0x11c0  ProfSvc - ok
16:58:38.0416 0x11c0  Psched - ok
16:58:38.0431 0x11c0  QWAVE - ok
16:58:38.0431 0x11c0  QWAVEdrv - ok
16:58:38.0447 0x11c0  RasAcd - ok
16:58:38.0447 0x11c0  RasAgileVpn - ok
16:58:38.0447 0x11c0  RasAuto - ok
16:58:38.0463 0x11c0  Rasl2tp - ok
16:58:38.0463 0x11c0  RasMan - ok
16:58:38.0478 0x11c0  RasPppoe - ok
16:58:38.0478 0x11c0  RasSstp - ok
16:58:38.0478 0x11c0  rdbss - ok
16:58:38.0500 0x11c0  rdpbus - ok
16:58:38.0500 0x11c0  RDPDR - ok
16:58:38.0516 0x11c0  RdpVideoMiniport - ok
16:58:38.0516 0x11c0  rdyboost - ok
16:58:38.0516 0x11c0  ReFSv1 - ok
16:58:38.0532 0x11c0  RemoteAccess - ok
16:58:38.0532 0x11c0  RemoteRegistry - ok
16:58:38.0547 0x11c0  RetailDemo - ok
16:58:38.0547 0x11c0  RFCOMM - ok
16:58:38.0563 0x11c0  RmSvc - ok
16:58:38.0563 0x11c0  RpcEptMapper - ok
16:58:38.0579 0x11c0  RpcLocator - ok
16:58:38.0579 0x11c0  RpcSs - ok
16:58:38.0579 0x11c0  rspndr - ok
16:58:38.0598 0x11c0  s3cap - ok
16:58:38.0601 0x11c0  SamSs - ok
16:58:38.0601 0x11c0  sbp2port - ok
16:58:38.0601 0x11c0  SCardSvr - ok
16:58:38.0616 0x11c0  ScDeviceEnum - ok
16:58:38.0616 0x11c0  scfilter - ok
16:58:38.0632 0x11c0  Schedule - ok
16:58:38.0632 0x11c0  scmbus - ok
16:58:38.0632 0x11c0  scmdisk0101 - ok
16:58:38.0648 0x11c0  SCPolicySvc - ok
16:58:38.0648 0x11c0  sdbus - ok
16:58:38.0663 0x11c0  SDRSVC - ok
16:58:38.0663 0x11c0  sdstor - ok
16:58:38.0663 0x11c0  seclogon - ok
16:58:38.0679 0x11c0  SENS - ok
16:58:38.0679 0x11c0  SensorDataService - ok
16:58:38.0679 0x11c0  SensorService - ok
16:58:38.0699 0x11c0  SensrSvc - ok
16:58:38.0701 0x11c0  SerCx - ok
16:58:38.0701 0x11c0  SerCx2 - ok
16:58:38.0717 0x11c0  Serenum - ok
16:58:38.0717 0x11c0  Serial - ok
16:58:38.0717 0x11c0  sermouse - ok
16:58:38.0732 0x11c0  SessionEnv - ok
16:58:38.0748 0x11c0  sfloppy - ok
16:58:38.0748 0x11c0  SharedAccess - ok
16:58:38.0763 0x11c0  ShellHWDetection - ok
16:58:38.0763 0x11c0  shpamsvc - ok
16:58:38.0779 0x11c0  SiSRaid2 - ok
16:58:38.0779 0x11c0  SiSRaid4 - ok
16:58:38.0779 0x11c0  smphost - ok
16:58:38.0800 0x11c0  SmsRouter - ok
16:58:38.0801 0x11c0  SNMPTRAP - ok
16:58:38.0817 0x11c0  spaceport - ok
16:58:38.0817 0x11c0  SpbCx - ok
16:58:38.0817 0x11c0  Spooler - ok
16:58:38.0832 0x11c0  sppsvc - ok
16:58:38.0832 0x11c0  srv - ok
16:58:38.0848 0x11c0  srv2 - ok
16:58:38.0848 0x11c0  srvnet - ok
16:58:38.0848 0x11c0  SSDPSRV - ok
16:58:38.0864 0x11c0  SstpSvc - ok
16:58:38.0864 0x11c0  StateRepository - ok
16:58:38.0901 0x11c0  [ E06AA279D85877268E34E9A9BC41F560, 6EFE7E3850CD19B919053293B6D8CB61CC638D3B1626BB62594C681625132689 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:58:38.0964 0x11c0  Steam Client Service - ok
16:58:38.0980 0x11c0  stexstor - ok
16:58:38.0980 0x11c0  stisvc - ok
16:58:38.0980 0x11c0  storahci - ok
16:58:38.0998 0x11c0  storflt - ok
16:58:39.0002 0x11c0  stornvme - ok
16:58:39.0002 0x11c0  storqosflt - ok
16:58:39.0002 0x11c0  StorSvc - ok
16:58:39.0017 0x11c0  storufs - ok
16:58:39.0017 0x11c0  storvsc - ok
16:58:39.0033 0x11c0  svsvc - ok
16:58:39.0033 0x11c0  swenum - ok
16:58:39.0033 0x11c0  swprv - ok
16:58:39.0049 0x11c0  Synth3dVsc - ok
16:58:39.0049 0x11c0  SysMain - ok
16:58:39.0064 0x11c0  SystemEventsBroker - ok
16:58:39.0064 0x11c0  TabletInputService - ok
16:58:39.0064 0x11c0  TapiSrv - ok
16:58:39.0080 0x11c0  Tcpip - ok
16:58:39.0080 0x11c0  Tcpip6 - ok
16:58:39.0096 0x11c0  tcpipreg - ok
16:58:39.0102 0x11c0  tdx - ok
16:58:39.0102 0x11c0  terminpt - ok
16:58:39.0102 0x11c0  TermService - ok
16:58:39.0118 0x11c0  Themes - ok
16:58:39.0118 0x11c0  TieringEngineService - ok
16:58:39.0133 0x11c0  tiledatamodelsvc - ok
16:58:39.0133 0x11c0  TimeBrokerSvc - ok
16:58:39.0149 0x11c0  TPM - ok
16:58:39.0149 0x11c0  TrkWks - ok
16:58:39.0149 0x11c0  TrustedInstaller - ok
16:58:39.0165 0x11c0  tsusbflt - ok
16:58:39.0165 0x11c0  TsUsbGD - ok
16:58:39.0180 0x11c0  tunnel - ok
16:58:39.0180 0x11c0  tzautoupdate - ok
16:58:39.0180 0x11c0  UASPStor - ok
16:58:39.0200 0x11c0  UcmCx0101 - ok
16:58:39.0202 0x11c0  UcmTcpciCx0101 - ok
16:58:39.0202 0x11c0  UcmUcsi - ok
16:58:39.0218 0x11c0  Ucx01000 - ok
16:58:39.0218 0x11c0  UdeCx - ok
16:58:39.0218 0x11c0  udfs - ok
16:58:39.0234 0x11c0  UEFI - ok
16:58:39.0234 0x11c0  Ufx01000 - ok
16:58:39.0234 0x11c0  UfxChipidea - ok
16:58:39.0249 0x11c0  ufxsynopsys - ok
16:58:39.0265 0x11c0  UI0Detect - ok
16:58:39.0265 0x11c0  umbus - ok
16:58:39.0265 0x11c0  UmPass - ok
16:58:39.0280 0x11c0  UmRdpService - ok
16:58:39.0280 0x11c0  UnistoreSvc - ok
16:58:39.0300 0x11c0  upnphost - ok
16:58:39.0303 0x11c0  UrsChipidea - ok
16:58:39.0303 0x11c0  UrsCx01000 - ok
16:58:39.0303 0x11c0  UrsSynopsys - ok
16:58:39.0318 0x11c0  usbccgp - ok
16:58:39.0318 0x11c0  usbcir - ok
16:58:39.0334 0x11c0  usbehci - ok
16:58:39.0334 0x11c0  usbhub - ok
16:58:39.0334 0x11c0  USBHUB3 - ok
16:58:39.0349 0x11c0  usbohci - ok
16:58:39.0349 0x11c0  usbprint - ok
16:58:39.0365 0x11c0  usbser - ok
16:58:39.0365 0x11c0  USBSTOR - ok
16:58:39.0365 0x11c0  usbuhci - ok
16:58:39.0381 0x11c0  USBXHCI - ok
16:58:39.0381 0x11c0  UserDataSvc - ok
16:58:39.0400 0x11c0  UserManager - ok
16:58:39.0403 0x11c0  UsoSvc - ok
16:58:39.0403 0x11c0  VaultSvc - ok
16:58:39.0403 0x11c0  vdrvroot - ok
16:58:39.0418 0x11c0  vds - ok
16:58:39.0418 0x11c0  VerifierExt - ok
16:58:39.0434 0x11c0  vhdmp - ok
16:58:39.0434 0x11c0  vhf - ok
16:58:39.0434 0x11c0  vmbus - ok
16:58:39.0450 0x11c0  VMBusHID - ok
16:58:39.0450 0x11c0  vmgid - ok
16:58:39.0450 0x11c0  vmicguestinterface - ok
16:58:39.0465 0x11c0  vmicheartbeat - ok
16:58:39.0465 0x11c0  vmickvpexchange - ok
16:58:39.0481 0x11c0  vmicrdv - ok
16:58:39.0481 0x11c0  vmicshutdown - ok
16:58:39.0481 0x11c0  vmictimesync - ok
16:58:39.0499 0x11c0  vmicvmsession - ok
16:58:39.0503 0x11c0  vmicvss - ok
16:58:39.0503 0x11c0  volmgr - ok
16:58:39.0503 0x11c0  volmgrx - ok
16:58:39.0519 0x11c0  volsnap - ok
16:58:39.0519 0x11c0  volume - ok
16:58:39.0534 0x11c0  vpci - ok
16:58:39.0534 0x11c0  vsmraid - ok
16:58:39.0534 0x11c0  VSS - ok
16:58:39.0550 0x11c0  VSTXRAID - ok
16:58:39.0550 0x11c0  vwifibus - ok
16:58:39.0550 0x11c0  vwififlt - ok
16:58:39.0566 0x11c0  vwifimp - ok
16:58:39.0566 0x11c0  W32Time - ok
16:58:39.0581 0x11c0  w3logsvc - ok
16:58:39.0581 0x11c0  W3SVC - ok
16:58:39.0581 0x11c0  WacomPen - ok
16:58:39.0602 0x11c0  WalletService - ok
16:58:39.0603 0x11c0  wanarp - ok
16:58:39.0603 0x11c0  wanarpv6 - ok
16:58:39.0619 0x11c0  WAS - ok
16:58:39.0619 0x11c0  wbengine - ok
16:58:39.0619 0x11c0  WbioSrvc - ok
16:58:39.0635 0x11c0  wcifs - ok
16:58:39.0635 0x11c0  Wcmsvc - ok
16:58:39.0650 0x11c0  wcncsvc - ok
16:58:39.0650 0x11c0  wcnfs - ok
16:58:39.0650 0x11c0  WdBoot - ok
16:58:39.0666 0x11c0  Wdf01000 - ok
16:58:39.0666 0x11c0  WdFilter - ok
16:58:39.0666 0x11c0  WdiServiceHost - ok
16:58:39.0682 0x11c0  WdiSystemHost - ok
16:58:39.0682 0x11c0  wdiwifi - ok
16:58:39.0697 0x11c0  WdNisDrv - ok
16:58:39.0702 0x11c0  WdNisSvc - ok
16:58:39.0704 0x11c0  WebClient - ok
16:58:39.0704 0x11c0  Wecsvc - ok
16:58:39.0719 0x11c0  WEPHOSTSVC - ok
16:58:39.0719 0x11c0  wercplsupport - ok
16:58:39.0719 0x11c0  WerSvc - ok
16:58:39.0735 0x11c0  WFPLWFS - ok
16:58:39.0735 0x11c0  WiaRpc - ok
16:58:39.0751 0x11c0  WIMMount - ok
16:58:39.0751 0x11c0  WinDefend - ok
16:58:39.0766 0x11c0  WindowsTrustedRT - ok
16:58:39.0766 0x11c0  WindowsTrustedRTProxy - ok
16:58:39.0782 0x11c0  WinHttpAutoProxySvc - ok
16:58:39.0782 0x11c0  WinMad - ok
16:58:39.0798 0x11c0  Winmgmt - ok
16:58:39.0803 0x11c0  WinRM - ok
16:58:39.0804 0x11c0  WINUSB - ok
16:58:39.0820 0x11c0  WinVerbs - ok
16:58:39.0820 0x11c0  wisvc - ok
16:58:39.0820 0x11c0  WlanSvc - ok
16:58:39.0835 0x11c0  wlidsvc - ok
16:58:39.0835 0x11c0  WmiAcpi - ok
16:58:39.0851 0x11c0  wmiApSrv - ok
16:58:39.0851 0x11c0  WMPNetworkSvc - ok
16:58:39.0866 0x11c0  Wof - ok
16:58:39.0866 0x11c0  workfolderssvc - ok
16:58:39.0866 0x11c0  WPDBusEnum - ok
16:58:39.0882 0x11c0  WpdUpFltr - ok
16:58:39.0882 0x11c0  WpnService - ok
16:58:39.0900 0x11c0  WpnUserService - ok
16:58:39.0904 0x11c0  ws2ifsl - ok
16:58:39.0904 0x11c0  wscsvc - ok
16:58:39.0920 0x11c0  WSDPrintDevice - ok
16:58:39.0920 0x11c0  WSearch - ok
16:58:39.0935 0x11c0  wuauserv - ok
16:58:39.0935 0x11c0  WudfPf - ok
16:58:39.0935 0x11c0  WUDFRd - ok
16:58:39.0951 0x11c0  wudfsvc - ok
16:58:39.0951 0x11c0  WUDFWpdFs - ok
16:58:39.0967 0x11c0  WwanSvc - ok
16:58:39.0967 0x11c0  XblAuthManager - ok
16:58:39.0967 0x11c0  XblGameSave - ok
16:58:39.0982 0x11c0  xboxgip - ok
16:58:39.0982 0x11c0  XboxNetApiSvc - ok
16:58:39.0999 0x11c0  xinputhid - ok
16:58:40.0003 0x11c0  ================ Scan global ===============================
16:58:40.0020 0x11c0  [ Global ] - ok
16:58:40.0020 0x11c0  ================ Scan MBR ==================================
16:58:40.0020 0x11c0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:58:40.0183 0x11c0  \Device\Harddisk0\DR0 - ok
16:58:40.0183 0x11c0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:58:40.0252 0x11c0  \Device\Harddisk1\DR1 - ok
16:58:40.0252 0x11c0  ================ Scan VBR ==================================
16:58:40.0252 0x11c0  [ 014AFD868BD0049D18D642FD5BC2F6E2 ] \Device\Harddisk0\DR0\Partition1
16:58:40.0252 0x11c0  \Device\Harddisk0\DR0\Partition1 - ok
16:58:40.0252 0x11c0  [ 5520853F5E4F50F2882077AEDDAB2738 ] \Device\Harddisk0\DR0\Partition2
16:58:40.0252 0x11c0  \Device\Harddisk0\DR0\Partition2 - ok
16:58:40.0268 0x11c0  [ 7FEE470E99E743FD34E26F9BA9BC50D1 ] \Device\Harddisk1\DR1\Partition1
16:58:40.0268 0x11c0  \Device\Harddisk1\DR1\Partition1 - ok
16:58:40.0268 0x11c0  ================ Scan generic autorun ======================
16:58:40.0268 0x11c0  Logitech Download Assistant - ok
16:58:40.0268 0x11c0  WindowsDefender - ok
16:58:40.0305 0x11c0  [ 4C6AAABB264526A9C845A39AEBB79B69, B27F869E8B44CC5F1F9ADCA53AA848C16D706587ED9C7F995AE59BF9B0426523 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
16:58:40.0337 0x11c0  StartCCC - ok
16:58:40.0368 0x11c0  [ 4B5985DC72C3546A890C881A6EA5BE5A, CEB1B4F63517E9E4F7E473A70EE1B1968AD45AD41C6900CE38040F8CF857D98F ] C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
16:58:40.0406 0x11c0  AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
16:58:40.0553 0x11c0  Detect skipped due to KSN trusted
16:58:40.0553 0x11c0  AVMWlanClient - ok
16:58:40.0584 0x11c0  OneDriveSetup - ok
16:58:40.0584 0x11c0  OneDriveSetup - ok
16:58:40.0637 0x11c0  [ 49610A409DFAE252AE6A07E400013178, 4191C5BF1BF0E029F58F71BC9B06C1A817FA6250EC6F33C6C680EDE4A2B47F19 ] C:\Users\Julius\AppData\Roaming\Spotify\SpotifyWebHelper.exe
16:58:40.0923 0x11c0  Spotify Web Helper - ok
16:58:40.0938 0x11c0  [ 1D7DD340E13DF9585EABB849CFC3E11B, 31CCD9753402DC030C641214B4ECB48A757BCD9F427A143A88745C62EFF87766 ] C:\Users\Julius\AppData\Local\Microsoft\OneDrive\OneDrive.exe
16:58:40.0969 0x11c0  OneDrive - ok
16:58:40.0969 0x11c0  Waiting for KSN requests completion. In queue: 12
16:58:42.0025 0x11c0  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x61100 ( enabled : updated )
16:58:42.0041 0x11c0  Win FW state via NFP2: enabled ( trusted )
16:58:42.0141 0x11c0  ============================================================
16:58:42.0141 0x11c0  Scan finished
16:58:42.0141 0x11c0  ============================================================
16:58:42.0141 0x1500  Detected object count: 1
16:58:42.0141 0x1500  Actual detected object count: 1
17:01:19.0741 0x1500  Coerlasy ( UnsignedFile.Multi.Generic ) - skipped by user
17:01:19.0741 0x1500  Coerlasy ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 06.10.2016, 17:33   #10
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
trojan dropper:win32/bunt - Standard

trojan dropper:win32/bunt



Schritt 1

Downloade Dir bitte AdwCleaner auf Deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere Dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit Deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass Deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 06.10.2016, 19:18   #11
Juro346
 
trojan dropper:win32/bunt - Standard

trojan dropper:win32/bunt



Code:
ATTFilter
# AdwCleaner v6.020 - Bericht erstellt am 06/10/2016 um 19:33:33
# Aktualisiert am 14/09/2016 von ToolsLib
# Datenbank : 2016-10-06.1 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Julius - JULIUS-PC
# Gestartet von : C:\Users\Julius\Downloads\AdwCleaner_6.020.exe
# Modus: Löschen
# Unterstützung : https://toolslib.net/forum



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\Julius\AppData\Local\DriverToolkit
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
[-] Ordner gelöscht: C:\Program Files (x86)\DriverToolkit


***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}
[-] Schlüssel gelöscht: HKU\S-1-5-21-645722510-4007608099-3805512291-1001\Software\DriverToolkit
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\DriverToolkit
[-] Schlüssel gelöscht: HKLM\SOFTWARE\trotuxSoftware
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\DriverToolkit


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1805 Bytes] - [06/10/2016 19:33:33]
C:\AdwCleaner\AdwCleaner[S0].txt - [2008 Bytes] - [06/10/2016 19:32:58]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1951 Bytes] ##########
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 06.10.2016
Suchlaufzeit: 20:05
Protokolldatei: TB.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.10.06.11
Rootkit-Datenbank: v2016.09.26.02
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Julius

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 329226
Abgelaufene Zeit: 8 Min., 22 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 1
PUP.Optional.Elex, C:\Program Files (x86)\Kzerlybervush\procaentvlotCollector.dll, Löschen bei Neustart, [43c0692dcecce2540e64b44f5aab1ee2], 

Registrierungsschlüssel: 3
PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{EF4ECAC9-02AA-4461-9247-AD0F6D7DA945}, Löschen bei Neustart, [20e3cfc7108a1026e40493504cb820e0], 
PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Fakthertuverge Controls, Löschen bei Neustart, [867dd4c2811973c38069816260a4649c], 
PUP.Optional.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Coerlasy, In Quarantäne, [43c0692dcecce2540e64b44f5aab1ee2], 

Registrierungswerte: 1
PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{EF4ECAC9-02AA-4461-9247-AD0F6D7DA945}|Path, \Fakthertuverge Controls, Löschen bei Neustart, [20e3cfc7108a1026e40493504cb820e0]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 21
PUP.Optional.NeoBar.Generic, C:\Users\Julius\AppData\Local\Temp\1107DD8A-1DB4-4C88-A21D-9E11644BEFBA\yt.exe, In Quarantäne, [72911482a8f2cc6a0f2e20a9f90bc040], 
Adware.HPDefender, C:\Users\Julius\AppData\Local\Temp\C1C2426F-BF09-4DEA-9073-F27DD17923F2\yotraleplahnte.ru_World.exe, In Quarantäne, [699a8c0a891145f1c908ea19669f4bb5], 
Adware.ProxyAgent, C:\Users\Julius\AppData\Local\Temp\CE281D19-7783-4C85-AC10-E44F89485A58\isr_lm.exe, In Quarantäne, [1de64650c3d78caa37632b8b689cfb05], 
Adware.InstallMonster, C:\Users\Julius\AppData\Local\Temp\Rar$EXa0.026\Sylenth1 2.2.exe, In Quarantäne, [82815244b6e42f0731395ca50cf99868], 
PUP.Optional.Elex, C:\Windows\System32\Tasks\Fakthertuverge Controls, In Quarantäne, [48bbf1a51a80d95d2bbf2ab9f3111ae6], 
PUP.Optional.HPDefender, C:\Users\Julius\AppData\Roaming\NotepadPlusPlusApp\nppApplication.exe, In Quarantäne, [8d76880eb9e10c2a33d98078857f0df3], 
PUP.Optional.Elex, C:\Program Files (x86)\Kzerlybervush\procaentvlotCollector.dll, Löschen bei Neustart, [43c0692dcecce2540e64b44f5aab1ee2], 
PUP.Optional.Trotux, C:\Users\Julius\AppData\Roaming\Mozilla\Firefox\Profiles\uhu9xfyn.default\searchplugins\m0c9rg9e.xml, In Quarantäne, [d72cb9dde7b3092d4f1938659b69a65a], 
PUP.Optional.Trotux, C:\Users\Julius\AppData\Roaming\Mozilla\Firefox\Profiles\uhu9xfyn.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.trotux.com/?z=f028d07922f61937a5fc749g5z8m7w1zfoaz8t3t0e&from=isr&uid=OCZ-VERTEX2_OCZ-2LHDJM0E3N1CCSP7&type=hp");), Ersetzt,[62a126702c6e80b6d39f89146d97b947]
PUP.Optional.Trotux, C:\Users\Julius\AppData\Roaming\Mozilla\Firefox\Profiles\uhu9xfyn.default\prefs.js, Gut: (), Schlecht: ( false);
user_pref("browser.cache.frecency_experiment", 2);
user_pref("browser.download.importedFromSqlite", true);
user_pref("browser.download.panel.shown", true);
), Ersetzt,[44bfa3f3207aaa8cf77b871612f231cf]
PUP.Optional.Trotux, C:\Users\Julius\AppData\Roaming\Mozilla\Firefox\Profiles\uhu9xfyn.default\prefs.js, Gut: (), Schlecht: (e application is running,
 * the changes will be overwritten when the application exits.
 *
 * To make a manual change to preferences, you can visit the URL about:config
 */

user_pref("), Ersetzt,[649fe4b22b6f181e8ae8c7d6c341c13f]
PUP.Optional.Trotux, C:\Users\Julius\AppData\Roaming\Mozilla\Firefox\Profiles\uhu9xfyn.default\prefs.js, Gut: (), Schlecht: (a manual change to preferences, you can visit the URL about:config
 */

user_pref("accessibility.typeaheadfind", true);
user_pref("app.update.auto", false);
user_pref("app.update.enabled",), Ersetzt,[6a99474fccce55e16c06a7f640c4d42c]
PUP.Optional.Trotux, C:\Users\Julius\AppData\Roaming\Mozilla\Firefox\Profiles\uhu9xfyn.default\prefs.js, Gut: (), Schlecht: (056);
user_pref("app.update.lastUpdateTime.background-update-timer", 1465818554);
user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 146577), Ersetzt,[996af79f92088bab95ddf4a9bb49a759]
PUP.Optional.Trotux, C:\Users\Julius\AppData\Roaming\Profiles\Rewspckke.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.trotux.com/?z=f028d07922f61937a5fc749g5z8m7w1zfoaz8t3t0e&from=isr&uid=OCZ-VERTEX2_OCZ-2LHDJM0E3N1CCSP7&type=hp");), Ersetzt,[27dcf4a29a0066d0920b9e4eff0534cc]
PUP.Optional.Trotux, C:\Users\Julius\AppData\Roaming\Profiles\Rewspckke.default\prefs.js, Gut: (), Schlecht: (rowser.cache.disk.filesystem_reported", 1);
user_pref("), Ersetzt,[90731284d4c664d21885f3f9c73d1de3]
PUP.Optional.Trotux, C:\Users\Julius\AppData\Roaming\Profiles\Rewspckke.default\prefs.js, Gut: (), Schlecht: (s file.
 *
 * If you make changes to this file while the application is running,
 * the changes will be overwritten when the application exits.
 *
 * To make a manu), Ersetzt,[42c10d894c4efd390895c329bd47966a]
PUP.Optional.Trotux, C:\Users\Julius\AppData\Roaming\Profiles\Rewspckke.default\prefs.js, Gut: (), Schlecht: (plication is running,
 * the changes will be overwritten when the application exits.
 *
 * To make a manual change to preferences, you can visit the URL about:config
 */

user_pref("acce), Ersetzt,[ff04f99d2c6e0b2b207d14d8bc484db3]
PUP.Optional.Trotux, C:\Users\Julius\AppData\Roaming\Profiles\Rewspckke.default\prefs.js, Gut: (), Schlecht: (nual change to preferences, you can visit the URL about:config
 */

user_pref("accessibility.typeaheadfind", true);
user_pref("app.update.auto", false);
user_pref("app.update.enabled", fal), Ersetzt,[b251286e7c1e6ec894092ebeda2a36ca]
PUP.Optional.Trotux, C:\Users\Julius\AppData\Roaming\Profiles\Rewspckke.default\prefs.js, Gut: (), Schlecht: ( * the changes will be overwritten when the applicati), Ersetzt,[21e2ff97debc2b0b9ffe529af50f669a]
PUP.Optional.Trotux, C:\Users\Julius\AppData\Roaming\Profiles\Rewspckke.default\prefs.js, Gut: (), Schlecht: (ypeaheadfind", true);
user_pref("app.update.auto", false);
user_pref("app.update.enabled", false);
user_pref("app.update.lastUpdateTime.addon-background-update-), Ersetzt,[b44f30663c5ecc6a326b22ca4cb83cc4]
PUP.Optional.Trotux, C:\Users\Julius\AppData\Roaming\Profiles\Rewspckke.default\searchplugins\m0c9rg9e.xml, In Quarantäne, [f013ddb96a305cda82184d9f39cb639d], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         

Alt 07.10.2016, 14:49   #12
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
trojan dropper:win32/bunt - Standard

trojan dropper:win32/bunt



Bitte frische Logs:

Schritt 1



Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 07.10.2016, 17:44   #13
Juro346
 
trojan dropper:win32/bunt - Standard

trojan dropper:win32/bunt



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-10-2016
durchgeführt von Julius (Administrator) auf JULIUS-PC (07-10-2016 18:30:42)
Gestartet von C:\Users\Julius\Downloads
Geladene Profile: Julius (Verfügbare Profile: Julius)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TeamSpeak Systems GmbH) C:\Users\Julius\Desktop\teamspeak\ts3client_win64.exe
() D:\lol\RADS\system\rads_user_kernel.exe
() D:\lol\RADS\projects\lol_launcher\releases\0.0.1.29\deploy\LoLLauncher.exe
() D:\lol\RADS\projects\lol_patcher\releases\0.0.0.69\deploy\LoLPatcher.exe
() D:\lol\RADS\projects\lol_air_client\releases\0.0.1.219\deploy\LolClient.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.XboxApp_19.22.6017.0_x64__8wekyb3d8bbwe\XboxApp.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.82_none_5be7b69702339d1d\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Farbar) C:\Users\Julius\Downloads\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-28] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe [937984 2014-11-21] (AVM Berlin)
HKU\S-1-5-21-645722510-4007608099-3805512291-1001\...\Run: [Spotify Web Helper] => C:\Users\Julius\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1529456 2016-09-23] (Spotify Ltd)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{009009a0-5aea-43e2-a3ab-57af5a3c803a}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================

FireFox:
========
FF DefaultProfile: uhu9xfyn.default
FF ProfilePath: C:\Users\Julius\AppData\Roaming\Mozilla\Firefox\Profiles\uhu9xfyn.default [2016-10-02]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\uhu9xfyn.default -> trotux
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\uhu9xfyn.default -> trotux
FF Homepage: Mozilla\Firefox\Profiles\uhu9xfyn.default -> hxxp://www.trotux.com/?z=f028d07922f61937a5fc749g5z8m7w1zfoaz8t3t0e&from=isr&uid=OCZ-VERTEX2_OCZ-2LHDJM0E3N1CCSP7&type=hp
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
StartMenuInternet: FIREFOX.EXE - D:\firefox\firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\Julius\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-10-07] <==== ACHTUNG
CHR Extension: (Google Präsentationen) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-02]
CHR Extension: (Google Docs) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-02]
CHR Extension: (Google Drive) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-02]
CHR Extension: (YouTube) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-02]
CHR Extension: (Google Tabellen) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-02]
CHR Extension: (Google Docs Offline) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-02]
CHR Extension: (Google Mail) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-02]
CHR Extension: (Chrome Media Router) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-02]
CHR Profile: C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default [2016-10-02]
CHR Extension: (ProxFlow) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2016-09-23]
CHR Extension: (Google Präsentationen) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-13]
CHR Extension: (Google Docs) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-13]
CHR Extension: (Google Drive) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-13]
CHR Extension: (YouTube) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-13]
CHR Extension: (Adblock Plus) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-24]
CHR Extension: (Google Tabellen) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-13]
CHR Extension: (Google Docs Offline) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-13]
CHR Extension: (Google Mail) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-13]
CHR Extension: (Chrome Media Router) - C:\Users\Julius\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-23]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2014-11-21] (AVM Berlin)
S3 fwlanusb5_nv2; C:\Windows\system32\DRIVERS\fwlanusb5_nv2.sys [1322824 2014-11-21] (AVM GmbH)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 netr28ux; C:\Windows\System32\drivers\netr28ux.sys [2224128 2016-07-16] (MediaTek Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-07 18:30 - 2016-10-07 18:30 - 02405376 _____ (Farbar) C:\Users\Julius\Downloads\FRST64 (1).exe
2016-10-06 23:02 - 2016-10-06 23:02 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2016-10-06 23:02 - 2016-10-06 23:02 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-10-06 23:02 - 2016-10-06 23:02 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2016-10-06 23:02 - 2016-10-06 23:02 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-10-06 20:17 - 2016-10-06 20:17 - 00007105 _____ C:\Users\Julius\Desktop\TB.txt
2016-10-06 20:05 - 2016-10-06 20:15 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-06 20:04 - 2016-10-06 20:04 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-10-06 20:04 - 2016-10-06 20:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-10-06 20:04 - 2016-10-06 20:04 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-10-06 20:04 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-10-06 20:04 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-10-06 20:04 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-10-06 19:53 - 2016-10-06 19:54 - 22851472 _____ (Malwarebytes ) C:\Users\Julius\Downloads\mbam-setup-2.2.1.1043.exe
2016-10-06 19:28 - 2016-10-06 19:33 - 00000000 ____D C:\AdwCleaner
2016-10-06 19:27 - 2016-10-06 19:28 - 03861056 _____ C:\Users\Julius\Downloads\AdwCleaner_6.020.exe
2016-10-06 16:57 - 2016-10-06 17:03 - 00057044 _____ C:\TDSSKiller.3.1.0.11_06.10.2016_16.57.22_log.txt
2016-10-05 16:43 - 2016-10-05 16:50 - 00055912 _____ C:\TDSSKiller.3.1.0.11_05.10.2016_16.43.10_log.txt
2016-10-05 16:41 - 2016-10-05 16:42 - 00055912 _____ C:\TDSSKiller.3.1.0.11_05.10.2016_16.41.32_log.txt
2016-10-05 16:41 - 2016-10-05 16:41 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Julius\Downloads\tdsskiller.exe
2016-10-04 15:39 - 2016-10-04 15:40 - 00048986 _____ C:\Users\Julius\Downloads\Addition.txt
2016-10-04 15:37 - 2016-10-07 18:31 - 00010434 _____ C:\Users\Julius\Downloads\FRST.txt
2016-10-04 15:37 - 2016-10-07 18:30 - 00000000 ____D C:\FRST
2016-10-04 15:37 - 2016-10-04 15:37 - 02169856 _____ (Farbar) C:\Users\Julius\Downloads\FRST64.exe
2016-10-03 16:04 - 2016-10-06 19:33 - 00000008 __RSH C:\Users\Julius\ntuser.pol
2016-10-02 18:17 - 2016-10-06 20:14 - 00000000 ____D C:\Users\Julius\AppData\Roaming\NotepadPlusPlusApp
2016-10-02 18:17 - 2016-10-06 19:33 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-10-02 18:17 - 2016-10-02 18:17 - 00002560 _____ C:\Users\Julius\AppData\Local\uninstallro.exe
2016-10-02 18:16 - 2016-10-06 20:15 - 00000000 ____D C:\Program Files (x86)\Kzerlybervush
2016-10-02 18:16 - 2016-10-06 19:42 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Ghasetion
2016-10-02 18:16 - 2016-10-02 18:17 - 00000000 ____D C:\Users\Julius\AppData\Local\Vieent
2016-10-02 18:13 - 2016-10-02 18:13 - 00000000 ____D C:\Users\Julius\AppData\Roaming\WinRAR
2016-10-02 18:12 - 2016-10-02 18:12 - 03953939 _____ C:\Users\Julius\Downloads\Nicht bestätigt 717478.crdownload
2016-10-02 18:12 - 2016-10-02 18:12 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-10-02 18:12 - 2016-10-02 18:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-10-02 18:11 - 2016-10-02 18:12 - 00000000 ____D C:\Program Files\WinRAR
2016-10-02 18:11 - 2016-10-02 18:11 - 02305864 _____ C:\Users\Julius\Downloads\winrar-x64-540d.exe
2016-10-02 18:01 - 2016-10-02 18:01 - 03953939 _____ C:\Users\Julius\Downloads\Sylenth1 2.2.rar
2016-09-30 14:33 - 2016-09-15 19:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2016-09-30 14:33 - 2016-09-15 19:25 - 00262960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-09-30 14:33 - 2016-09-15 19:23 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-30 14:33 - 2016-09-15 19:22 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-30 14:33 - 2016-09-15 19:22 - 00433832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-09-30 14:33 - 2016-09-15 19:21 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-09-30 14:33 - 2016-09-15 19:19 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-09-30 14:33 - 2016-09-15 19:18 - 06654616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-30 14:33 - 2016-09-15 19:13 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-30 14:33 - 2016-09-15 19:08 - 05683712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-30 14:33 - 2016-09-15 19:00 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2016-09-30 14:33 - 2016-09-15 18:59 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2016-09-30 14:33 - 2016-09-15 18:59 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2016-09-30 14:33 - 2016-09-15 18:59 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-09-30 14:33 - 2016-09-15 18:58 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-09-30 14:33 - 2016-09-15 18:58 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlancfg.dll
2016-09-30 14:33 - 2016-09-15 18:58 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-09-30 14:33 - 2016-09-15 18:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2016-09-30 14:33 - 2016-09-15 18:57 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2016-09-30 14:33 - 2016-09-15 18:57 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2016-09-30 14:33 - 2016-09-15 18:57 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2016-09-30 14:33 - 2016-09-15 18:57 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-30 14:33 - 2016-09-15 18:56 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-09-30 14:33 - 2016-09-15 18:56 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2016-09-30 14:33 - 2016-09-15 18:55 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2016-09-30 14:33 - 2016-09-15 18:55 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-09-30 14:33 - 2016-09-15 18:55 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll
2016-09-30 14:33 - 2016-09-15 18:55 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-09-30 14:33 - 2016-09-15 18:55 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-30 14:33 - 2016-09-15 18:54 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2016-09-30 14:33 - 2016-09-15 18:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-09-30 14:33 - 2016-09-15 18:53 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-09-30 14:33 - 2016-09-15 18:53 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-30 14:33 - 2016-09-15 18:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-30 14:33 - 2016-09-15 18:52 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2016-09-30 14:33 - 2016-09-15 18:52 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-09-30 14:33 - 2016-09-15 18:51 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-09-30 14:33 - 2016-09-15 18:48 - 01321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-30 14:33 - 2016-09-15 18:48 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-09-30 14:33 - 2016-09-15 18:48 - 01112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-30 14:33 - 2016-09-15 18:46 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-30 14:33 - 2016-09-15 18:45 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-30 14:33 - 2016-09-15 18:45 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-09-30 14:33 - 2016-09-15 18:44 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-30 14:33 - 2016-09-15 18:44 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2016-09-30 14:33 - 2016-09-15 18:43 - 07467520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-09-30 14:33 - 2016-09-15 18:43 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-09-30 14:33 - 2016-09-15 18:43 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-09-30 14:33 - 2016-09-15 18:42 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2016-09-30 14:33 - 2016-09-15 18:40 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-09-30 14:33 - 2016-09-15 18:40 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-09-30 14:33 - 2016-09-15 18:40 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-30 14:33 - 2016-09-15 18:40 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-09-30 14:33 - 2016-09-15 18:40 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-30 14:33 - 2016-09-15 18:40 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-30 14:33 - 2016-09-15 18:39 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-09-30 14:33 - 2016-09-15 18:39 - 02254848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-30 14:33 - 2016-09-15 18:39 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-30 14:33 - 2016-09-15 18:39 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-09-30 14:33 - 2016-09-15 18:39 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-09-30 14:33 - 2016-09-15 18:38 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-30 14:33 - 2016-09-15 18:38 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-09-30 14:33 - 2016-09-15 18:38 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-09-30 14:33 - 2016-09-15 18:36 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-30 14:33 - 2016-08-06 05:33 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-30 14:33 - 2016-08-05 10:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-30 14:32 - 2016-09-15 20:14 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-30 14:32 - 2016-09-15 19:37 - 00496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-09-30 14:32 - 2016-09-15 19:37 - 00402352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-09-30 14:32 - 2016-09-15 19:35 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-09-30 14:32 - 2016-09-15 19:35 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-30 14:32 - 2016-09-15 19:35 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-09-30 14:32 - 2016-09-15 19:33 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-09-30 14:32 - 2016-09-15 19:32 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-30 14:32 - 2016-09-15 19:25 - 00340320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-30 14:32 - 2016-09-15 19:23 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-30 14:32 - 2016-09-15 19:23 - 00170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-09-30 14:32 - 2016-09-15 19:22 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-30 14:32 - 2016-09-15 19:22 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-09-30 14:32 - 2016-09-15 19:22 - 00860512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-30 14:32 - 2016-09-15 19:22 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2016-09-30 14:32 - 2016-09-15 19:21 - 01980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-09-30 14:32 - 2016-09-15 19:20 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-30 14:32 - 2016-09-15 19:18 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-30 14:32 - 2016-09-15 19:18 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-09-30 14:32 - 2016-09-15 19:18 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-30 14:32 - 2016-09-15 19:18 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-30 14:32 - 2016-09-15 19:18 - 00955528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-30 14:32 - 2016-09-15 19:18 - 00856872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-09-30 14:32 - 2016-09-15 19:17 - 20965248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-30 14:32 - 2016-09-15 19:17 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-09-30 14:32 - 2016-09-15 19:14 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-09-30 14:32 - 2016-09-15 19:13 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2016-09-30 14:32 - 2016-09-15 19:03 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-30 14:32 - 2016-09-15 19:03 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TempSignedLicenseExchangeTask.dll
2016-09-30 14:32 - 2016-09-15 19:03 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2016-09-30 14:32 - 2016-09-15 19:03 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2016-09-30 14:32 - 2016-09-15 19:02 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-30 14:32 - 2016-09-15 19:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2016-09-30 14:32 - 2016-09-15 19:01 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2016-09-30 14:32 - 2016-09-15 19:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-09-30 14:32 - 2016-09-15 19:00 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-09-30 14:32 - 2016-09-15 19:00 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2016-09-30 14:32 - 2016-09-15 19:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2016-09-30 14:32 - 2016-09-15 19:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-30 14:32 - 2016-09-15 19:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-09-30 14:32 - 2016-09-15 18:59 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovslegacy.dll
2016-09-30 14:32 - 2016-09-15 18:59 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-09-30 14:32 - 2016-09-15 18:58 - 00491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-30 14:32 - 2016-09-15 18:58 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-09-30 14:32 - 2016-09-15 18:58 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-09-30 14:32 - 2016-09-15 18:58 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-09-30 14:32 - 2016-09-15 18:58 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-09-30 14:32 - 2016-09-15 18:58 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2016-09-30 14:32 - 2016-09-15 18:58 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2016-09-30 14:32 - 2016-09-15 18:57 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2016-09-30 14:32 - 2016-09-15 18:57 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2016-09-30 14:32 - 2016-09-15 18:57 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-09-30 14:32 - 2016-09-15 18:57 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-30 14:32 - 2016-09-15 18:57 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-30 14:32 - 2016-09-15 18:57 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-30 14:32 - 2016-09-15 18:56 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2016-09-30 14:32 - 2016-09-15 18:56 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-30 14:32 - 2016-09-15 18:56 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2016-09-30 14:32 - 2016-09-15 18:56 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2016-09-30 14:32 - 2016-09-15 18:56 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-30 14:32 - 2016-09-15 18:56 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-09-30 14:32 - 2016-09-15 18:56 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2016-09-30 14:32 - 2016-09-15 18:56 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2016-09-30 14:32 - 2016-09-15 18:56 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2016-09-30 14:32 - 2016-09-15 18:56 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-09-30 14:32 - 2016-09-15 18:56 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll
2016-09-30 14:32 - 2016-09-15 18:55 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-09-30 14:32 - 2016-09-15 18:55 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-09-30 14:32 - 2016-09-15 18:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-09-30 14:32 - 2016-09-15 18:55 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-09-30 14:32 - 2016-09-15 18:55 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-09-30 14:32 - 2016-09-15 18:55 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-09-30 14:32 - 2016-09-15 18:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-09-30 14:32 - 2016-09-15 18:55 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-09-30 14:32 - 2016-09-15 18:55 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-30 14:32 - 2016-09-15 18:55 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2016-09-30 14:32 - 2016-09-15 18:55 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2016-09-30 14:32 - 2016-09-15 18:55 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-09-30 14:32 - 2016-09-15 18:55 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2016-09-30 14:32 - 2016-09-15 18:55 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-09-30 14:32 - 2016-09-15 18:55 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2016-09-30 14:32 - 2016-09-15 18:55 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-09-30 14:32 - 2016-09-15 18:54 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-09-30 14:32 - 2016-09-15 18:54 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-09-30 14:32 - 2016-09-15 18:54 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-30 14:32 - 2016-09-15 18:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-09-30 14:32 - 2016-09-15 18:53 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-09-30 14:32 - 2016-09-15 18:53 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-09-30 14:32 - 2016-09-15 18:53 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2016-09-30 14:32 - 2016-09-15 18:52 - 01358336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-09-30 14:32 - 2016-09-15 18:52 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-09-30 14:32 - 2016-09-15 18:52 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-09-30 14:32 - 2016-09-15 18:52 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-09-30 14:32 - 2016-09-15 18:52 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-30 14:32 - 2016-09-15 18:52 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll
2016-09-30 14:32 - 2016-09-15 18:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-09-30 14:32 - 2016-09-15 18:52 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-09-30 14:32 - 2016-09-15 18:51 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-09-30 14:32 - 2016-09-15 18:51 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2016-09-30 14:32 - 2016-09-15 18:50 - 07625728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-30 14:32 - 2016-09-15 18:50 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-09-30 14:32 - 2016-09-15 18:50 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-30 14:32 - 2016-09-15 18:50 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pwrshplugin.dll
2016-09-30 14:32 - 2016-09-15 18:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-09-30 14:32 - 2016-09-15 18:49 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-30 14:32 - 2016-09-15 18:49 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-30 14:32 - 2016-09-15 18:49 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-09-30 14:32 - 2016-09-15 18:49 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-09-30 14:32 - 2016-09-15 18:49 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-09-30 14:32 - 2016-09-15 18:49 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-09-30 14:32 - 2016-09-15 18:49 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-30 14:32 - 2016-09-15 18:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-30 14:32 - 2016-09-15 18:47 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-30 14:32 - 2016-09-15 18:47 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-30 14:32 - 2016-09-15 18:47 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-30 14:32 - 2016-09-15 18:47 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2016-09-30 14:32 - 2016-09-15 18:46 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-30 14:32 - 2016-09-15 18:46 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-30 14:32 - 2016-09-15 18:46 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2016-09-30 14:32 - 2016-09-15 18:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-09-30 14:32 - 2016-09-15 18:46 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-30 14:32 - 2016-09-15 18:45 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-30 14:32 - 2016-09-15 18:45 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-09-30 14:32 - 2016-09-15 18:45 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-30 14:32 - 2016-09-15 18:45 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2016-09-30 14:32 - 2016-09-15 18:44 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-30 14:32 - 2016-09-15 18:44 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-30 14:32 - 2016-09-15 18:44 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-09-30 14:32 - 2016-09-15 18:43 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-09-30 14:32 - 2016-09-15 18:43 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2016-09-30 14:32 - 2016-09-15 18:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-30 14:32 - 2016-09-15 18:43 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-09-30 14:32 - 2016-09-15 18:42 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-30 14:32 - 2016-09-15 18:42 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-09-30 14:32 - 2016-09-15 18:42 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundMediaPolicy.dll
2016-09-30 14:32 - 2016-09-15 18:41 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-30 14:32 - 2016-09-15 18:41 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-09-30 14:32 - 2016-09-15 18:41 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-30 14:32 - 2016-09-15 18:41 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-09-30 14:32 - 2016-09-15 18:41 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-09-30 14:32 - 2016-09-15 18:40 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-09-30 14:32 - 2016-09-15 18:40 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-30 14:32 - 2016-09-15 18:40 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-09-30 14:32 - 2016-09-15 18:40 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-09-30 14:32 - 2016-09-15 18:40 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2016-09-30 14:32 - 2016-09-15 18:39 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-09-30 14:32 - 2016-09-15 18:39 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-30 14:32 - 2016-09-15 18:39 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2016-09-30 14:32 - 2016-09-15 18:39 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2016-09-30 14:32 - 2016-09-15 18:39 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-09-30 14:32 - 2016-09-15 18:39 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-09-30 14:32 - 2016-09-15 18:39 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-09-30 14:32 - 2016-09-15 18:39 - 00711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-30 14:32 - 2016-09-15 18:39 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-09-30 14:32 - 2016-09-15 18:39 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-09-30 14:32 - 2016-09-15 18:38 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-09-30 14:32 - 2016-09-15 18:38 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-09-30 14:32 - 2016-09-15 18:38 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-30 14:32 - 2016-09-15 18:38 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-09-30 14:32 - 2016-09-15 18:38 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-09-30 14:32 - 2016-09-15 18:36 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-30 14:32 - 2016-09-15 18:36 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2016-09-30 14:32 - 2016-09-15 18:35 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-09-30 14:32 - 2016-09-15 18:35 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-09-30 14:32 - 2016-09-15 18:16 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-30 14:29 - 2016-09-15 19:30 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-09-30 14:29 - 2016-09-15 19:29 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2016-09-30 14:29 - 2016-09-15 19:29 - 00424640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-09-30 14:29 - 2016-09-15 19:29 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-09-30 14:29 - 2016-09-15 19:29 - 00074080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-09-30 14:29 - 2016-09-15 19:18 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-09-30 14:29 - 2016-09-15 19:16 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-30 14:29 - 2016-09-15 19:16 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-30 14:29 - 2016-09-15 19:16 - 01292640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-30 14:29 - 2016-09-15 19:16 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-09-30 14:29 - 2016-09-15 19:16 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-09-30 14:29 - 2016-09-15 19:15 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-09-30 14:29 - 2016-09-15 19:15 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-30 14:29 - 2016-09-15 19:15 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2016-09-30 14:29 - 2016-09-15 19:12 - 08158672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-30 14:29 - 2016-09-15 19:11 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-30 14:29 - 2016-09-15 19:07 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-30 14:29 - 2016-09-15 18:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2016-09-30 14:29 - 2016-09-15 18:44 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-30 14:29 - 2016-09-15 18:43 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-09-30 14:29 - 2016-09-15 18:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2016-09-30 14:29 - 2016-09-15 18:42 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2016-09-30 14:29 - 2016-09-15 18:42 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-09-30 14:29 - 2016-09-15 18:41 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-09-30 14:29 - 2016-09-15 18:41 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2016-09-30 14:29 - 2016-09-15 18:41 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-09-30 14:29 - 2016-09-15 18:40 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2016-09-30 14:29 - 2016-09-15 18:40 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-09-30 14:29 - 2016-09-15 18:40 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-09-30 14:29 - 2016-09-15 18:40 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-09-30 14:29 - 2016-09-15 18:40 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-09-30 14:29 - 2016-09-15 18:40 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-09-30 14:29 - 2016-09-15 18:40 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2016-09-30 14:29 - 2016-09-15 18:39 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2016-09-30 14:29 - 2016-09-15 18:38 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-09-30 14:29 - 2016-09-15 18:38 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-30 14:29 - 2016-09-15 18:38 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-09-30 14:29 - 2016-09-15 18:38 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-09-30 14:29 - 2016-09-15 18:37 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2016-09-30 14:29 - 2016-09-15 18:37 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-30 14:29 - 2016-09-15 18:37 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-09-30 14:29 - 2016-09-15 18:37 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-09-30 14:29 - 2016-09-15 18:37 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
2016-09-30 14:29 - 2016-09-15 18:37 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-09-30 14:29 - 2016-09-15 18:37 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-30 14:29 - 2016-09-15 18:36 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2016-09-30 14:29 - 2016-09-15 18:36 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-09-30 14:29 - 2016-09-15 18:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-30 14:29 - 2016-09-15 18:36 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-09-30 14:29 - 2016-09-15 18:36 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2016-09-30 14:29 - 2016-09-15 18:35 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-09-30 14:29 - 2016-09-15 18:35 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-09-30 14:29 - 2016-09-15 18:35 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-30 14:29 - 2016-09-15 18:35 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-09-30 14:29 - 2016-09-15 18:35 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-09-30 14:29 - 2016-09-15 18:35 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-09-30 14:29 - 2016-09-15 18:34 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-30 14:29 - 2016-09-15 18:34 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-09-30 14:29 - 2016-09-15 18:33 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-09-30 14:29 - 2016-09-15 18:33 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-09-30 14:29 - 2016-09-15 18:33 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-30 14:29 - 2016-09-15 18:33 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-30 14:29 - 2016-09-15 18:32 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-09-30 14:29 - 2016-09-15 18:32 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-09-30 14:29 - 2016-09-15 18:31 - 09129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-30 14:29 - 2016-09-15 18:31 - 01912320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-30 14:29 - 2016-09-15 18:31 - 01553408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-30 14:29 - 2016-09-15 18:31 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-09-30 14:29 - 2016-09-15 18:30 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-30 14:29 - 2016-09-15 18:29 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-30 14:29 - 2016-09-15 18:28 - 03288064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-30 14:29 - 2016-09-15 18:28 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-30 14:29 - 2016-09-15 18:27 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-30 14:29 - 2016-09-15 18:25 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2016-09-30 14:29 - 2016-09-15 18:24 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-09-30 14:29 - 2016-09-15 18:24 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2016-09-30 14:29 - 2016-09-15 18:23 - 03405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-09-30 14:29 - 2016-09-15 18:23 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-09-30 14:29 - 2016-09-15 18:22 - 08075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-30 14:29 - 2016-09-15 18:22 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-30 14:29 - 2016-09-15 18:21 - 04136960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-09-30 14:29 - 2016-09-15 18:21 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-09-30 14:29 - 2016-09-15 18:21 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-09-30 14:29 - 2016-09-15 18:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-09-30 14:29 - 2016-09-15 18:21 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-09-30 14:29 - 2016-09-15 18:20 - 02914304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-09-30 14:29 - 2016-09-15 18:20 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-30 14:29 - 2016-09-15 18:20 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-30 14:29 - 2016-09-15 18:20 - 01984512 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-09-30 14:29 - 2016-09-15 18:20 - 01710080 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-09-30 14:29 - 2016-09-15 18:20 - 01535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-09-30 14:29 - 2016-09-15 18:20 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-09-30 14:29 - 2016-09-15 18:20 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-30 14:29 - 2016-09-15 18:20 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-09-30 14:29 - 2016-09-15 18:20 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-09-30 14:29 - 2016-09-15 18:20 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-09-30 14:29 - 2016-09-15 18:20 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-09-30 14:29 - 2016-09-15 18:19 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-30 14:29 - 2016-09-15 18:19 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2016-09-30 14:29 - 2016-09-15 18:19 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-30 14:29 - 2016-09-15 18:19 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-09-30 14:29 - 2016-09-15 18:19 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-09-30 14:29 - 2016-09-15 18:19 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-09-30 14:29 - 2016-09-15 18:18 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-09-30 14:29 - 2016-09-15 18:16 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-30 14:29 - 2016-09-15 18:16 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-09-30 14:29 - 2016-09-15 18:16 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2016-09-30 14:29 - 2016-09-15 18:16 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-09-30 14:29 - 2016-09-15 16:00 - 00445765 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-09-30 14:29 - 2016-08-06 05:34 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-30 14:29 - 2016-08-05 10:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-30 14:28 - 2016-09-15 19:30 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-30 14:28 - 2016-09-15 19:30 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-30 14:28 - 2016-09-15 19:30 - 00646136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-09-30 14:28 - 2016-09-15 19:29 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-09-30 14:28 - 2016-09-15 19:29 - 00512416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2016-09-30 14:28 - 2016-09-15 19:29 - 00218008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-09-30 14:28 - 2016-09-15 19:29 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2016-09-30 14:28 - 2016-09-15 19:28 - 07812960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-30 14:28 - 2016-09-15 19:28 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-09-30 14:28 - 2016-09-15 19:28 - 01353768 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-30 14:28 - 2016-09-15 19:28 - 01172472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-30 14:28 - 2016-09-15 19:28 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-09-30 14:28 - 2016-09-15 19:27 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-30 14:28 - 2016-09-15 19:27 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-30 14:28 - 2016-09-15 19:27 - 00434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
         

Alt 07.10.2016, 17:45   #14
Juro346
 
trojan dropper:win32/bunt - Standard

trojan dropper:win32/bunt



Code:
ATTFilter
2016-09-30 14:28 - 2016-09-15 19:27 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-09-30 14:28 - 2016-09-15 19:26 - 00090400 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-09-30 14:28 - 2016-09-15 19:25 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-30 14:28 - 2016-09-15 19:25 - 00280472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe
2016-09-30 14:28 - 2016-09-15 19:24 - 01182048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-09-30 14:28 - 2016-09-15 19:21 - 01000288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-30 14:28 - 2016-09-15 19:20 - 00634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-09-30 14:28 - 2016-09-15 19:18 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-30 14:28 - 2016-09-15 19:17 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-30 14:28 - 2016-09-15 19:16 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-30 14:28 - 2016-09-15 19:16 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-30 14:28 - 2016-09-15 19:16 - 02190176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-30 14:28 - 2016-09-15 19:16 - 00657760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-30 14:28 - 2016-09-15 19:16 - 00401760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-30 14:28 - 2016-09-15 19:16 - 00206096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-09-30 14:28 - 2016-09-15 19:15 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-09-30 14:28 - 2016-09-15 19:15 - 00649568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-09-30 14:28 - 2016-09-15 19:14 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-30 14:28 - 2016-09-15 19:14 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-09-30 14:28 - 2016-09-15 19:14 - 00119648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2016-09-30 14:28 - 2016-09-15 19:12 - 04131464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-30 14:28 - 2016-09-15 19:12 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-30 14:28 - 2016-09-15 19:12 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-30 14:28 - 2016-09-15 19:11 - 04673296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-09-30 14:28 - 2016-09-15 19:11 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-30 14:28 - 2016-09-15 19:11 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-09-30 14:28 - 2016-09-15 19:11 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-30 14:28 - 2016-09-15 19:11 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-30 14:28 - 2016-09-15 19:11 - 00862064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-09-30 14:28 - 2016-09-15 19:11 - 00773168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-09-30 14:28 - 2016-09-15 19:11 - 00725664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2016-09-30 14:28 - 2016-09-15 19:11 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-09-30 14:28 - 2016-09-15 19:11 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-30 14:28 - 2016-09-15 19:10 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-09-30 14:28 - 2016-09-15 19:10 - 00918848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-09-30 14:28 - 2016-09-15 19:07 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-09-30 14:28 - 2016-09-15 19:07 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2016-09-30 14:28 - 2016-09-15 19:06 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-30 14:28 - 2016-09-15 19:06 - 01046880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-09-30 14:28 - 2016-09-15 19:06 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-30 14:28 - 2016-09-15 19:06 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-09-30 14:28 - 2016-09-15 19:06 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-30 14:28 - 2016-09-15 18:50 - 07219200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-30 14:28 - 2016-09-15 18:47 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-09-30 14:28 - 2016-09-15 18:46 - 22566912 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-30 14:28 - 2016-09-15 18:44 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2016-09-30 14:28 - 2016-09-15 18:43 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-30 14:28 - 2016-09-15 18:43 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-09-30 14:28 - 2016-09-15 18:43 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-09-30 14:28 - 2016-09-15 18:42 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2016-09-30 14:28 - 2016-09-15 18:41 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2016-09-30 14:28 - 2016-09-15 18:41 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-09-30 14:28 - 2016-09-15 18:41 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2016-09-30 14:28 - 2016-09-15 18:41 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2016-09-30 14:28 - 2016-09-15 18:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2016-09-30 14:28 - 2016-09-15 18:40 - 00327680 _____ C:\WINDOWS\system32\wc_storage.dll
2016-09-30 14:28 - 2016-09-15 18:40 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-09-30 14:28 - 2016-09-15 18:40 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2016-09-30 14:28 - 2016-09-15 18:40 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-09-30 14:28 - 2016-09-15 18:40 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-09-30 14:28 - 2016-09-15 18:40 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-09-30 14:28 - 2016-09-15 18:39 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2016-09-30 14:28 - 2016-09-15 18:39 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-09-30 14:28 - 2016-09-15 18:39 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-09-30 14:28 - 2016-09-15 18:39 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-09-30 14:28 - 2016-09-15 18:39 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-09-30 14:28 - 2016-09-15 18:39 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-09-30 14:28 - 2016-09-15 18:39 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-09-30 14:28 - 2016-09-15 18:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2016-09-30 14:28 - 2016-09-15 18:38 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2016-09-30 14:28 - 2016-09-15 18:38 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
2016-09-30 14:28 - 2016-09-15 18:38 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2016-09-30 14:28 - 2016-09-15 18:38 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-09-30 14:28 - 2016-09-15 18:38 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2016-09-30 14:28 - 2016-09-15 18:38 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-30 14:28 - 2016-09-15 18:38 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-09-30 14:28 - 2016-09-15 18:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-30 14:28 - 2016-09-15 18:38 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2016-09-30 14:28 - 2016-09-15 18:38 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2016-09-30 14:28 - 2016-09-15 18:38 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-09-30 14:28 - 2016-09-15 18:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-09-30 14:28 - 2016-09-15 18:37 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-09-30 14:28 - 2016-09-15 18:37 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-09-30 14:28 - 2016-09-15 18:37 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-09-30 14:28 - 2016-09-15 18:37 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-09-30 14:28 - 2016-09-15 18:37 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-30 14:28 - 2016-09-15 18:37 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-09-30 14:28 - 2016-09-15 18:36 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2016-09-30 14:28 - 2016-09-15 18:36 - 00719360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-09-30 14:28 - 2016-09-15 18:36 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-09-30 14:28 - 2016-09-15 18:36 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-09-30 14:28 - 2016-09-15 18:36 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-09-30 14:28 - 2016-09-15 18:36 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-09-30 14:28 - 2016-09-15 18:36 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-30 14:28 - 2016-09-15 18:36 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-09-30 14:28 - 2016-09-15 18:36 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-09-30 14:28 - 2016-09-15 18:36 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-30 14:28 - 2016-09-15 18:36 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-09-30 14:28 - 2016-09-15 18:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-09-30 14:28 - 2016-09-15 18:36 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2016-09-30 14:28 - 2016-09-15 18:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-30 14:28 - 2016-09-15 18:36 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll
2016-09-30 14:28 - 2016-09-15 18:36 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-09-30 14:28 - 2016-09-15 18:36 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-30 14:28 - 2016-09-15 18:35 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2016-09-30 14:28 - 2016-09-15 18:35 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-09-30 14:28 - 2016-09-15 18:35 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-30 14:28 - 2016-09-15 18:35 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-09-30 14:28 - 2016-09-15 18:35 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-09-30 14:28 - 2016-09-15 18:35 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-09-30 14:28 - 2016-09-15 18:35 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-09-30 14:28 - 2016-09-15 18:35 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-09-30 14:28 - 2016-09-15 18:35 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2016-09-30 14:28 - 2016-09-15 18:35 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2016-09-30 14:28 - 2016-09-15 18:35 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-09-30 14:28 - 2016-09-15 18:34 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-09-30 14:28 - 2016-09-15 18:34 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-09-30 14:28 - 2016-09-15 18:34 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-09-30 14:28 - 2016-09-15 18:34 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-09-30 14:28 - 2016-09-15 18:34 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-09-30 14:28 - 2016-09-15 18:33 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-30 14:28 - 2016-09-15 18:33 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2016-09-30 14:28 - 2016-09-15 18:33 - 01004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-09-30 14:28 - 2016-09-15 18:33 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
2016-09-30 14:28 - 2016-09-15 18:32 - 01037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-09-30 14:28 - 2016-09-15 18:32 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-09-30 14:28 - 2016-09-15 18:31 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-09-30 14:28 - 2016-09-15 18:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
2016-09-30 14:28 - 2016-09-15 18:30 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-30 14:28 - 2016-09-15 18:30 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-09-30 14:28 - 2016-09-15 18:30 - 01589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-09-30 14:28 - 2016-09-15 18:30 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-30 14:28 - 2016-09-15 18:30 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-09-30 14:28 - 2016-09-15 18:30 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-30 14:28 - 2016-09-15 18:30 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-09-30 14:28 - 2016-09-15 18:30 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2016-09-30 14:28 - 2016-09-15 18:30 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-30 14:28 - 2016-09-15 18:29 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-30 14:28 - 2016-09-15 18:29 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-09-30 14:28 - 2016-09-15 18:29 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-30 14:28 - 2016-09-15 18:29 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-09-30 14:28 - 2016-09-15 18:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2016-09-30 14:28 - 2016-09-15 18:28 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-30 14:28 - 2016-09-15 18:28 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-09-30 14:28 - 2016-09-15 18:28 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-09-30 14:28 - 2016-09-15 18:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-30 14:28 - 2016-09-15 18:28 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-09-30 14:28 - 2016-09-15 18:28 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-09-30 14:28 - 2016-09-15 18:27 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-09-30 14:28 - 2016-09-15 18:27 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-30 14:28 - 2016-09-15 18:27 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-09-30 14:28 - 2016-09-15 18:27 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-09-30 14:28 - 2016-09-15 18:27 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-09-30 14:28 - 2016-09-15 18:27 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2016-09-30 14:28 - 2016-09-15 18:27 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-09-30 14:28 - 2016-09-15 18:27 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-09-30 14:28 - 2016-09-15 18:27 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2016-09-30 14:28 - 2016-09-15 18:27 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
2016-09-30 14:28 - 2016-09-15 18:27 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2016-09-30 14:28 - 2016-09-15 18:27 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe
2016-09-30 14:28 - 2016-09-15 18:27 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Sens.dll
2016-09-30 14:28 - 2016-09-15 18:26 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-30 14:28 - 2016-09-15 18:26 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2016-09-30 14:28 - 2016-09-15 18:26 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-30 14:28 - 2016-09-15 18:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-30 14:28 - 2016-09-15 18:26 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-09-30 14:28 - 2016-09-15 18:26 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll
2016-09-30 14:28 - 2016-09-15 18:25 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-30 14:28 - 2016-09-15 18:25 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-30 14:28 - 2016-09-15 18:25 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-30 14:28 - 2016-09-15 18:25 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-30 14:28 - 2016-09-15 18:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-30 14:28 - 2016-09-15 18:25 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-09-30 14:28 - 2016-09-15 18:25 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-09-30 14:28 - 2016-09-15 18:25 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-09-30 14:28 - 2016-09-15 18:25 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2016-09-30 14:28 - 2016-09-15 18:25 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll
2016-09-30 14:28 - 2016-09-15 18:24 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-09-30 14:28 - 2016-09-15 18:24 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-09-30 14:28 - 2016-09-15 18:24 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-09-30 14:28 - 2016-09-15 18:24 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-09-30 14:28 - 2016-09-15 18:24 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-09-30 14:28 - 2016-09-15 18:23 - 08122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-30 14:28 - 2016-09-15 18:23 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-09-30 14:28 - 2016-09-15 18:23 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2016-09-30 14:28 - 2016-09-15 18:23 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-09-30 14:28 - 2016-09-15 18:23 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-30 14:28 - 2016-09-15 18:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2016-09-30 14:28 - 2016-09-15 18:23 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-09-30 14:28 - 2016-09-15 18:22 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-09-30 14:28 - 2016-09-15 18:22 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-30 14:28 - 2016-09-15 18:22 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-09-30 14:28 - 2016-09-15 18:22 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-09-30 14:28 - 2016-09-15 18:22 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-30 14:28 - 2016-09-15 18:22 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-09-30 14:28 - 2016-09-15 18:22 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-09-30 14:28 - 2016-09-15 18:22 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-30 14:28 - 2016-09-15 18:22 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-09-30 14:28 - 2016-09-15 18:21 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-09-30 14:28 - 2016-09-15 18:21 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-30 14:28 - 2016-09-15 18:21 - 01491968 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-30 14:28 - 2016-09-15 18:20 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-09-30 14:28 - 2016-09-15 18:20 - 02668544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-30 14:28 - 2016-09-15 18:20 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-09-30 14:28 - 2016-09-15 18:20 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-30 14:28 - 2016-09-15 18:20 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-30 14:28 - 2016-09-15 18:20 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-09-30 14:28 - 2016-09-15 18:20 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-09-30 14:28 - 2016-09-15 18:20 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-09-30 14:28 - 2016-09-15 18:19 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-09-30 14:28 - 2016-09-15 18:19 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-09-30 14:28 - 2016-09-15 18:19 - 01130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-09-30 14:28 - 2016-09-15 18:19 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-09-30 14:28 - 2016-09-15 18:19 - 00788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-09-30 14:28 - 2016-09-15 18:19 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-30 14:28 - 2016-09-15 18:19 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-30 14:28 - 2016-09-15 18:18 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-09-30 14:28 - 2016-09-15 18:18 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-09-30 14:28 - 2016-09-15 18:17 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-09-30 14:28 - 2016-09-15 18:17 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-30 14:28 - 2016-09-15 18:17 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-09-30 14:28 - 2016-09-15 18:17 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-09-30 14:28 - 2016-09-15 18:16 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-30 14:28 - 2016-09-15 18:16 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2016-09-30 14:27 - 2016-09-24 07:55 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-09-30 14:27 - 2016-09-24 07:46 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-30 14:27 - 2016-09-24 07:44 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-30 14:27 - 2016-09-15 19:37 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-30 14:27 - 2016-09-15 19:34 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-09-30 14:27 - 2016-09-15 19:29 - 01377016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-30 14:27 - 2016-09-15 19:29 - 00169056 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2016-09-30 14:27 - 2016-09-15 19:27 - 00553312 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-09-30 14:27 - 2016-09-15 19:24 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-30 14:27 - 2016-09-15 19:21 - 01218912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-09-30 14:27 - 2016-09-15 19:16 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-09-30 14:27 - 2016-09-15 19:15 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-09-30 14:27 - 2016-09-15 19:15 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-09-30 14:27 - 2016-09-15 19:15 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-09-30 14:27 - 2016-09-15 19:14 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-30 14:27 - 2016-09-15 19:14 - 00988512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-30 14:27 - 2016-09-15 19:14 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-30 14:27 - 2016-09-15 19:14 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-30 14:27 - 2016-09-15 19:06 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-09-30 14:27 - 2016-09-15 19:06 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-09-30 14:27 - 2016-09-15 18:43 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2016-09-30 14:27 - 2016-09-15 18:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2016-09-30 14:27 - 2016-09-15 18:40 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-09-30 14:27 - 2016-09-15 18:38 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-09-30 14:27 - 2016-09-15 18:38 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-09-30 14:27 - 2016-09-15 18:38 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2016-09-30 14:27 - 2016-09-15 18:37 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-09-30 14:27 - 2016-09-15 18:37 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-09-30 14:27 - 2016-09-15 18:37 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2016-09-30 14:27 - 2016-09-15 18:36 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-09-30 14:27 - 2016-09-15 18:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-30 14:27 - 2016-09-15 18:36 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-09-30 14:27 - 2016-09-15 18:35 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-09-30 14:27 - 2016-09-15 18:35 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-09-30 14:27 - 2016-09-15 18:35 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-09-30 14:27 - 2016-09-15 18:35 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2016-09-30 14:27 - 2016-09-15 18:33 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-09-30 14:27 - 2016-09-15 18:33 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-09-30 14:27 - 2016-09-15 18:27 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-30 14:27 - 2016-09-15 18:23 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-09-30 14:27 - 2016-09-15 18:23 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-09-30 14:27 - 2016-09-15 18:19 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-09-28 17:22 - 2016-09-28 16:32 - 00000000 ___DC C:\WINDOWS\Panther
2016-09-28 17:19 - 2016-09-28 17:19 - 00000000 ____D C:\Windows.old
2016-09-28 17:18 - 2016-09-28 17:18 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-09-28 17:18 - 2016-09-28 17:18 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-09-28 17:18 - 2016-09-28 17:18 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-28 17:18 - 2016-09-28 17:18 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-28 17:18 - 2016-09-28 17:18 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02481768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02256224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02183792 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01966288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01853232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00959104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00755656 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00650240 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00450392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-28 17:18 - 2016-09-28 17:18 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00303968 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-28 17:18 - 2016-09-28 17:18 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-09-28 17:18 - 2016-09-28 17:18 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00133472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-09-28 17:18 - 2016-09-28 17:18 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AddressParser.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactActivation.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-28 17:18 - 2016-09-28 17:18 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-28 17:18 - 2016-09-28 17:18 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-09-28 17:18 - 2016-09-28 17:18 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccessRes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-09-28 17:18 - 2016-09-28 17:18 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-09-28 17:18 - 2016-09-28 17:18 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneutilRes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 17187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 03435008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 03116544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02947072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 02083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00773200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00681304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00601200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-28 17:17 - 2016-09-28 17:17 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-28 17:17 - 2016-09-28 17:17 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00461312 _____ (Microsoft) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-28 17:17 - 2016-09-28 17:17 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-09-28 17:17 - 2016-09-28 17:17 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-09-28 17:17 - 2016-09-28 17:17 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-28 17:17 - 2016-09-28 17:17 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-28 17:17 - 2016-09-28 17:17 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-09-28 17:17 - 2016-09-28 17:17 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-09-28 17:14 - 2016-07-15 20:29 - 05739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-09-28 17:14 - 2016-07-15 20:29 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-09-28 17:14 - 2016-07-15 20:14 - 06354944 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-09-28 17:14 - 2016-07-15 19:45 - 02629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2016-09-28 17:14 - 2016-07-15 19:29 - 05489664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2016-09-28 17:13 - 2016-09-28 17:13 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\Program Files\MSBuild
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-28 17:12 - 2016-09-28 17:12 - 00000000 ____D C:\inetpub
2016-09-28 17:11 - 2016-09-28 17:11 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-09-28 17:11 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-28 17:11 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-28 17:11 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-28 17:11 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-28 17:11 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-28 17:11 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-28 16:43 - 2016-09-28 16:43 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-28 16:41 - 2016-09-28 16:42 - 00000000 ____D C:\Users\Julius\AppData\Local\ConnectedDevicesPlatform
2016-09-28 16:41 - 2016-09-28 16:41 - 00000020 ___SH C:\Users\Julius\ntuser.ini
2016-09-28 16:33 - 2016-09-28 16:33 - 00000000 ____D C:\ProgramData\USOShared
2016-09-28 16:32 - 2016-09-28 16:32 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-09-28 16:32 - 2016-09-28 16:32 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-09-28 16:32 - 2016-09-28 16:32 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-09-28 16:31 - 2016-10-07 16:17 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-28 16:31 - 2016-09-28 16:31 - 00003650 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-28 16:31 - 2016-09-28 16:31 - 00003426 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-28 16:31 - 2016-09-28 16:31 - 00002824 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-09-28 16:31 - 2016-09-28 16:31 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2016-09-28 16:28 - 2016-09-28 16:28 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-28 16:28 - 2016-09-28 16:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-09-28 16:28 - 2016-09-28 16:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-09-28 16:26 - 2016-09-28 16:28 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-09-28 16:26 - 2016-09-28 16:26 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-09-28 16:25 - 2016-10-07 16:23 - 01817126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-28 16:25 - 2016-10-07 16:17 - 00000000 ____D C:\Users\Julius
2016-09-28 16:25 - 2016-09-28 16:25 - 01604148 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Vorlagen
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Startmenü
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Netzwerkumgebung
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Lokale Einstellungen
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Eigene Dateien
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Druckumgebung
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Documents\Eigene Videos
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Documents\Eigene Musik
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Documents\Eigene Bilder
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\AppData\Local\Verlauf
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\AppData\Local\Anwendungsdaten
2016-09-28 16:25 - 2016-09-28 16:25 - 00000000 _SHDL C:\Users\Julius\Anwendungsdaten
2016-09-28 16:25 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-09-28 16:24 - 2016-09-28 16:26 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-28 16:24 - 2016-09-28 16:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-09-28 16:24 - 2016-09-28 16:24 - 00000000 ____D C:\Program Files\ATI Technologies
2016-09-28 16:24 - 2016-09-28 16:24 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-09-28 16:23 - 2016-09-28 16:23 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-09-28 16:23 - 2016-09-28 16:23 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-09-28 16:23 - 2016-09-28 16:23 - 00000000 ____D C:\Program Files\AMD
2016-09-28 16:23 - 2016-09-28 16:23 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2016-09-28 16:22 - 2016-10-07 18:17 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-28 16:22 - 2016-09-28 16:29 - 00194296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-28 16:22 - 2016-09-28 16:22 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-27 18:50 - 2016-09-27 18:50 - 00000000 ____D C:\SoundBanks
2016-09-27 18:50 - 2016-09-27 18:50 - 00000000 ____D C:\Skins
2016-09-27 18:50 - 2016-09-27 18:50 - 00000000 ____D C:\Presets
2016-09-27 18:50 - 2015-12-04 11:24 - 01413654 _____ C:\UserManual.pdf
2016-09-25 21:53 - 2016-09-28 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
2016-09-25 21:53 - 2016-09-25 21:53 - 00000000 ____D C:\Program Files\Steinberg
2016-09-25 21:51 - 2016-09-25 21:51 - 00000000 ____D C:\Program Files\LennarDigital
2016-09-25 21:49 - 2016-09-25 21:49 - 16724230 _____ C:\Users\Julius\Downloads\Sylenth1DemoWin.zip
2016-09-25 21:46 - 2016-09-25 21:46 - 00006409 _____ C:\Users\Julius\Downloads\FLRegkey.Reg

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-07 16:24 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-10-07 16:23 - 2016-07-17 00:51 - 00641030 _____ C:\WINDOWS\system32\perfh007.dat
2016-10-07 16:23 - 2016-07-17 00:51 - 00140482 _____ C:\WINDOWS\system32\perfc007.dat
2016-10-07 16:23 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-07 16:23 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-07 16:17 - 2016-04-27 07:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-06 23:04 - 2016-07-16 08:04 - 02883584 _____ C:\WINDOWS\system32\config\BBI
2016-10-06 23:03 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-10-06 23:03 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-10-06 23:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-10-06 23:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-10-06 23:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-10-06 23:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-10-06 23:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-06 23:03 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-10-06 23:03 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-10-06 23:03 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-10-06 23:02 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-06 23:02 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-10-06 23:02 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-10-06 23:02 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-10-06 23:02 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-10-06 23:02 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-06 21:44 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-06 20:15 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-10-03 22:32 - 2016-06-13 18:10 - 00000000 ____D C:\Users\Julius\AppData\Local\Spotify
2016-10-03 21:46 - 2016-06-13 18:08 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Spotify
2016-10-01 16:44 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-09-29 11:49 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-09-28 17:22 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-28 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-28 17:14 - 2016-07-17 00:52 - 00000000 ____D C:\WINDOWS\OCR
2016-09-28 17:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-28 17:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-09-28 17:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-28 17:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-09-28 17:12 - 2016-07-16 13:44 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2016-09-28 17:12 - 2016-07-16 13:44 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2016-09-28 17:12 - 2016-07-16 13:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2016-09-28 17:12 - 2016-07-16 13:44 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2016-09-28 17:12 - 2016-07-16 13:44 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2016-09-28 17:12 - 2016-07-16 13:44 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2016-09-28 17:12 - 2016-07-16 13:44 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2016-09-28 17:12 - 2016-07-16 13:43 - 01414144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-09-28 17:12 - 2016-07-16 13:43 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-09-28 17:12 - 2016-07-16 13:43 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-09-28 17:12 - 2016-07-16 13:43 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-09-28 17:12 - 2016-07-16 13:43 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-09-28 17:12 - 2016-07-16 13:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-09-28 17:12 - 2016-07-16 13:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-09-28 17:12 - 2016-07-16 13:43 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-09-28 17:12 - 2016-07-16 13:43 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-09-28 17:12 - 2016-07-16 13:43 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-09-28 16:58 - 2016-06-14 16:47 - 00000000 ____D C:\Users\Julius\AppData\Local\Packages
2016-09-28 16:44 - 2016-06-16 12:44 - 00002425 _____ C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-28 16:44 - 2016-06-16 12:44 - 00000000 ___RD C:\Users\Julius\OneDrive
2016-09-28 16:33 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-09-28 16:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-09-28 16:32 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-09-28 16:32 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-09-28 16:31 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-09-28 16:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-09-28 16:30 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media
2016-09-28 16:30 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-28 16:30 - 2016-06-14 16:26 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-09-28 16:28 - 2016-08-24 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
2016-09-28 16:28 - 2016-08-09 21:34 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2016-09-28 16:28 - 2016-08-09 21:29 - 00000000 ____D C:\Users\Julius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2016-09-28 16:28 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-09-28 16:28 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-28 16:28 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2016-09-28 16:27 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-09-28 16:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-09-28 16:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-09-28 16:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-28 16:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\IME
2016-09-28 16:26 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-09-28 16:26 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-09-28 16:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\System
2016-09-28 16:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\schemas
2016-09-28 16:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-09-28 16:26 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-28 16:26 - 2016-07-10 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2016-09-28 16:26 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Microsoft Games
2016-09-28 16:24 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-09-28 16:23 - 2016-06-14 16:21 - 00000000 ____D C:\AMD
2016-09-28 14:37 - 2016-07-17 01:55 - 00000000 ___HD C:\$WINDOWS.~BT
2016-09-28 14:28 - 2016-06-13 17:04 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-28 13:28 - 2016-06-13 17:04 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-24 17:45 - 2016-08-01 14:11 - 00000000 ____D C:\Users\Julius\Desktop\iu7zgföä
2016-09-17 12:29 - 2016-06-13 17:06 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-17 12:29 - 2016-06-13 17:06 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-14 11:39 - 2016-06-13 10:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-14 11:35 - 2016-06-13 10:00 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-07 18:32 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 18:32 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-10-02 18:17 - 2016-10-02 18:17 - 0002560 _____ () C:\Users\Julius\AppData\Local\uninstallro.exe

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Julius\FL Studio VSTi (Multi).dll
C:\Users\Julius\FL Studio VSTi.dll


Einige Dateien in TEMP:
====================
C:\Users\Julius\AppData\Local\Temp\libeay32.dll
C:\Users\Julius\AppData\Local\Temp\msvcr120.dll
C:\Users\Julius\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-28 16:22

==================== Ende von FRST.txt ============================
         

Alt 07.10.2016, 17:46   #15
Juro346
 
trojan dropper:win32/bunt - Standard

trojan dropper:win32/bunt



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-10-2016
durchgeführt von Julius (07-10-2016 18:32:06)
Gestartet von C:\Users\Julius\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-28 14:32:57)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-645722510-4007608099-3805512291-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-645722510-4007608099-3805512291-503 - Limited - Disabled)
Gast (S-1-5-21-645722510-4007608099-3805512291-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-645722510-4007608099-3805512291-1002 - Limited - Enabled)
Julius (S-1-5-21-645722510-4007608099-3805512291-1001 - Administrator - Enabled) => C:\Users\Julius

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version:  - Skybox Labs)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 06.20.00 - AVM Berlin)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Spotify (HKU\S-1-5-21-645722510-4007608099-3805512291-1001\...\Spotify) (Version: 1.0.38.171.g5e1cd7b2 - Spotify AB)
Sylenth1 Demo v3.026 (HKLM\...\Sylenth1v3_is1) (Version:  - )
Windows-Treiberpaket - Ralink (netr28ux) Net  (01/20/2010 3.00.11.0000) (HKLM\...\44D0E75D0F17B16C080D9EB1151844CB5929D67F) (Version: 01/20/2010 3.00.11.0000 - Ralink)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-645722510-4007608099-3805512291-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {037B4F73-6E94-4A49-86C9-0E49FAA942F6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {0C2F1C93-059D-4D1C-817A-4E9FE0CC44FB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {1046A648-3CA4-4DE3-9B4E-FEC045442AA5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {172F940E-13E6-4467-86BE-554DCDDBAB87} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-13] (Google Inc.)
Task: {228339E4-3B99-4864-9C09-845335192CF2} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {27289761-9B5B-4B81-9B39-98F208E7AAF4} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {3389204E-CD80-4BD5-B144-9DE18A8B65F3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {33E70FA6-955B-4A5E-8597-CE2D40686E91} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {393BAFBA-0FA2-444A-B1C5-25FD4160225A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {3FAAF78C-F4FF-4079-9B5F-877CA71112EA} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {4DE96D1E-A1EB-47F1-86A0-01A13CA8D75D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {63AFBA0E-CC0B-45B3-B4B8-F34E81F49AB0} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {672202B3-6BBC-430F-A89A-7B511174B938} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {6E25BF3E-228D-4FFA-8D97-DCDFF17AF9BC} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {7FDA2E6C-1017-4105-A244-43C22E117F87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-06-13] (Google Inc.)
Task: {88E79EA8-476F-4682-AA64-247AC1763213} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {8FAFFE32-0C9D-4A64-A9D7-A15ABD1E680C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {960B9C5F-029D-49D5-B985-40AAA2795B98} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {A46DE6F9-3C51-4EC9-81B7-555336A9192C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {A8EAB3E0-2EB0-4E97-9F61-C564CAAB99A0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {A9E097E4-2314-41D6-813A-2B260382CB4E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {AA8F6B16-32FE-4B91-BF8A-4437783EAE5F} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {AC180D7C-CC27-4E37-B332-5CC8AD9979D4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {B19D696C-B36F-42B9-9DEE-DCB6503AF293} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {C3D41B36-DA45-4F09-9701-474496574735} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {C6721620-E946-44B0-B279-4E6BEBB3F3B9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {C988B5B1-C8B4-43C1-95A9-D11DF6252E22} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {DAAA7567-895C-4480-8092-7ACEA31BD131} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {E02DA91B-E205-47B3-83E1-508F8736CF29} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {E4276D3F-2A90-41AD-8A36-2B50F0B8EC0A} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {E63E015C-0945-42F6-A156-6E03FDF565F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {FA47DB48-2518-46F4-8E0F-550CB600F416} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-26] (Microsoft Corporation)
Task: {FC2DC14F-4ECD-41DF-8E8F-9F7B941E9F6D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Julius\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-30 14:28 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-02-15 21:01 - 2016-02-15 21:01 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll
2016-09-30 14:28 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-28 16:43 - 2016-09-28 16:43 - 01864384 _____ () C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-09-28 17:18 - 2016-09-28 17:18 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-30 14:29 - 2016-09-15 18:39 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-30 14:28 - 2016-09-15 18:24 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-30 14:28 - 2016-09-15 18:18 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-30 14:28 - 2016-09-15 18:17 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-30 14:28 - 2016-09-15 18:18 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-09-30 14:28 - 2016-09-15 18:18 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-30 14:28 - 2016-09-15 18:20 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-28 17:17 - 2016-09-28 17:18 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-09-28 17:17 - 2016-09-28 17:18 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-09-28 17:17 - 2016-09-28 17:18 - 35250688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-06-26 12:31 - 2016-08-03 16:43 - 00174872 _____ () C:\Users\Julius\Desktop\teamspeak\quazip.dll
2016-06-26 12:31 - 2016-08-03 16:43 - 00103192 _____ () C:\Users\Julius\Desktop\teamspeak\soundbackends\directsound_win64.dll
2016-06-26 12:31 - 2016-08-03 16:43 - 00107800 _____ () C:\Users\Julius\Desktop\teamspeak\soundbackends\windowsaudiosession_win64.dll
2016-06-26 12:31 - 2016-08-03 16:43 - 00312088 _____ () C:\Users\Julius\Desktop\teamspeak\plugins\clientquery_plugin.dll
2016-06-26 12:31 - 2016-08-03 16:43 - 00485656 _____ () C:\Users\Julius\Desktop\teamspeak\plugins\teamspeak_control_plugin.dll
2014-01-21 17:54 - 2016-02-14 21:52 - 01294336 _____ () D:\lol\RADS\system\rads_user_kernel.exe
2016-10-05 16:41 - 2016-10-05 16:41 - 02378744 _____ () D:\lol\RADS\projects\lol_launcher\releases\0.0.1.29\deploy\LoLLauncher.exe
2016-10-05 16:41 - 2016-10-05 16:41 - 04316152 _____ () D:\lol\RADS\projects\lol_patcher\releases\0.0.0.69\deploy\LoLPatcher.exe
2016-02-15 18:43 - 2016-02-15 18:43 - 00074752 _____ () D:\lol\RADS\projects\lol_air_client\releases\0.0.1.219\deploy\LolClient.exe
2016-10-07 16:23 - 2016-10-07 16:23 - 00016896 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_19.22.6017.0_x64__8wekyb3d8bbwe\XboxApp.exe
2016-10-07 16:23 - 2016-10-07 16:23 - 30116864 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_19.22.6017.0_x64__8wekyb3d8bbwe\XboxApp.dll
2016-07-30 12:45 - 2016-07-30 13:05 - 01651112 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_19.22.6017.0_x64__8wekyb3d8bbwe\winsdkfb.dll
2016-09-17 12:29 - 2016-09-14 04:52 - 02280264 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-17 12:29 - 2016-09-14 04:52 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll
2016-09-30 14:28 - 2016-09-15 18:16 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2016-09-28 16:43 - 2016-09-28 16:43 - 01383616 _____ () C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-09-28 16:43 - 2016-09-28 16:43 - 00118976 _____ () C:\Users\Julius\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll
2016-10-05 16:41 - 2016-10-05 16:41 - 00418296 _____ () D:\lol\RADS\projects\lol_patcher\releases\0.0.0.69\deploy\RiotLauncher.dll
2016-04-25 20:06 - 2016-04-25 20:07 - 04887216 _____ () D:\lol\RADS\projects\lol_air_client\releases\0.0.1.219\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2016-04-25 20:06 - 2016-04-25 20:06 - 19397808 _____ () D:\lol\RADS\projects\lol_air_client\releases\0.0.1.219\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-645722510-4007608099-3805512291-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Julius\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{86255fbd-1d87-4c91-8140-f5ed6488cfd1}.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-645722510-4007608099-3805512291-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{EE6FFF15-9CC6-4785-BFA9-15C81DCE701E}] => (Allow) D:\steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{560658C8-F721-439B-8884-7886F3399964}] => (Allow) D:\steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{01C78E78-220B-4056-9681-0BF566D6529C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{FDC02179-243F-4229-8705-F106E434BA4D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{459A6F27-4383-46AD-A8CC-5276092BCA95}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{95E50E49-AF14-4837-92B0-20F7D90E6DCF}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{53409D46-5CEE-4E26-8B38-687019B3000C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{2F9ED04C-D4C2-4FA5-92B9-1FC1E5B0AB67}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{B1955676-CAAA-45C3-85E9-D577163C9D42}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [UDP Query User{1772F8B6-F868-4026-9A65-A4714A33870B}D:\gta5.exe] => (Allow) D:\gta5.exe
FirewallRules: [TCP Query User{F4445EBA-9779-4B0D-99C4-6447CDEAAE5F}D:\gta5.exe] => (Allow) D:\gta5.exe
FirewallRules: [{2D75605E-54EE-4F34-B81F-70446C212C55}] => (Allow) D:\steam\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{C0AD95F8-F9CB-4F6E-8EAC-BBBA0DF69D1C}] => (Allow) D:\steam\steamapps\common\Guns of Icarus Online\workshop\Workshop.exe
FirewallRules: [{A1863633-39A1-4490-B34A-8BAB64395356}] => (Allow) D:\steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{72E80D19-A441-4888-80D6-62CC0FF8B5F3}] => (Allow) D:\steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{9D495E89-80E0-4961-BC69-E8C4BBE77B9E}] => (Allow) D:\steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{1065D040-D23E-4860-A24D-62E040A3E0C4}] => (Allow) D:\steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{F3C84D8A-62FF-4A67-8518-4BBF893E9FF6}] => (Allow) D:\steam\steamapps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{70D9D2ED-746F-441E-8581-F4EAE7910B6B}] => (Allow) D:\steam\steamapps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe
FirewallRules: [{0C330423-6A8B-4610-B356-430A9FEEB9A4}] => (Allow) D:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CE327D22-BFA4-48AE-8C00-E10DC13D4905}] => (Allow) D:\steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{149A73B5-20C6-4A90-BB42-F2933AE3A9C1}] => (Allow) D:\steam\bin\steamwebhelper.exe
FirewallRules: [{65B74624-9B57-4843-BB07-38C6EC9AD05E}] => (Allow) D:\steam\bin\steamwebhelper.exe
FirewallRules: [{B84DC422-E904-4BC7-A4F9-B515087CADED}] => (Allow) D:\steam\Steam.exe
FirewallRules: [{B7023AE1-F1B1-4B1A-A307-91E5B5256112}] => (Allow) D:\steam\Steam.exe
FirewallRules: [UDP Query User{6B3F0347-BF65-43B1-9BFA-F3DDA50389A9}C:\users\julius\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julius\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{26324FFB-E34C-4518-96BF-2092A38B655F}C:\users\julius\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julius\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{3C2E6339-99C1-4AF6-9173-EF45484D83A5}C:\users\julius\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julius\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{93735795-7091-4A05-920F-05A7368FFCBD}C:\users\julius\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\julius\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9589E184-B98E-4ECF-827B-C2A751070A3F}] => (Allow) C:\WINDOWS\system32\rundll32.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: XPS MiniView
Description: XPS MiniView
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/02/2016 06:21:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x10e8
Startzeit der fehlerhaften Anwendung: 0x01d21cc90ece1a83
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: f1ce499e-832f-4742-a7a8-7707bcc4741d
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (10/02/2016 06:21:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x10e8
Startzeit der fehlerhaften Anwendung: 0x01d21cc90ece1a83
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 98474a72-a19e-4801-ada6-8d81e648c1c6
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (10/02/2016 01:37:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/02/2016 01:37:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/30/2016 08:47:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: Bei der Aktivierung der App „Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/30/2016 02:36:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/29/2016 11:47:05 AM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (09/28/2016 05:28:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/28/2016 05:23:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/28/2016 05:18:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JULIUS-PC)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (10/07/2016 04:17:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/07/2016 04:17:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/07/2016 04:17:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/07/2016 04:17:08 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (10/06/2016 08:15:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/06/2016 08:15:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/06/2016 08:15:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/06/2016 08:15:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (10/06/2016 07:42:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/06/2016 07:42:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 8125.94 MB
Verfügbarer physikalischer RAM: 4958.89 MB
Summe virtueller Speicher: 16317.94 MB
Verfügbarer virtueller Speicher: 12736.42 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:110.81 GB) (Free:63.52 GB) NTFS
Drive d: (Daten) (Fixed) (Total:465.76 GB) (Free:274.02 GB) NTFS
Drive e: (techno mix) (CDROM) (Total:4.37 GB) (Free:3.92 GB) UDF

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 3C58B301)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 3D84F66C)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Antwort

Themen zu trojan dropper:win32/bunt
bat, beseitigen, datei, dropper, ebenfalls, einfach, entferne, entfernen, entfernt, folge, folgende, folgenden, frage, gestern, meldung, nutze, program, troja, trojan, trojan dropper, trojan dropper win32, trojaner, trojaner meldung, vollständig, weiteren, weiteres, win, windows-defender



Ähnliche Themen: trojan dropper:win32/bunt


  1. Win64:Dropper-gen [Drp] und Trojan.Win32.YY.Gen.3
    Plagegeister aller Art und deren Bekämpfung - 22.04.2015 (3)
  2. Mehrere Viren u.a. Trojan-Dropper.Win32.FrauDrop.bdq, Trojan.Win32.Generic
    Log-Analyse und Auswertung - 13.09.2010 (5)
  3. Virus.Win32.Protector.f & Trojan-Dropper.Win32.delf.eu
    Log-Analyse und Auswertung - 19.05.2010 (13)
  4. Trojan-Dropper.win32.droco.a
    Plagegeister aller Art und deren Bekämpfung - 09.04.2010 (4)
  5. Trojan-Dropper.Win32.VB.afel
    Plagegeister aller Art und deren Bekämpfung - 17.11.2009 (10)
  6. Trojan-Dropper.Win32.Agent.dtk
    Plagegeister aller Art und deren Bekämpfung - 21.03.2008 (1)
  7. Trojan-Dropper.Win32.Agent.dsm
    Plagegeister aller Art und deren Bekämpfung - 22.01.2008 (3)
  8. Trojan-Dropper.Win32.Agent.bip
    Plagegeister aller Art und deren Bekämpfung - 19.08.2007 (5)
  9. Trojan-Dropper.Win32.Mudrop.z
    Plagegeister aller Art und deren Bekämpfung - 30.05.2007 (2)
  10. Trojan-Dropper.Win32.Mudrop.z
    Mülltonne - 28.05.2007 (1)
  11. win32.trojan.dropper in exlorer.exe
    Log-Analyse und Auswertung - 08.02.2007 (1)
  12. Trojan-Dropper.Win32.Agent.apu
    Plagegeister aller Art und deren Bekämpfung - 08.07.2006 (5)
  13. Trojan-Dropper.Win32.Paradrop.a
    Plagegeister aller Art und deren Bekämpfung - 07.03.2006 (3)
  14. Trojan.Banker.VB.0D9D0998 und Trojan-Dropper.Win32.Agent.wd
    Log-Analyse und Auswertung - 04.10.2005 (2)
  15. Trojan-dropper.win32.Agent.vj
    Log-Analyse und Auswertung - 24.09.2005 (5)
  16. Trojan-Dropper.Win32.Agent.dw
    Plagegeister aller Art und deren Bekämpfung - 18.01.2005 (11)
  17. HELP - trojan-dropper.win32.delf
    Plagegeister aller Art und deren Bekämpfung - 16.01.2005 (7)

Zum Thema trojan dropper:win32/bunt - Moin Moin, ich habe gestern den Windows-Defender durchlaufen lassen. Dieser hat folgenden Meldung ergeben: trojan dropper:win32/bunt (welchen er als "schwerwiegend" einstufte). Ebenfalls bat er mir an, diese Datei zu entfernen, - trojan dropper:win32/bunt...
Archiv
Du betrachtest: trojan dropper:win32/bunt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.