| |
| |||||||
Log-Analyse und Auswertung: rootkit? virus? festplatte zu 100% ausgelastet. hilfe mit frst. ereignis id: 1014, 7031, 10010, 5973, 69, 1000, 10016, 7006,......Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
02.12.2016, 05:07
| #1 |
 |  rootkit? virus? festplatte zu 100% ausgelastet. hilfe mit frst. ereignis id: 1014, 7031, 10010, 5973, 69, 1000, 10016, 7006,...... hi, hab das gefühl, dass mal wieder irgendwas mit meinem laptop nicht stimmt. heißt meine maus bewegt sich teilweise nicht wie sie soll, vor allem wenn ich zocke, meine festplatte ist teilweise zu 100% ausgelastet, auch wenn ich absolut nichts mache, mein lüfter arbeitet durchgehend auf hochtouren einige programme funktionieren nicht richtig, u.a. frooty loops und ich habe einiege anwendungen die mir suspekt ercheinen. weiß allerdings nicht sicher, ob ich nicht mal wieder nur paranoia hab^^ mein antivirenprogramm findet nichts, aber ich hab FRST ausgeführt. hab schon öfter versucht damit meinen pc wieder auf vordermann zu bringen. selbst mit anleitung und vielen stunden zeitaufwand, hat beim letzten mal nur system komplett platt machen mit DBAN geholfen. da aber das kostenlose win 10 update nicht mehr verfügbar ist, muss dieses mal fast eine andere lösung her. Anhang 79427 Anhang 79428 Anhang 79428 |
|
02.12.2016, 09:43
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  rootkit? virus? festplatte zu 100% ausgelastet. hilfe mit frst. ereignis id: 1014, 7031, 10010, 5973, 69, 1000, 10016, 7006,......+++ WICHTIGER HINWEIS +++ Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache. Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung! Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben. Gelesen und verstanden?  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
02.12.2016, 21:12
| #3 |
| | rootkit? virus? festplatte zu 100% ausgelastet. hilfe mit frst. ereignis id: 1014, 7031, 10010, 5973, 69, 1000, 10016, 7006,...... ok verstanden. danke für die schnelle antwort.
__________________ |
|
02.12.2016, 23:12
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | rootkit? virus? festplatte zu 100% ausgelastet. hilfe mit frst. ereignis id: 1014, 7031, 10010, 5973, 69, 1000, 10016, 7006,...... Gut. Poste bitte die Logs in CODE-Tags. Weil als Anhang ist das zu umständlich für uns. Danke.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
17.12.2016, 18:55
| #5 |
| | rootkit? virus? festplatte zu 100% ausgelastet. hilfe mit frst. ereignis id: 1014, 7031, 10010, 5973, 69, 1000, 10016, 7006,......Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-12-2016
durchgeführt von Dragonfly (17-12-2016 18:50:23)
Gestartet von C:\Users\Dragonfly\Desktop
Windows 10 Home Version 1511 (X64) (2016-07-29 23:35:10)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-614321186-1851163967-905647231-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-614321186-1851163967-905647231-503 - Limited - Disabled)
Dragonfly (S-1-5-21-614321186-1851163967-905647231-1000 - Administrator - Enabled) => C:\Users\Dragonfly
Gast (S-1-5-21-614321186-1851163967-905647231-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{588B7DD2-3480-4A89-A8F6-C6781CBFAD56}) (Version: 1.5 - Eyeo GmbH)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Connect (HKLM-x32\...\{707e8edf-9482-4417-ae39-c9b5fe605e87}) (Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG) Hidden
CyberGhost 6 (HKLM\...\CyberGhost 6_is1) (Version: - CyberGhost S.R.L.)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{181BBF43-CA17-4E1A-A78D-81E67A57B8A4}) (Version: 15.02.0000.1258 - Intel Corporation)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
NVIDIA GeForce Experience 3.2.0.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.0.96 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
paint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCE}) (Version: 4.0.12 - dotPDN LLC)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.54.309.2012 - Realtek)
SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-614321186-1851163967-905647231-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-614321186-1851163967-905647231-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll => Kein (Der Dateneintrag hat 7 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-614321186-1851163967-905647231-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-614321186-1851163967-905647231-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll => Kein (Der Dateneintrag hat 7 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-614321186-1851163967-905647231-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-614321186-1851163967-905647231-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll => Kein (Der Dateneintrag hat 7 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-614321186-1851163967-905647231-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-614321186-1851163967-905647231-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-614321186-1851163967-905647231-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll => Kein (Der Dateneintrag hat 7 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-614321186-1851163967-905647231-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll => Kein (Der Dateneintrag hat 7 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-614321186-1851163967-905647231-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll => Kein (Der Dateneintrag hat 7 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-614321186-1851163967-905647231-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-614321186-1851163967-905647231-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll => Kein (Der Dateneintrag hat 7 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-614321186-1851163967-905647231-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-614321186-1851163967-905647231-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll => Kein (Der Dateneintrag hat 7 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-614321186-1851163967-905647231-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll => Kein (Der Dateneintrag hat 7 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-614321186-1851163967-905647231-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncApi64.dll => Keine (Der Dateneintrag hat 5 mehr Zeichen).
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {03E3805D-70CA-4B7A-88FE-B0A7ECB79FA0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {05E29CAC-D387-45CE-AE18-876241F8A74B} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {05FD0347-5C60-4CE5-8A7F-B13732DA5194} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {06DB1599-D4C7-4B21-AA32-2E8AFE0B60AA} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {07A62BCD-1B29-4E4E-910C-9C1FF254C0B6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-13] (NVIDIA Corporation)
Task: {0848D22A-6161-4F11-A372-96D326C7D0BC} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {1C2F7D9C-9FB4-4994-A225-EB858F74F810} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1C60354A-D04E-4B4D-A8BE-2B2311FE4CBA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {217D3CCF-9F2D-4AD6-9EFF-6CEB68DE2301} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {248A8323-DA31-4222-96A2-5C6E6951F619} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {360EB739-EB12-49D4-BED1-E2021BDCA7C8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {40EB871D-0140-44C8-9E7B-525645048C0D} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {40EF86BA-63C8-47D9-92DD-EB62496BCA26} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {41B5F213-92D6-4DFE-BECF-387CB2885869} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {4EB4A967-6105-45ED-B825-629CB423DE43} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {5A33D8D1-EC9E-41A2-BBB6-2420356CD89C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {5B76CB83-A5F9-4E43-A63B-CBF8F67C41A5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {62D21782-9F4C-4347-AAAF-5B1584328DBB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {6C2C580E-AB30-4A56-BDE3-4A963668C9F7} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6F0FA1DC-6A61-40FF-8E48-E2E6D9D1EC5B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {73EAD0A0-D4D3-42F2-AB00-158104EE5FD7} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {743B6204-186E-4EFE-B6D3-CBBAB15C84BE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {76A0339D-DA5E-4811-8264-0A64B9BD2138} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {80CC415F-3D85-42A5-85C4-DB80FCBBA889} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8AE3FC4C-B5A2-47FE-B764-2FDC7CF41766} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {9029FA70-4FC2-41D9-869D-42A60F4662E4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {97DFCF79-D4C3-48A8-AF2F-66F28E6A5A88} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {9E48F49C-D889-4CCC-9F07-C83816CEAB70} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A551C101-F597-4E55-BF05-A5B30B685C6D} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {A9CB0F2A-7B83-4E5F-B717-2F669157731D} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {AAE922AD-510D-48AA-B0DD-3EF0C60C967D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B1146A5D-8566-4172-8D39-F826DA990E8D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-12-13] (NVIDIA Corporation)
Task: {B4905C69-C0BC-47D8-BF0A-8CDFE0E01150} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BA55B185-6F05-44EC-B7C8-1EA0D065D486} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {BBF13E3A-451D-4AD4-8A81-DEB0933E1D5F} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BDF6FE28-C910-4FDB-8906-5D062A256641} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C6B39C71-78D8-40D7-B9B0-36C543724A9A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CA269936-C128-4BB7-A0E2-3D7E955C4A5F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CF619372-64D8-4ECB-9782-7FDE3D0F7FB6} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-13] (NVIDIA Corporation)
Task: {DADC79E6-4947-4B1C-85F5-C40EC1D7560D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DD1D530A-1547-4E97-A2EC-C16E96BCC0D9} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E454C27B-586C-4D8C-830C-459442B08B45} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {E9E6F3AA-93E4-4497-B237-0D4F75BC228E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {F4D8ABA4-EF6C-4378-A09F-5C0662B919E1} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F4F793B4-DA06-4683-BAA0-A6108BB1BFD7} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-10-07 14:20 - 2016-12-13 00:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-07 14:20 - 2016-12-13 00:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-11-21 04:33 - 2016-12-11 19:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-09 01:24 - 2016-10-25 10:42 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-09 01:24 - 2016-10-25 10:42 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-27 06:17 - 2016-04-27 06:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-30 00:41 - 2016-07-30 00:41 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-11-09 01:25 - 2016-10-25 08:01 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2016-11-09 01:24 - 2016-10-25 05:49 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 01:24 - 2016-10-25 05:44 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 01:24 - 2016-10-25 05:45 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 01:24 - 2016-10-25 05:48 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-10-07 14:20 - 2016-12-13 00:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-07 14:20 - 2016-12-13 00:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-07 14:20 - 2016-12-13 00:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-07 14:20 - 2016-12-12 15:36 - 00525760 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-07 14:20 - 2016-12-12 15:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-07 14:20 - 2016-12-12 15:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-07 14:20 - 2016-12-12 15:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-07 14:20 - 2016-12-12 15:36 - 00447424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-10-07 14:20 - 2016-12-12 15:36 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-07 14:20 - 2016-12-12 15:36 - 01003456 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-17 12:22 - 2016-12-12 15:36 - 00956472 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-614321186-1851163967-905647231-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: AMPPALR3 => 2
MSCONFIG\Services: Avira.ServiceHost => 2
MSCONFIG\Services: CG6Service => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: EvtEng => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: NVIDIA Wireless Controller Service => 2
MSCONFIG\Services: RegSrvc => 2
MSCONFIG\Services: SynTPEnhService => 2
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: ZeroConfigService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update Benachrichtigungsdienst.lnk => C:\Windows\pss\Update Benachrichtigungsdienst.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
MSCONFIG\startupreg: IntelPROSet => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless
HKLM\...\StartupApproved\StartupFolder: => "FAH.lnk"
HKLM\...\StartupApproved\Run: => "SynLenovoGestureMgr"
HKLM\...\StartupApproved\Run32: => "331BigDog"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKU\S-1-5-21-614321186-1851163967-905647231-1000\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [{C42E09EE-544C-4058-B937-1E1C214C3179}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{C13FCC8E-EA7C-4CF3-A00E-B34183437A33}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{60B6505E-646C-49A7-AED9-61624970AD3A}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{DDA3AE79-ADE7-4908-8334-C9DA3F39B5B1}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9C9D448E-E0C6-4AB9-BDB5-B501BA9707ED}] => %systemroot%\system32\mqsvc.exe
FirewallRules: [{3EB2F7F5-4D9C-4CC4-ABF8-4B5239F07BB4}] => %systemroot%\system32\mqsvc.exe
FirewallRules: [{E07F3B24-CA0A-4C07-9E7B-AD478A9A1BCF}] => %systemroot%\system32\mqsvc.exe
FirewallRules: [{66237BE3-1D77-47EA-AFD0-64530BFBE380}] => %systemroot%\system32\mqsvc.exe
FirewallRules: [{EC4463D8-0CDF-4C6E-A8F3-ED1AECD22E7A}] => LPort=808
FirewallRules: [{AEB7ABE0-DE10-4AE4-8C08-394F31414C3A}] => C:\Fruity Loops Studio 8\FL_3GB.exe
FirewallRules: [{A8A6276D-B39F-4DD2-9B64-5D280508E2D7}] => C:\Fruity Loops Studio 8\FL_3GB.exe
FirewallRules: [{9A47A000-1124-4309-B74A-11D80A8C9F4D}] => C:\Fruity Loops Studio 8\FL_3GB.exe
FirewallRules: [{20824275-6B98-4756-8CF8-4E37B4FABE0A}] => C:\Fruity Loops Studio 8\FL_3GB.exe
FirewallRules: [{50977907-6F8B-483C-A95A-AC054B7F83B4}] => C:\Fruity Loops Studio 8\FL.exe
FirewallRules: [{5439A04F-8DA4-4FBE-85AB-F1F50F10CE07}] => C:\Fruity Loops Studio 8\FL.exe
FirewallRules: [{8043D186-EF79-453E-B207-B1C0304910A2}] => C:\Fruity Loops Studio 8\FL.exe
FirewallRules: [{5133CF13-31A7-4A88-A181-89D2E1F3A29F}] => C:\Fruity Loops Studio 8\FL.exe
FirewallRules: [{0921E149-3077-41B7-8F31-09C8F36CE06E}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{8C0DBFD5-D27C-4B56-BD72-D58BDC1C1516}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{CB643C00-DDAE-4619-9558-0BC84F1667E4}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{2B7A0D01-EA76-49D8-8281-243149DE9D24}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B7A429B8-C176-4617-A67B-5D0F59DA53A3}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/17/2016 12:37:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rads_user_kernel.exe, Version: 0.0.0.0, Zeitstempel: 0x4e65c1ac
Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.9193, Zeitstempel: 0x560489c4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00012f4b
ID des fehlerhaften Prozesses: 0x1678
Startzeit der fehlerhaften Anwendung: 0x01d25859f3e47dad
Pfad der fehlerhaften Anwendung: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9193_none_d09188224426efcd\MSVCR80.dll
Berichtskennung: a36d47d5-9f60-4e33-af47-ed7fcda8c113
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/17/2016 12:36:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rads_user_kernel.exe, Version: 0.0.0.0, Zeitstempel: 0x4e65c1ac
Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.9193, Zeitstempel: 0x560489c4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00012f4b
ID des fehlerhaften Prozesses: 0x1354
Startzeit der fehlerhaften Anwendung: 0x01d25859deef5288
Pfad der fehlerhaften Anwendung: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9193_none_d09188224426efcd\MSVCR80.dll
Berichtskennung: 0ea1f4ad-8817-4168-ae1f-fd70af18d25e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/17/2016 12:16:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rads_user_kernel.exe, Version: 0.0.0.0, Zeitstempel: 0x4e65c1ac
Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.9193, Zeitstempel: 0x560489c4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00012f4b
ID des fehlerhaften Prozesses: 0x1448
Startzeit der fehlerhaften Anwendung: 0x01d2585700195c8d
Pfad der fehlerhaften Anwendung: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9193_none_d09188224426efcd\MSVCR80.dll
Berichtskennung: 41d347ad-0001-488b-9852-9f2885c8213c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/17/2016 12:14:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rads_user_kernel.exe, Version: 0.0.0.0, Zeitstempel: 0x4e65c1ac
Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.9193, Zeitstempel: 0x560489c4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00012f4b
ID des fehlerhaften Prozesses: 0x1728
Startzeit der fehlerhaften Anwendung: 0x01d25856ab785d8b
Pfad der fehlerhaften Anwendung: C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9193_none_d09188224426efcd\MSVCR80.dll
Berichtskennung: e309e262-cd45-4f67-9915-15b403e29093
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/16/2016 10:32:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dragonfly-PC)
Description: Bei der Aktivierung der App „Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (12/16/2016 10:32:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LockApp.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 13d8
Startzeit: 01d2573779f06a60
Beendigungszeit: 4294967295
Anwendungspfad: C:\WINDOWS\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
Berichts-ID: 7ff06158-c372-11e6-aef7-208984e59db3
Vollständiger Name des fehlerhaften Pakets: Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy
Auf das fehlerhafte Paket bezogene Anwendungs-ID: WindowsDefaultLockScreen
Error: (12/13/2016 12:03:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dragonfly-PC)
Description: Bei der Aktivierung der App „Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (12/11/2016 07:31:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.10586.494, Zeitstempel: 0x5775e94c
Name des fehlerhaften Moduls: twinapi.appcore.dll, Version: 10.0.10586.672, Zeitstempel: 0x580ef283
Ausnahmecode: 0xc000027b
Fehleroffset: 0x000000000004b1c9
ID des fehlerhaften Prozesses: 0x318
Startzeit der fehlerhaften Anwendung: 0x01d253dc7a71494a
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\twinapi.appcore.dll
Berichtskennung: 899a1405-ce81-403e-8920-787ca73c9839
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (12/11/2016 05:08:33 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LockApp.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1900
Startzeit: 01d2534b12d37acc
Beendigungszeit: 4294967295
Anwendungspfad: C:\WINDOWS\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
Berichts-ID: 50dec74a-bf3e-11e6-aef5-208984e59db3
Vollständiger Name des fehlerhaften Pakets: Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy
Auf das fehlerhafte Paket bezogene Anwendungs-ID: WindowsDefaultLockScreen
Error: (12/07/2016 11:12:26 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dragonfly-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (12/17/2016 05:51:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/17/2016 04:27:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_3d1cc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/17/2016 04:27:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _3d1cc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/17/2016 04:27:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_3d1cc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/17/2016 04:27:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_3d1cc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/17/2016 12:34:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CG6Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (12/17/2016 12:34:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst CG6Service erreicht.
Error: (12/17/2016 12:34:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira.ServiceHost erreicht.
Error: (12/17/2016 12:34:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (12/17/2016 12:33:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _3de5d erreicht.
CodeIntegrity:
===================================
Date: 2016-12-15 21:52:02.547
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-14 13:00:08.180
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-12-14 03:41:15.867
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-11 11:36:35.733
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-09 13:06:47.157
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-09 08:22:05.757
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-09 03:44:07.044
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-30 12:47:21.004
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-29 04:39:02.108
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-15 10:29:41.341
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 8053.6 MB
Verfügbarer physikalischer RAM: 6156.52 MB
Summe virtueller Speicher: 16245.6 MB
Verfügbarer virtueller Speicher: 14176.04 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.91 GB) (Free:847.2 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9BCA118F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=511 MB) - (Type=27)
==================== Ende von Addition.txt ===========================
Code:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 17-12-2016
durchgeführt von Dragonfly (17-12-2016 18:51:19)
Gestartet von C:\Users\Dragonfly\Desktop
Start-Modus: Normal
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\01 - File Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\03 - Documents.lnk -> C:\Users\Dragonfly\Documents ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\04 - Downloads.lnk -> C:\Users\Dragonfly\Downloads ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\05 - Music.lnk -> C:\Users\Dragonfly\Music ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\06 - Pictures.lnk -> C:\Users\Dragonfly\Pictures ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\07 - Videos.lnk -> C:\Users\Dragonfly\Videos ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\08 - Homegroup.lnk -> Microsoft.Windows.Homegroup
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\09 - Network.lnk -> Microsoft.Windows.Network
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\10 - UserProfile.lnk -> C:\Users\Dragonfly ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk -> C:\WINDOWS\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk -> C:\WINDOWS\DevicesFlow\DevicesFlow.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk -> C:\WINDOWS\MiracastView\MiracastView.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk -> C:\Program Files\paint.net\PaintDotNet.exe (dotPDN LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk -> C:\WINDOWS\PrintDialog\PrintDialog.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Upgrade-Assistent.lnk -> C:\Windows10Upgrade\Windows10UpgraderApp.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Uninstall Winamp.lnk -> C:\Program Files (x86)\Winamp\UninstWA.exe (Nullsoft, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\What's New.lnk -> C:\Program Files (x86)\Winamp\whatsnew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp.lnk -> C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends\League of Legends.lnk -> C:\Riot Games\League of Legends\lol.launcher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 6\CyberGhost 6 deinstallieren.lnk -> C:\Program Files\CyberGhost 6\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 6\CyberGhost 6.lnk -> C:\Program Files\CyberGhost 6\CyberGhost.exe (CyberGhost S.R.L.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira Antivirus Hilfe.lnk -> C:\Program Files (x86)\Avira\Antivirus\57\avwin.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira Antivirus starten.lnk -> C:\Program Files (x86)\Avira\Antivirus\avcenter.exe (Avira Operations GmbH & Co. KG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira im Internet.lnk -> C:\Program Files (x86)\Avira\Antivirus\weblink.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\WINDOWS\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\WINDOWS\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\WINDOWS\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\WINDOWS\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\WINDOWS\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\WINDOWS\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\WINDOWS\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\WINDOWS\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\WINDOWS\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\WINDOWS\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\WINDOWS\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Bluetooth File Transfer Wizard.lnk -> C:\WINDOWS\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\WINDOWS\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\WINDOWS\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\WINDOWS\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\WINDOWS\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\WINDOWS\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\WINDOWS\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\WINDOWS\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\WINDOWS\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (Igor Pavlov)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\WINDOWS\explorer.exe,-304
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\WINDOWS\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\WINDOWS\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\WINDOWS\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\WINDOWS\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\WINDOWS\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\WINDOWS\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\WINDOWS\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\WINDOWS\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\WINDOWS\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\WINDOWS\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\WINDOWS\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\WINDOWS\explorer.exe,-304
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\WINDOWS\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\WINDOWS\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\WINDOWS\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\WINDOWS\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\WINDOWS\System32\compmgmt.msc ()
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\WINDOWS\System32\diskmgmt.msc ()
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\WINDOWS\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\WINDOWS\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\Links\Desktop.lnk -> C:\Users\Dragonfly\Desktop ()
Shortcut: C:\Users\Dragonfly\Links\Downloads.lnk -> C:\Users\Dragonfly\Downloads ()
Shortcut: C:\Users\Dragonfly\Links\RecentPlaces.lnk -> L ᐁ À 䘀 耟穭⊇㞡䘚낑�깚馼 ć ꀀz 匱卐뜥䟯ယ怂麌곫1
ἀ က 娀甀氀攀琀稀琀 戀攀猀甀挀栀琀 ⴀ Ѐ
Systemordner 匱卐檦⡣锽ᇒ횵쀀�퀘e ἀ ⤀ 㨀㨀笀㈀㈀㠀㜀㜀䄀㘀䐀ⴀ㌀㜀䄀ⴀ㐀㘀䄀ⴀ㤀䈀 ⴀ䐀䈀䐀䄀㔀䄀䄀䔀䈀䌀㤀㤀紀
Shortcut: C:\Users\Dragonfly\Desktop\ASIO4ALL v2 Anleitung.lnk -> C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL v2 Anleitung.pdf ()
Shortcut: C:\Users\Dragonfly\Desktop\-\CyberGhost 6.lnk -> C:\Program Files\CyberGhost 6\CyberGhost.exe (CyberGhost S.R.L.)
Shortcut: C:\Users\Dragonfly\Desktop\-\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation)
Shortcut: C:\Users\Dragonfly\Desktop\-\League of Legends.lnk -> C:\Riot Games\League of Legends\lol.launcher.exe ()
Shortcut: C:\Users\Dragonfly\Desktop\-\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\McUICnt.exe (Keine Datei)
Shortcut: C:\Users\Dragonfly\Desktop\-\OpenOffice 4.1.2.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\Users\Dragonfly\Desktop\-\paint.net.lnk -> C:\Program Files\paint.net\PaintDotNet.exe (dotPDN LLC)
Shortcut: C:\Users\Dragonfly\Desktop\-\Security Task Manager.lnk -> C:\Program Files (x86)\Security Task Manager\TaskMan.exe (Keine Datei)
Shortcut: C:\Users\Dragonfly\Desktop\-\Start Tor Browser.lnk -> C:\Users\Dragonfly\Desktop\-\Tor Browser\Browser\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Dragonfly\Desktop\-\True Key.lnk -> C:\Program Files\Intel Security\True Key\application\truekey.exe (Keine Datei)
Shortcut: C:\Users\Dragonfly\Desktop\-\Winamp.lnk -> C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.)
Shortcut: C:\Users\Dragonfly\Desktop\-\Windows 10-Upgrade-Assistent.lnk -> C:\Windows10Upgrade\Windows10UpgraderApp.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\Desktop\-\WinZip.lnk -> C:\Program Files\WinZip\WINZIP64.EXE (Keine Datei)
Shortcut: C:\Users\Dragonfly\Desktop\-\Tor Browser\Start Tor Browser.lnk -> C:\Users\Dragonfly\Desktop\-\Tor Browser\Browser\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberGhost 6.lnk -> C:\Program Files\CyberGhost 6\CyberGhost.exe (CyberGhost S.R.L.)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\firefox (2).lnk -> C:\Users\Dragonfly\Desktop\firefox.exe (Keine Datei)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk -> C:\WINDOWS\System32\fodhelper.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\WINDOWS\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\WINDOWS\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\WINDOWS\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\WINDOWS\explorer.exe,-304
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\WINDOWS\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Base.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sbase.exe (Apache Software Foundation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Calc.lnk -> C:\Program Files (x86)\OpenOffice 4\program\scalc.exe (Apache Software Foundation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Draw.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe (Apache Software Foundation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Impress.lnk -> C:\Program Files (x86)\OpenOffice 4\program\simpress.exe (Apache Software Foundation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Math.lnk -> C:\Program Files (x86)\OpenOffice 4\program\smath.exe (Apache Software Foundation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Writer.lnk -> C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2\ASIO4ALL v2 Anleitung.lnk -> C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL v2 Anleitung.pdf ()
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2\ASIO4ALL Web Site.lnk -> C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL Web Site.url ()
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2\Uninstall.lnk -> C:\Program Files (x86)\ASIO4ALL v2\uninstall.exe ()
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\WINDOWS\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\WINDOWS\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\WINDOWS\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\WINDOWS\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\WINDOWS\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\WINDOWS\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CyberGhost 6.lnk -> C:\Program Files\CyberGhost 6\CyberGhost.exe (CyberGhost S.R.L.)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\WINDOWS\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk -> C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\WINDOWS\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\WINDOWS\System32\compmgmt.msc ()
Shortcut: C:\Users\Dragonfly\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\WINDOWS\System32\diskmgmt.msc ()
Shortcut: C:\Users\Dragonfly\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\WINDOWS\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\WINDOWS\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Dragonfly\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp (Safe Mode).lnk -> C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.) -> /SAFE=1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\WINDOWS\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\Administrator-Toolkit.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\itFrmwrk.exe (Intel(R) Corporation) -> /af Administrator Tool /class IT Admin Class
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\Ereignisanzeige für WiFi.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\imFrmwrk.exe (Intel(R) Corporation) -> /sf Wireless Event Viewer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\Erweiterte Statistik für WiFi.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\imFrmwrk.exe (Intel(R) Corporation) -> /sf Advanced Statistics
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\Manuelles Diagnose-Tool für WiFi.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\imFrmwrk.exe (Intel(R) Corporation) -> /sf Wireless Diagnostics
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless\WiFi Connection Utility.lnk -> C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) -> /af Intel PROSet/Wireless
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Connect.lnk -> C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) -> /showMiniGui
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\WINDOWS\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\WINDOWS\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\WINDOWS\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\WINDOWS\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\WINDOWS\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\WINDOWS\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\WINDOWS\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\WINDOWS\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\WINDOWS\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\WINDOWS\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\WINDOWS\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\WINDOWS\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\WINDOWS\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\WINDOWS\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\WINDOWS\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Dragonfly\Desktop\-\Avira Launcher.lnk -> C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) -> /showMiniGui
ShortcutWithArgument: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\WINDOWS\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\WINDOWS\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\WINDOWS\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Dragonfly\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Dragonfly\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Dragonfly\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Dragonfly\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Dragonfly\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\WINDOWS\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Dragonfly\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Dragonfly\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Dragonfly\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Dragonfly\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\WINDOWS\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Dragonfly\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\WINDOWS\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
InternetURL: C:\Users\Dragonfly\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Dragonfly\Favorites\Teen Babysitter Sydney Cole Fucks for Job - Pornhub.com.url -> BASEURL: hxxp://de.pornhub.com/view_video.php?viewkey=ph5702a0c68d4f4 URL: hxxp://de.pornhub.com/view_video.php?viewkey=ph5702a0c68d4f4
InternetURL: C:\Users\Dragonfly\Favorites\Windows Live\Windows Live Gallery.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Dragonfly\Favorites\Windows Live\Windows Live Ideas.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\Dragonfly\Favorites\Windows Live\Windows Live Mail.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\Dragonfly\Favorites\Windows Live\Windows Live Spaces.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\Dragonfly\Favorites\MSN-Websites\MSN Auto.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72680
InternetURL: C:\Users\Dragonfly\Favorites\MSN-Websites\MSN Fernsehen.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72659
InternetURL: C:\Users\Dragonfly\Favorites\MSN-Websites\MSN Money.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72640
InternetURL: C:\Users\Dragonfly\Favorites\MSN-Websites\MSN Nachrichten.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72636
InternetURL: C:\Users\Dragonfly\Favorites\MSN-Websites\MSN Sport.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72635
InternetURL: C:\Users\Dragonfly\Favorites\MSN-Websites\MSN.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72630
InternetURL: C:\Users\Dragonfly\Favorites\Microsoft-Websites\IE-Site auf Microsoft.com.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\Dragonfly\Favorites\Microsoft-Websites\Microsoft Deutschland GmbH.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\Dragonfly\Favorites\Microsoft-Websites\Microsoft Store.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Dragonfly\Favorites\Microsoft-Websites\Microsoft Windows - Start.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\Dragonfly\Favorites\Microsoft-Websites\Microsoft zu Hause.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\Dragonfly\Favorites\Microsoft-Websites\Microsoft.com durchsuchen.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=72893
InternetURL: C:\Users\Dragonfly\Favorites\Microsoft-Websites\Site für IE Add-Ons.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Dragonfly\Favorites\Links\Vorgeschlagene Sites.url -> URL: hxxps://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Dragonfly\Favorites\Links\Web Slice-Katalog.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Dragonfly\AppData\Local\Microsoft\Internet Explorer\Pinned Sites\Family Guy (7) - Burning Series Serien online sehen.website -> URL: hxxps://bs.to/serie/Family-Guy/7
==================== Ende von Shortcut.txt =============================
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2016
durchgeführt von Dragonfly (Administrator) auf DRAGONFLY-PC (17-12-2016 18:59:13)
Gestartet von C:\Users\Dragonfly\Desktop
Geladene Profile: Dragonfly (Verfügbare Profile: Dragonfly & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\WINDOWS\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\WINDOWS\System32\InstallAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SynLenovoGestureMgr] => %ProgramFiles%\Synaptics\SynTP\SynLenovoGestureMgr.exe
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61640 2016-11-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [917576 2016-12-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [571928 2015-09-03] (Vimicro)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-614321186-1851163967-905647231-1000\...\RunOnce: [Uninstall C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [172736 2016-12-12] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Dragonfly\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll Keine Datei
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{532a19c3-72f7-44e7-9dd6-29ffc5f32635}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{710a9cfb-03be-40ab-86c0-bcc56c490da4}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8db06c7b-14a1-4d88-b57a-c536e881adc4}: [DhcpNameServer] 194.187.251.67 185.93.180.131 38.132.106.139
Internet Explorer:
==================
HKU\S-1-5-21-614321186-1851163967-905647231-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2015-10-30] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Dragonfly\AppData\Roaming\Mozilla\Firefox\Profiles\WZyZFQzB.default [2016-12-17]
FF Extension: (Avira Browser Safety) - C:\Users\Dragonfly\AppData\Roaming\Mozilla\Firefox\Profiles\WZyZFQzB.default\Extensions\abs@avira.com.xpi [2016-11-21]
FF Extension: (Video DownloadHelper) - C:\Users\Dragonfly\AppData\Roaming\Mozilla\Firefox\Profiles\WZyZFQzB.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-10-11]
FF Extension: (Adblock Plus) - C:\Users\Dragonfly\AppData\Roaming\Mozilla\Firefox\Profiles\WZyZFQzB.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-22] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-22] ()
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1089592 2016-12-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [476736 2016-12-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [476736 2016-12-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1490296 2016-12-13] (Avira Operations GmbH & Co. KG)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350528 2016-11-24] (Avira Operations GmbH & Co. KG)
S2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [76336 2016-11-28] (CyberGhost S.R.L)
S4 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-06-25] ()
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-13] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-13] (NVIDIA Corporation)
S3 PrintNotify; C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll [3337728 2016-09-07] (Microsoft Corporation) [Datei ist nicht signiert]
S4 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation)
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3325232 2012-06-25] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [151352 2016-12-13] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [153904 2016-12-13] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [35488 2016-07-30] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [78208 2016-07-30] (Avira Operations GmbH & Co. KG)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-13] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [422656 2016-03-09] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [648872 2015-09-03] (Vimicro Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WUDFWpdComp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-17 18:51 - 2016-12-17 18:59 - 00013144 _____ C:\Users\Dragonfly\Desktop\FRST.txt
2016-12-17 18:51 - 2016-12-17 18:51 - 00042436 _____ C:\Users\Dragonfly\Desktop\Shortcut.txt
2016-12-17 18:50 - 2016-12-17 18:51 - 00040991 _____ C:\Users\Dragonfly\Desktop\Addition.txt
2016-12-17 12:32 - 2016-09-09 19:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-12-17 12:32 - 2016-09-09 19:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-12-17 12:32 - 2016-09-09 19:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-12-17 12:32 - 2016-09-09 19:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-12-17 12:30 - 2016-12-12 22:27 - 00047032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2016-12-17 12:30 - 2016-12-12 04:03 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 34710584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 28201408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 24389160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 17586992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 14529624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 10353960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 09158616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 08761560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 02950200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437633.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437633.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 01038392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 00974784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 00942528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 00894400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 00643928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 00470400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 00394888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 00327408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 00153368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 00150784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-12-17 12:30 - 2016-12-12 04:03 - 00131536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-12-17 12:22 - 2016-12-17 12:33 - 00005110 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2016-12-17 12:22 - 2016-12-17 12:22 - 00004418 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-17 12:22 - 2016-12-17 12:22 - 00000000 ____D C:\Users\Dragonfly\AppData\Local\Chromium
2016-12-17 12:22 - 2016-12-12 15:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2016-12-17 12:21 - 2016-12-17 12:31 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-12-17 12:21 - 2016-12-13 00:36 - 00156096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-12-17 12:21 - 2016-12-13 00:36 - 00123840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-12-14 00:46 - 2016-11-22 12:42 - 00384864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-14 00:46 - 2016-11-22 11:43 - 03692040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-12-14 00:46 - 2016-11-22 11:38 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-14 00:46 - 2016-11-22 11:38 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-14 00:46 - 2016-11-22 11:36 - 00159640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-14 00:46 - 2016-11-22 11:35 - 00609056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-14 00:46 - 2016-11-22 11:35 - 00075448 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2016-12-14 00:46 - 2016-11-22 11:04 - 02549456 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-14 00:46 - 2016-11-22 11:03 - 01777280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-14 00:46 - 2016-11-22 11:02 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-12-14 00:46 - 2016-11-22 11:02 - 01399216 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-14 00:46 - 2016-11-22 10:32 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-12-14 00:46 - 2016-11-22 10:24 - 02938408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-12-14 00:46 - 2016-11-22 10:21 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2016-12-14 00:46 - 2016-11-22 10:17 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-14 00:46 - 2016-11-22 10:16 - 00064072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2016-12-14 00:46 - 2016-11-22 10:13 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2016-12-14 00:46 - 2016-11-22 10:00 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2016-12-14 00:46 - 2016-11-22 09:59 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-12-14 00:46 - 2016-11-22 09:55 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-14 00:46 - 2016-11-22 09:54 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-12-14 00:46 - 2016-11-22 09:50 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-12-14 00:46 - 2016-11-22 09:49 - 02195640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-14 00:46 - 2016-11-22 09:48 - 01522672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-14 00:46 - 2016-11-22 09:47 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-12-14 00:46 - 2016-11-22 09:47 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-14 00:46 - 2016-11-22 09:35 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-12-14 00:46 - 2016-11-22 09:32 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-14 00:46 - 2016-11-22 09:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-12-14 00:46 - 2016-11-22 09:20 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-12-14 00:46 - 2016-11-22 09:12 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-12-14 00:46 - 2016-11-22 09:04 - 03587584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-14 00:46 - 2016-11-22 08:57 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-14 00:46 - 2016-11-22 08:54 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-14 00:46 - 2016-11-22 08:53 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-14 00:46 - 2016-11-22 08:41 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-14 00:46 - 2016-11-22 08:38 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-12-14 00:46 - 2016-11-22 08:36 - 00766464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-14 00:46 - 2016-11-22 08:26 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-14 00:46 - 2016-11-22 08:26 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-12-14 00:46 - 2016-11-22 08:21 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-12-14 00:46 - 2016-11-22 08:15 - 22373376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-14 00:46 - 2016-11-22 08:14 - 04895744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-14 00:46 - 2016-11-22 08:02 - 24610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-14 00:46 - 2016-11-22 08:01 - 13392384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-14 00:46 - 2016-11-22 07:59 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-14 00:46 - 2016-11-22 07:55 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-14 00:46 - 2016-11-22 07:49 - 07839232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-14 00:46 - 2016-11-22 07:35 - 19350016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-14 00:46 - 2016-11-22 07:34 - 18670080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-14 00:46 - 2016-11-22 07:34 - 12134400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-14 00:46 - 2016-11-22 07:32 - 03663872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-14 00:46 - 2016-11-22 07:17 - 05658624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-04 00:53 - 2016-12-04 00:53 - 00213053 _____ C:\Users\Dragonfly\Desktop\frenchcore_9.flp
2016-12-04 00:38 - 2016-12-04 00:38 - 00212230 _____ C:\Users\Dragonfly\Desktop\frenchcore_8.flp
2016-12-03 21:44 - 2016-12-03 21:44 - 00211869 _____ C:\Users\Dragonfly\Desktop\frenchcore_7.flp
2016-12-03 21:18 - 2016-12-03 21:18 - 00207810 _____ C:\Users\Dragonfly\Desktop\frenchcore_6.flp
2016-12-03 18:51 - 2016-12-03 18:51 - 00202861 _____ C:\Users\Dragonfly\Desktop\frenchcore_5.flp
2016-12-03 18:38 - 2016-12-03 18:38 - 00156550 _____ C:\Users\Dragonfly\Desktop\frenchcore_4.flp
2016-12-03 18:25 - 2016-12-03 18:25 - 00156753 _____ C:\Users\Dragonfly\Desktop\frenchcore_3.flp
2016-12-03 17:34 - 2016-12-03 17:34 - 00145338 _____ C:\Users\Dragonfly\Desktop\frenchcore_2.flp
2016-12-02 21:51 - 2016-12-03 15:08 - 00145351 _____ C:\Users\Dragonfly\Desktop\frenchcore.flp
2016-12-02 08:21 - 2016-12-03 19:13 - 00000000 ____D C:\Users\Dragonfly\Desktop\speadhead
2016-12-02 03:47 - 2016-12-17 18:48 - 00000000 ____D C:\Users\Dragonfly\Desktop\FRST-OlderVersion
2016-12-01 16:37 - 2016-12-12 04:03 - 20748080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-12-01 16:37 - 2016-12-12 04:03 - 00572584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-12-01 16:37 - 2016-11-24 21:53 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437609.dll
2016-12-01 16:37 - 2016-11-24 21:53 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437609.dll
2016-11-30 14:54 - 2016-11-30 14:54 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-11-30 14:54 - 2016-11-30 14:54 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_wpdcomp_01_11_00.Wdf
2016-11-22 03:16 - 2016-12-17 18:48 - 02420224 _____ (Farbar) C:\Users\Dragonfly\Desktop\FRST64.exe
2016-11-21 04:41 - 2016-11-17 03:06 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437595.dll
2016-11-21 04:41 - 2016-11-17 03:06 - 01585088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437595.dll
2016-11-21 04:33 - 2016-12-11 19:47 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-11-21 04:33 - 2016-12-11 19:47 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-11-21 04:33 - 2016-12-11 19:47 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-11-21 04:33 - 2016-12-11 19:47 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-11-21 04:33 - 2016-12-11 19:47 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-11-21 04:33 - 2016-12-11 19:47 - 00145344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2016-11-21 04:33 - 2016-12-11 19:47 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-11-21 04:33 - 2016-12-11 19:47 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-11-21 04:33 - 2016-12-09 09:52 - 07639617 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-11-21 04:32 - 2016-12-11 19:47 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-11-19 21:55 - 2016-11-19 21:55 - 00106714 _____ C:\Users\Dragonfly\Desktop\hummel_gut.flp
2016-11-19 21:49 - 2016-11-19 21:49 - 00106714 _____ C:\Users\Dragonfly\Desktop\hummel_3.flp
2016-11-19 21:47 - 2016-11-19 21:47 - 00106716 _____ C:\Users\Dragonfly\Desktop\hummel_2.flp
2016-11-19 13:57 - 2016-11-19 21:52 - 00105720 _____ C:\Users\Dragonfly\Desktop\hummel.flp
2016-11-18 17:23 - 2016-12-17 18:50 - 00000000 ____D C:\Users\Dragonfly\AppData\LocalLow\Mozilla
2016-11-18 16:02 - 2016-12-17 14:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-18 14:17 - 2016-12-12 22:26 - 14200880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-11-18 14:17 - 2016-12-12 04:03 - 03934504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-11-18 14:17 - 2016-12-12 04:03 - 03474392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-11-18 14:17 - 2016-12-12 04:03 - 00172736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-11-18 14:17 - 2016-12-12 04:03 - 00042286 _____ C:\WINDOWS\system32\nvinfo.pb
2016-11-18 14:17 - 2016-11-11 00:51 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437586.dll
2016-11-18 14:17 - 2016-11-11 00:51 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437586.dll
2016-11-18 14:17 - 2016-11-11 00:51 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-11-18 14:17 - 2016-11-11 00:51 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2016-11-18 14:11 - 2016-12-17 12:22 - 00001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-17 18:59 - 2016-07-04 21:54 - 00000000 ____D C:\FRST
2016-12-17 17:54 - 2016-07-17 12:15 - 00007634 _____ C:\Users\Dragonfly\AppData\Local\Resmon.ResmonCfg
2016-12-17 17:05 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-17 17:05 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-17 17:00 - 2016-07-29 23:51 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-17 14:23 - 2016-09-30 00:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-17 12:37 - 2016-07-14 19:27 - 00000000 ____D C:\Users\Dragonfly\AppData\Local\CrashDumps
2016-12-17 12:33 - 2016-04-27 06:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-17 12:33 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-12-17 12:32 - 2016-07-13 22:03 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-17 12:31 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-12-17 12:22 - 2016-10-07 14:21 - 00003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-17 12:22 - 2016-10-07 14:20 - 00004004 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-17 12:22 - 2016-10-07 14:20 - 00003976 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-17 12:22 - 2016-10-07 14:20 - 00003968 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-17 12:22 - 2016-10-07 14:20 - 00003806 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-17 12:22 - 2016-10-07 14:20 - 00003764 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-17 12:22 - 2016-07-29 23:51 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-17 12:22 - 2016-07-29 23:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-17 12:22 - 2016-07-29 23:50 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-17 12:22 - 2016-07-13 22:08 - 00000000 ____D C:\Users\Dragonfly\AppData\Local\NVIDIA Corporation
2016-12-17 12:21 - 2016-07-13 22:07 - 00000000 ____D C:\Users\Dragonfly\AppData\Local\NVIDIA
2016-12-16 13:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-12-15 11:26 - 2016-07-29 23:53 - 02086168 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-15 11:26 - 2016-04-27 06:13 - 00889250 _____ C:\WINDOWS\system32\perfh007.dat
2016-12-15 11:26 - 2016-04-27 06:13 - 00197298 _____ C:\WINDOWS\system32\perfc007.dat
2016-12-14 12:58 - 2016-04-26 21:44 - 00224368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-14 12:56 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-14 02:55 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-14 02:53 - 2016-07-17 12:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-14 02:51 - 2016-07-17 12:16 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-13 01:30 - 2016-07-04 20:21 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-13 01:30 - 2016-07-04 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-12-13 01:27 - 2016-10-11 10:32 - 00028272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2016-12-13 01:27 - 2016-07-04 20:22 - 00153904 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-12-13 01:27 - 2016-07-04 20:22 - 00151352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-12-13 00:37 - 2016-10-07 14:21 - 01853376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-12-13 00:37 - 2016-10-07 14:21 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-12-13 00:37 - 2016-10-07 14:21 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-12-13 00:37 - 2016-10-07 14:21 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-12-13 00:37 - 2016-10-07 14:21 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-12-13 00:36 - 2016-07-13 22:00 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-12-12 15:27 - 2016-10-07 14:14 - 00000000 ____D C:\Users\Dragonfly\dwhelper
2016-12-12 00:03 - 2015-10-30 08:26 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:03 - 2015-10-30 08:26 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-02 22:53 - 2016-09-29 20:54 - 00000000 ____D C:\Users\Dragonfly\AppData\Local\ElevatedDiagnostics
2016-12-02 07:14 - 2016-07-30 00:35 - 00000000 ____D C:\Users\Dragonfly\AppData\Local\Packages
2016-11-22 23:37 - 2016-08-11 00:43 - 00000000 ____D C:\Users\Dragonfly\AppData\Local\Adobe
2016-11-22 23:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-11-22 23:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-11-22 03:59 - 2016-07-25 18:44 - 00000000 __SHD C:\Users\Dragonfly\IntelGraphicsProfiles
2016-11-22 03:14 - 2016-07-17 23:35 - 01741824 _____ (Farbar) C:\Users\Dragonfly\Downloads\FRST.exe
2016-11-21 21:34 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration
2016-11-21 04:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help
2016-11-21 04:00 - 2016-10-04 11:27 - 00000000 ___HD C:\$SysReset
2016-11-18 20:57 - 2016-07-29 23:50 - 00000000 ____D C:\Program Files\Intel
2016-11-18 20:56 - 2016-08-11 00:52 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-11-18 20:38 - 2016-08-11 00:43 - 00000000 ____D C:\ProgramData\McAfee
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-07-17 12:15 - 2016-12-17 17:54 - 0007634 _____ () C:\Users\Dragonfly\AppData\Local\Resmon.ResmonCfg
2016-12-17 12:22 - 2016-12-17 16:56 - 0003771 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-17 12:22 - 2016-12-17 12:33 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
Einige Dateien in TEMP:
====================
C:\Users\Dragonfly\AppData\Local\Temp\avgnt.exe
C:\Users\Dragonfly\AppData\Local\Temp\NvTelemetry.dll
C:\Users\Dragonfly\AppData\Local\Temp\NvTelemetryAPI32.dll
C:\Users\Dragonfly\AppData\Local\Temp\NvTelemetryAPI64.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-12-14 07:01
==================== Ende von FRST.txt ============================
Geändert von izockdi (17.12.2016 um 19:17 Uhr) |
|
20.12.2016, 10:15
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | rootkit? virus? festplatte zu 100% ausgelastet. hilfe mit frst. ereignis id: 1014, 7031, 10010, 5973, 69, 1000, 10016, 7006,...... Bitte Avira deinstallieren. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ --> rootkit? virus? festplatte zu 100% ausgelastet. hilfe mit frst. ereignis id: 1014, 7031, 10010, 5973, 69, 1000, 10016, 7006,...... |
|
20.01.2017, 05:03
| #7 |
| | rootkit? virus? festplatte zu 100% ausgelastet. hilfe mit frst. ereignis id: 1014, 7031, 10010, 5973, 69, 1000, 10016, 7006,...... ok danke. der rest passt? |
|
20.01.2017, 10:20
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | rootkit? virus? festplatte zu 100% ausgelastet. hilfe mit frst. ereignis id: 1014, 7031, 10010, 5973, 69, 1000, 10016, 7006,...... Was soll das heißen, der Rest passt, lies mein Posting doch mal bis zum Ende - wir sind hier nämlich nicht fertig. 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.01.2017, 09:52
| #9 |
| | rootkit? virus? festplatte zu 100% ausgelastet. hilfe mit frst. ereignis id: 1014, 7031, 10010, 5973, 69, 1000, 10016, 7006,...... schade dass wir noch nicht fertig sind... sorry ich hatte wenig zeit die tage und muss gestehen mich auch nicht großartig mit dem thema auseinander gesetzt zu haben. leider häufen sich aber die probleme und dank gebrochenem arm hab ich auch gut zeit. ich hab emisoft installiert und danach noch mal frst asgeführt. hier die neuen berichte: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2017
durchgeführt von Dragonfly (Administrator) auf DRAGONFLY-PC (24-01-2017 09:38:53)
Gestartet von C:\Users\Dragonfly\Desktop
Geladene Profile: Dragonfly & (Verfügbare Profile: Dragonfly)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\syswow64\IntelCpHeciSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2start.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Dragonfly\Desktop\FRST64 (1).exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1812544 2016-09-12] (NVIDIA Corporation)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [8140696 2016-12-29] (Emsisoft Ltd)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [571928 2015-09-03] (Vimicro)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9d7e27a9-5756-47e5-95d0-70cb4968354e}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-23] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Dragonfly\AppData\Local\Google\Chrome\User Data\Default [2017-01-24]
CHR Extension: (Google Docs) - C:\Users\Dragonfly\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-24]
CHR Extension: (Google Drive) - C:\Users\Dragonfly\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-24]
CHR Extension: (YouTube) - C:\Users\Dragonfly\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-24]
CHR Extension: (Google Docs Offline) - C:\Users\Dragonfly\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Dragonfly\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-23]
CHR Extension: (Google Mail) - C:\Users\Dragonfly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-24]
CHR Extension: (Chrome Media Router) - C:\Users\Dragonfly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-24]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [9461280 2016-12-29] (Emsisoft Ltd)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2017-01-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-01-23] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [124552 2016-11-23] (Emsisoft Ltd)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [422656 2016-03-09] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [42184 2015-06-03] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [648872 2015-09-03] (Vimicro Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-24 08:05 - 2017-01-24 08:05 - 00042168 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2017-01-24 07:50 - 2017-01-24 07:50 - 01932769 _____ C:\Users\Dragonfly\Downloads\processexplorer (1).zip
2017-01-24 06:32 - 2017-01-24 06:32 - 00036409 _____ C:\Users\Dragonfly\Desktop\Shortcut.txt
2017-01-24 06:32 - 2017-01-24 06:32 - 00023299 _____ C:\Users\Dragonfly\Desktop\Addition.txt
2017-01-24 06:31 - 2017-01-24 09:38 - 00007525 _____ C:\Users\Dragonfly\Desktop\FRST.txt
2017-01-24 06:31 - 2017-01-24 06:31 - 02420736 _____ (Farbar) C:\Users\Dragonfly\Desktop\FRST64 (1).exe
2017-01-24 06:30 - 2017-01-24 06:30 - 02420736 _____ (Farbar) C:\Users\Dragonfly\Desktop\FRST64.exe
2017-01-24 01:56 - 2017-01-24 03:41 - 00000000 ____D C:\ProgramData\Emsisoft
2017-01-24 01:55 - 2017-01-24 01:55 - 00000937 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2017-01-24 01:55 - 2017-01-24 01:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2017-01-24 01:54 - 2017-01-24 09:09 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2017-01-24 01:53 - 2017-01-24 01:54 - 241881560 _____ (Emsisoft Ltd. ) C:\Users\Dragonfly\Desktop\EmsisoftAntiMalwareSetup (1).exe
2017-01-24 01:52 - 2017-01-24 01:53 - 241881560 _____ (Emsisoft Ltd. ) C:\Users\Dragonfly\Desktop\EmsisoftAntiMalwareSetup.exe
2017-01-24 01:47 - 2017-01-24 01:47 - 00000000 ____D C:\EEK
2017-01-24 01:45 - 2017-01-24 01:46 - 283519832 _____ C:\Users\Dragonfly\Downloads\EmsisoftEmergencyKit.exe
2017-01-24 01:37 - 2017-01-24 01:37 - 00000000 ____D C:\Users\Dragonfly\Desktop\Neuer Ordner
2017-01-24 01:31 - 2016-10-28 02:22 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-01-24 01:16 - 2017-01-24 06:28 - 00007616 _____ C:\Users\Dragonfly\AppData\Local\resmon.resmoncfg
2017-01-24 00:46 - 2017-01-24 00:46 - 02420736 _____ (Farbar) C:\Users\Dragonfly\Downloads\FRST64 (1).exe
2017-01-24 00:44 - 2017-01-24 00:45 - 02420736 _____ (Farbar) C:\Users\Dragonfly\Downloads\FRST64.exe
2017-01-23 23:22 - 2017-01-23 23:22 - 00000000 ____D C:\Users\Dragonfly\AppData\Local\NVIDIA
2017-01-23 23:17 - 2017-01-23 23:17 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-23 23:17 - 2017-01-23 23:17 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-01-23 23:17 - 2016-05-04 03:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-01-23 23:17 - 2016-05-04 03:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-01-23 23:17 - 2016-05-04 03:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-01-23 23:17 - 2016-05-04 03:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-01-23 22:19 - 2017-01-23 22:19 - 00000000 ____D C:\Users\Dragonfly\AppData\Local\Comms
2017-01-23 22:15 - 2017-01-23 22:15 - 00000000 ____D C:\Users\Dragonfly\AppData\Roaming\LolClient
2017-01-23 22:12 - 2017-01-23 22:12 - 00001585 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-01-23 22:12 - 2017-01-23 22:12 - 00000000 ____D C:\ProgramData\Riot Games
2017-01-23 22:12 - 2017-01-23 22:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2017-01-23 22:12 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2017-01-23 22:12 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2017-01-23 22:12 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2017-01-23 22:12 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2017-01-23 22:12 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2017-01-23 22:09 - 2017-01-23 22:12 - 00000000 ____D C:\Users\Dragonfly\AppData\Roaming\Riot Games
2017-01-23 21:57 - 2017-01-23 21:57 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-23 21:53 - 2017-01-23 22:09 - 31876824 _____ (Riot Games) C:\Users\Dragonfly\Downloads\LeagueofLegends_EUW_Installer_2016_11_10.exe
2017-01-23 21:53 - 2017-01-23 21:53 - 00000000 ____D C:\Users\Dragonfly\AppData\Roaming\Macromedia
2017-01-23 21:48 - 2017-01-23 21:48 - 00002336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-23 21:48 - 2017-01-23 21:48 - 00002324 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-23 21:39 - 2017-01-23 22:58 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-01-23 21:39 - 2017-01-23 22:58 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-01-23 21:39 - 2017-01-23 21:52 - 00992488 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgsnx.sys.148520484293701
2017-01-23 21:39 - 2017-01-23 21:48 - 00000000 ____D C:\Users\Dragonfly\AppData\Local\Google
2017-01-23 21:39 - 2017-01-23 21:48 - 00000000 ____D C:\Program Files (x86)\Google
2017-01-23 21:38 - 2017-01-23 21:38 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2017-01-23 21:38 - 2017-01-23 21:38 - 00000000 ____D C:\Program Files (x86)\USB Camera
2017-01-23 21:36 - 2017-01-23 21:36 - 00000000 ____D C:\Users\Dragonfly\AppData\Local\CEF
2017-01-23 21:35 - 2017-01-24 02:53 - 00000000 ____D C:\ProgramData\Avg
2017-01-23 21:35 - 2017-01-24 02:09 - 00000000 ____D C:\Users\Dragonfly\AppData\Local\AvgSetupLog
2017-01-23 21:35 - 2017-01-23 21:35 - 03449304 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Dragonfly\Downloads\AVG_Protection_Free_1606.exe
2017-01-23 21:35 - 2017-01-23 21:35 - 00000000 ____D C:\Users\Dragonfly\AppData\Local\Avg
2017-01-23 21:33 - 2017-01-23 21:33 - 00000000 ____D C:\Users\Dragonfly\AppData\Local\MicrosoftEdge
2017-01-23 21:31 - 2017-01-23 21:31 - 00015664 _____ C:\Users\Dragonfly\Desktop\Entfernte Anwendungen.html
2017-01-23 21:31 - 2017-01-23 21:31 - 00002366 _____ C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-23 21:31 - 2017-01-23 21:31 - 00000000 ____D C:\Users\Dragonfly\AppData\Local\ActiveSync
2017-01-23 21:31 - 2017-01-23 21:31 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-01-23 21:30 - 2017-01-24 01:40 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-23 21:29 - 2017-01-24 02:03 - 00000000 ____D C:\Users\Dragonfly\AppData\Local\Packages
2017-01-23 21:29 - 2017-01-23 21:29 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2017-01-23 21:29 - 2017-01-23 21:29 - 00000020 ___SH C:\Users\Dragonfly\ntuser.ini
2017-01-23 21:29 - 2017-01-23 21:29 - 00000000 ____D C:\Users\Dragonfly\AppData\Roaming\Adobe
2017-01-23 21:29 - 2017-01-23 21:29 - 00000000 ____D C:\Users\Dragonfly\AppData\Local\VirtualStore
2017-01-23 21:29 - 2017-01-23 21:29 - 00000000 ____D C:\Users\Dragonfly\AppData\Local\TileDataLayer
2017-01-23 21:29 - 2017-01-23 21:29 - 00000000 ____D C:\Users\Dragonfly\AppData\Local\Publishers
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\Default\Vorlagen
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\Default\Startmenü
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\Default User
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Users\All Users
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\ProgramData\Vorlagen
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\ProgramData\Startmenü
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\ProgramData\Favoriten
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\ProgramData\Dokumente
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2017-01-23 21:25 - 2017-01-23 21:25 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2017-01-23 21:23 - 2017-01-24 01:25 - 00000000 ____D C:\Users\Dragonfly
2017-01-23 21:23 - 2017-01-23 21:24 - 00000000 ____D C:\Users\DefaultAppPool
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\Dragonfly\Vorlagen
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\Dragonfly\Startmenü
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\Dragonfly\Netzwerkumgebung
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\Dragonfly\Lokale Einstellungen
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\Dragonfly\Eigene Dateien
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\Dragonfly\Druckumgebung
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\Dragonfly\Documents\Eigene Videos
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\Dragonfly\Documents\Eigene Musik
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\Dragonfly\Documents\Eigene Bilder
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\Dragonfly\AppData\Local\Verlauf
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\Dragonfly\AppData\Local\Anwendungsdaten
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\Dragonfly\Anwendungsdaten
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2017-01-23 21:23 - 2017-01-23 21:23 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2017-01-23 21:17 - 2017-01-23 23:19 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-23 21:17 - 2017-01-23 23:17 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-01-23 21:17 - 2017-01-23 23:17 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-01-23 21:17 - 2017-01-23 21:17 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-01-23 21:17 - 2017-01-23 21:17 - 00000000 ____D C:\Program Files\Common Files\Atheros
2017-01-23 21:17 - 2016-08-01 13:54 - 06386744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-01-23 21:17 - 2016-08-01 13:54 - 02466360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-01-23 21:17 - 2016-08-01 13:54 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-01-23 21:17 - 2016-08-01 13:54 - 01365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2017-01-23 21:17 - 2016-08-01 13:54 - 00547896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-01-23 21:17 - 2016-08-01 13:54 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-01-23 21:17 - 2016-08-01 13:54 - 00139712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2017-01-23 21:17 - 2016-08-01 13:54 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-01-23 21:17 - 2016-08-01 13:54 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-01-23 21:17 - 2016-07-28 14:02 - 07242545 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-01-23 21:17 - 2016-05-03 22:30 - 00081416 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-01-23 21:17 - 2016-05-03 22:30 - 00077832 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-01-23 21:16 - 2017-01-23 21:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-01-23 21:16 - 2017-01-23 21:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2017-01-23 21:16 - 2017-01-23 21:16 - 00000000 ____D C:\ProgramData\USOShared
2017-01-23 21:16 - 2017-01-23 21:16 - 00000000 ____D C:\Program Files\Intel
2017-01-23 21:15 - 2017-01-23 20:52 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-01-23 21:13 - 2017-01-24 01:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-23 21:13 - 2017-01-23 21:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-01-23 21:12 - 2017-01-23 21:21 - 00194272 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-23 21:11 - 2017-01-23 21:26 - 00000000 ___DC C:\WINDOWS\Panther
2017-01-23 21:11 - 2017-01-23 21:11 - 00000000 ____D C:\WINDOWS\InfusedApps
2017-01-23 21:10 - 2017-01-24 05:24 - 00000000 ____D C:\Windows.old
2017-01-23 21:10 - 2017-01-23 21:10 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-01-23 21:08 - 2017-01-23 21:08 - 00000000 ____D C:\Program Files\Synaptics
2017-01-23 21:07 - 2017-01-23 21:07 - 00000000 ____D C:\WINDOWS\Setup
2017-01-23 21:02 - 2017-01-23 21:02 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-01-23 21:02 - 2017-01-23 21:02 - 00000000 ____D C:\WINDOWS\OCR
2017-01-23 21:02 - 2017-01-23 21:02 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-01-23 21:02 - 2017-01-23 21:02 - 00000000 ____D C:\Program Files\MSBuild
2017-01-23 21:02 - 2017-01-23 21:02 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-01-23 21:02 - 2017-01-23 21:02 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-01-23 21:01 - 2017-01-24 01:40 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2017-01-23 21:01 - 2017-01-24 01:40 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2017-01-23 21:01 - 2017-01-23 21:00 - 00305634 _____ C:\WINDOWS\system32\perfi007.dat
2017-01-23 21:01 - 2017-01-23 21:00 - 00040390 _____ C:\WINDOWS\system32\perfd007.dat
2017-01-23 21:00 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-01-23 21:00 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-01-23 21:00 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-01-23 21:00 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-01-23 21:00 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-01-23 21:00 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\SysWOW64\de
2017-01-23 21:00 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2017-01-23 21:00 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\system32\winrm
2017-01-23 21:00 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\system32\WCN
2017-01-23 21:00 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\system32\slmgr
2017-01-23 21:00 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-01-23 21:00 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\system32\de
2017-01-23 21:00 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\system32\0409
2017-01-23 21:00 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\DigitalLocker
2017-01-23 20:57 - 2017-01-23 20:52 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-01-23 20:57 - 2017-01-23 20:52 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-23 20:56 - 2017-01-23 20:53 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2017-01-23 20:56 - 2017-01-23 20:53 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2017-01-23 20:56 - 2017-01-23 20:53 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2017-01-23 20:56 - 2017-01-23 20:53 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2017-01-23 20:56 - 2017-01-23 20:53 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2017-01-23 20:55 - 2017-01-24 03:39 - 00000000 ____D C:\WINDOWS\appcompat
2017-01-23 20:55 - 2017-01-24 02:12 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-23 20:55 - 2017-01-24 02:12 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-23 20:55 - 2017-01-24 01:22 - 00000000 ____D C:\WINDOWS\Registration
2017-01-23 20:55 - 2017-01-23 21:46 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2017-01-23 20:55 - 2017-01-23 21:38 - 00000000 ____D C:\WINDOWS\System
2017-01-23 20:55 - 2017-01-23 21:29 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2017-01-23 20:55 - 2017-01-23 21:29 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-01-23 20:55 - 2017-01-23 21:29 - 00000000 ___RD C:\WINDOWS\MiracastView
2017-01-23 20:55 - 2017-01-23 21:29 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-23 20:55 - 2017-01-23 21:27 - 00000000 ____D C:\WINDOWS\rescache
2017-01-23 20:55 - 2017-01-23 21:25 - 00000000 ____D C:\Program Files\Windows NT
2017-01-23 20:55 - 2017-01-23 21:24 - 00000000 __RHD C:\Users\Public\Libraries
2017-01-23 20:55 - 2017-01-23 21:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-01-23 20:55 - 2017-01-23 21:24 - 00000000 ____D C:\WINDOWS\system32\spool
2017-01-23 20:55 - 2017-01-23 21:24 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2017-01-23 20:55 - 2017-01-23 21:20 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-01-23 20:55 - 2017-01-23 21:17 - 00000000 ____D C:\WINDOWS\Help
2017-01-23 20:55 - 2017-01-23 21:11 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-01-23 20:55 - 2017-01-23 21:06 - 00000000 __RSD C:\WINDOWS\Media
2017-01-23 20:55 - 2017-01-23 21:06 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-01-23 20:55 - 2017-01-23 21:06 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-01-23 20:55 - 2017-01-23 21:06 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-23 20:55 - 2017-01-23 21:06 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-01-23 20:55 - 2017-01-23 21:06 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-23 20:55 - 2017-01-23 21:06 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-01-23 20:55 - 2017-01-23 21:06 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-01-23 20:55 - 2017-01-23 21:06 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-23 20:55 - 2017-01-23 21:06 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-01-23 20:55 - 2017-01-23 21:06 - 00000000 ____D C:\Program Files\Windows Portable Devices
2017-01-23 20:55 - 2017-01-23 21:06 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2017-01-23 20:55 - 2017-01-23 21:06 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2017-01-23 20:55 - 2017-01-23 21:06 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2017-01-23 20:55 - 2017-01-23 21:02 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-01-23 20:55 - 2017-01-23 21:02 - 00000000 ____D C:\WINDOWS\SystemApps
2017-01-23 20:55 - 2017-01-23 21:02 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-01-23 20:55 - 2017-01-23 21:00 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-01-23 20:55 - 2017-01-23 21:00 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-01-23 20:55 - 2017-01-23 21:00 - 00000000 ___SD C:\WINDOWS\system32\dsc
2017-01-23 20:55 - 2017-01-23 21:00 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2017-01-23 20:55 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-01-23 20:55 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-01-23 20:55 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2017-01-23 20:55 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\system32\setup
2017-01-23 20:55 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\system32\migwiz
2017-01-23 20:55 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\system32\Com
2017-01-23 20:55 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-01-23 20:55 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\IME
2017-01-23 20:55 - 2017-01-23 21:00 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-01-23 20:55 - 2017-01-23 21:00 - 00000000 ____D C:\Program Files\Windows Defender
2017-01-23 20:55 - 2017-01-23 21:00 - 00000000 ____D C:\Program Files\Common Files\System
2017-01-23 20:55 - 2017-01-23 21:00 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-01-23 20:55 - 2017-01-23 21:00 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-01-23 20:55 - 2017-01-23 21:00 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-01-23 20:55 - 2017-01-23 20:56 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2017-01-23 20:55 - 2017-01-23 20:56 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-01-23 20:55 - 2017-01-23 20:56 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2017-01-23 20:55 - 2017-01-23 20:56 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2017-01-23 20:55 - 2017-01-23 20:56 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2017-01-23 20:55 - 2017-01-23 20:56 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2017-01-23 20:55 - 2017-01-23 20:56 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2017-01-23 20:55 - 2017-01-23 20:56 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ___SD C:\WINDOWS\system32\Nui
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\Web
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\Vss
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\tracing
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\TAPI
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\SystemResources
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\winevt
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\ras
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\IME
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\icsxml
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\ias
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\downlevel
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\SKB
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\security
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\schemas
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\SchCache
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\Resources
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\PLA
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\Performance
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\ModemLogs
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\L2Schemas
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\InputMethod
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\Globalization
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\Cursors
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\Branding
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\addins
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\ProgramData\USOPrivate
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\ProgramData\Comms
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\Program Files\Common Files\Services
2017-01-23 20:55 - 2017-01-23 20:55 - 00000000 ____D C:\Program Files (x86)\Windows NT
2017-01-23 20:55 - 2017-01-23 20:53 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-01-23 20:55 - 2017-01-23 20:53 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2017-01-23 20:55 - 2017-01-23 20:53 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services
2017-01-23 20:55 - 2017-01-23 20:53 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2017-01-23 20:55 - 2017-01-23 20:53 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2017-01-23 20:55 - 2017-01-23 20:53 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2017-01-23 20:55 - 2017-01-23 20:53 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2017-01-23 20:55 - 2017-01-23 20:53 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2017-01-23 20:55 - 2017-01-23 20:53 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2017-01-23 20:55 - 2017-01-23 20:53 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2017-01-23 20:55 - 2017-01-23 20:53 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2017-01-23 20:55 - 2017-01-23 20:53 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config
2017-01-23 20:55 - 2017-01-23 20:53 - 00000219 _____ C:\WINDOWS\system.ini
2017-01-23 20:55 - 2017-01-23 20:53 - 00000092 _____ C:\WINDOWS\win.ini
2017-01-23 20:54 - 2017-01-24 04:50 - 00000000 ____D C:\WINDOWS\INF
2017-01-23 20:43 - 2017-01-24 04:03 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-23 20:33 - 2017-01-24 01:32 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2017-01-23 20:33 - 2017-01-23 21:16 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2017-01-23 20:33 - 2017-01-23 21:00 - 00000000 ____D C:\WINDOWS\servicing
2017-01-23 20:33 - 2017-01-23 20:55 - 00000000 ____D C:\WINDOWS\system32\SMI
2017-01-23 20:33 - 2015-10-30 07:33 - 00000164 _____ C:\WINDOWS\system32\config\FP
2017-01-22 16:50 - 2017-01-22 16:52 - 00000000 ____D C:\Users\Dragonfly\Desktop\Neuer Ordner (2)
2017-01-20 05:39 - 2017-01-20 05:39 - 00000000 ____D C:\Users\Dragonfly\AppData\Temp
2017-01-20 05:32 - 2017-01-23 20:32 - 00002362 _____ C:\bdlog.txt
2017-01-20 05:30 - 2017-01-20 05:30 - 00000684 ____H C:\bdr-cf01
2017-01-20 05:29 - 2017-01-20 05:30 - 00253404 ____H C:\bdr-ld01
2017-01-20 05:29 - 2017-01-20 05:30 - 00009216 ____H C:\bdr-ld01.mbr
2017-01-20 05:29 - 2016-10-18 11:51 - 49758588 ____H C:\bdr-im01.gz
2017-01-20 05:29 - 2013-08-13 13:38 - 03271472 ____H C:\bdr-bz01
2017-01-20 05:09 - 2017-01-20 05:11 - 11842672 _____ C:\Users\Dragonfly\Desktop\bitdefender_antivirus.exe
2017-01-15 00:00 - 2017-01-23 20:29 - 00000000 ____D C:\Users\Dragonfly\Documents\13 in one Session
2017-01-15 00:00 - 2017-01-15 00:00 - 00000000 ____D C:\Users\Dragonfly\Documents\Sleepless & Destruction
2017-01-15 00:00 - 2017-01-15 00:00 - 00000000 ____D C:\Users\Dragonfly\Documents\Projects3
2017-01-15 00:00 - 2017-01-15 00:00 - 00000000 ____D C:\Users\Dragonfly\Documents\Projects in 2016
2017-01-15 00:00 - 2017-01-15 00:00 - 00000000 ____D C:\Users\Dragonfly\Documents\2016
2017-01-15 00:00 - 2017-01-14 23:59 - 00000068 _____ C:\Users\Dragonfly\Desktop\pmp_usb.ini
2017-01-15 00:00 - 2017-01-14 14:01 - 00000110 ____H C:\Users\Dragonfly\Desktop\.~lock.TOM Bewerbung Krankenpfleger wbg.odt#
2017-01-15 00:00 - 2017-01-14 13:59 - 00017624 _____ C:\Users\Dragonfly\Desktop\TOM Lebenslauf.odt
2017-01-15 00:00 - 2017-01-05 11:32 - 00006869 _____ C:\Users\Dragonfly\Desktop\TOM Bewerbung Krankenpfleger wbg.odt
2017-01-15 00:00 - 2016-10-26 17:46 - 00020499 _____ C:\Users\Dragonfly\Desktop\TOM Bewerbung Krankenpfleger.odt
2017-01-15 00:00 - 2016-10-24 09:05 - 00082789 _____ C:\Users\Dragonfly\Desktop\winamp_metadata.dat
2017-01-15 00:00 - 2016-10-24 09:05 - 00004196 _____ C:\Users\Dragonfly\Desktop\winamp_metadata.idx
2017-01-15 00:00 - 2016-07-17 15:12 - 00185700 _____ C:\Users\Dragonfly\Documents\Daso_Version 2.flp
2017-01-15 00:00 - 2013-06-10 18:59 - 00015014 _____ C:\Users\Dragonfly\Desktop\TOM Bewerbung Lehre Wasserburg.odt
2017-01-15 00:00 - 2013-06-03 20:43 - 00014689 _____ C:\Users\Dragonfly\Desktop\TOM Bewerbung Lehre.odt
2017-01-15 00:00 - 2010-06-15 22:26 - 00102759 _____ C:\Users\Dragonfly\Documents\needspweed2.flp
2017-01-15 00:00 - 2010-06-10 16:09 - 00126729 _____ C:\Users\Dragonfly\Documents\wooly days neuer bass.flp
2017-01-15 00:00 - 2010-05-28 20:52 - 00100757 _____ C:\Users\Dragonfly\Documents\melodie.flp
2017-01-15 00:00 - 2010-02-10 19:58 - 00274250 _____ C:\Users\Dragonfly\Documents\Neustart4.flp
2017-01-14 23:59 - 2017-01-14 23:59 - 00000000 ____D C:\Users\Dragonfly\Documents\Acid Trumpet - becomming shroom
2017-01-14 23:59 - 2017-01-14 23:59 - 00000000 ____D C:\Users\Dragonfly\Desktop\Faithless
2017-01-14 14:09 - 2017-01-14 14:09 - 00018268 _____ C:\Users\Dragonfly\Documents\TOM Bewerbung Krankenpfleger wbg.odt
2016-12-30 23:49 - 2017-01-09 13:26 - 00000000 ____D C:\Users\Dragonfly\Documents\hummel
2016-12-28 14:50 - 2016-12-28 14:51 - 00311294 _____ C:\Users\Dragonfly\Documents\goa drogen4 blue.png
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-24 09:38 - 2016-07-04 21:54 - 00000000 ____D C:\FRST
2017-01-24 09:09 - 2016-11-18 07:18 - 01457312 _____ (Sysinternals - www.sysinternals.com) C:\Users\Dragonfly\Desktop\procexp64.exe
2017-01-24 09:08 - 2016-07-25 18:44 - 00000000 __SHD C:\Users\Dragonfly\IntelGraphicsProfiles
2017-01-24 07:51 - 2016-11-18 07:26 - 02720928 _____ (Sysinternals - www.sysinternals.com) C:\Users\Dragonfly\Desktop\procexp.exe
2017-01-24 07:50 - 2016-11-18 07:10 - 00072154 _____ C:\Users\Dragonfly\Desktop\procexp.chm
2017-01-24 07:50 - 2016-03-03 21:44 - 00007490 _____ C:\Users\Dragonfly\Desktop\Eula.txt
2017-01-24 05:24 - 2016-10-04 11:27 - 00000000 ___HD C:\$SysReset
2017-01-23 21:31 - 2016-07-30 00:38 - 00000000 ___RD C:\Users\Dragonfly\OneDrive
2017-01-23 21:29 - 2016-04-27 06:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-23 21:24 - 2010-11-21 08:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2017-01-23 21:06 - 2016-04-27 06:17 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-23 21:06 - 2016-04-27 06:17 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-01-23 21:06 - 2016-04-27 06:17 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-01-23 20:53 - 2016-04-27 06:17 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-23 20:53 - 2016-04-27 06:17 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-01-23 20:53 - 2016-04-27 06:17 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-01-23 20:53 - 2016-04-27 06:17 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-23 20:53 - 2016-04-27 06:17 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-01-23 20:53 - 2016-04-27 06:17 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2017-01-23 20:53 - 2016-04-27 06:17 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-01-23 20:53 - 2016-04-27 06:17 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2017-01-23 20:53 - 2016-04-27 06:17 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-01-23 20:53 - 2016-04-27 06:17 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-01-23 20:53 - 2015-10-30 08:19 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2017-01-23 20:53 - 2015-10-30 08:19 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-01-23 20:53 - 2015-10-30 08:19 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2017-01-23 20:53 - 2015-10-30 08:19 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2017-01-23 20:53 - 2015-10-30 08:19 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
2017-01-23 20:53 - 2015-10-30 08:18 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-01-23 20:53 - 2015-10-30 08:18 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-01-23 20:53 - 2015-10-30 08:18 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-01-23 20:53 - 2015-10-30 08:18 - 01123328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-01-23 20:53 - 2015-10-30 08:18 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-01-23 20:53 - 2015-10-30 08:18 - 00824832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2017-01-23 20:53 - 2015-10-30 08:18 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comuid.dll
2017-01-23 20:53 - 2015-10-30 08:18 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-01-23 20:53 - 2015-10-30 08:18 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-01-23 20:53 - 2015-10-30 08:18 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2017-01-23 20:53 - 2015-10-30 08:18 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
2017-01-23 20:53 - 2015-10-30 08:18 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-01-23 20:53 - 2015-10-30 08:18 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2017-01-23 20:53 - 2015-10-30 08:18 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoipRT.dll
2017-01-23 20:53 - 2015-10-30 08:18 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2017-01-23 20:53 - 2015-10-30 08:18 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUX.dll
2017-01-23 20:53 - 2015-10-30 08:18 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msobjs.dll
2017-01-23 20:53 - 2015-10-30 08:18 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-01-23 20:53 - 2015-10-30 08:18 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2017-01-23 20:53 - 2015-10-30 08:17 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2017-01-23 20:53 - 2015-10-30 08:17 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2017-01-23 20:53 - 2015-10-30 08:17 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2017-01-23 20:53 - 2015-10-30 08:17 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-01-23 20:52 - 2016-04-27 06:17 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-01-23 20:52 - 2016-04-27 06:17 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-01-23 20:52 - 2016-04-27 06:17 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-01-23 20:52 - 2016-04-27 06:17 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-23 20:52 - 2016-04-27 06:17 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-01-23 20:52 - 2016-04-27 06:17 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-01-23 20:52 - 2016-04-27 06:17 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2017-01-23 20:52 - 2016-04-27 06:17 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2017-01-23 20:52 - 2016-04-27 06:17 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-01-23 20:52 - 2016-04-27 06:17 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2017-01-23 20:52 - 2016-04-27 06:17 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 28851224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 01558528 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartCardSimulator.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 00643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmsdk.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 00495848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmdev.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dxpserver.exe
2017-01-23 20:52 - 2015-10-30 08:19 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2017-01-23 20:52 - 2015-10-30 08:19 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 04405248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 02771968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 02723840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 02519552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 02361856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 02102272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 01987072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 01872896 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 01755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 01187840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 01166848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 01085736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00885248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00835072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00759808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-01-23 20:52 - 2015-10-30 08:18 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2017-01-23 20:52 - 2015-10-30 08:18 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00707600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc_ssp.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-01-23 20:52 - 2015-10-30 08:18 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00442880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-01-23 20:52 - 2015-10-30 08:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00355680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00324448 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-01-23 20:52 - 2015-10-30 08:18 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-01-23 20:52 - 2015-10-30 08:18 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.ps.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-01-23 20:52 - 2015-10-30 08:18 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\spcompat.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-01-23 20:52 - 2015-10-30 08:18 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2017-01-23 20:52 - 2015-10-30 08:18 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IconCodecService.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 03093504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 02573824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 02187408 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 02012672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 01443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 01424384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 01238584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2017-01-23 20:52 - 2015-10-30 08:17 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 01128104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-23 20:52 - 2015-10-30 08:17 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00507904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2017-01-23 20:52 - 2015-10-30 08:17 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2017-01-23 20:52 - 2015-10-30 08:17 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneOm.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2017-01-23 20:52 - 2015-10-30 08:17 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-01-23 20:52 - 2015-10-30 08:17 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2017-01-23 20:52 - 2015-10-30 08:17 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapsvc.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00080640 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2017-01-23 20:52 - 2015-10-30 08:17 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2017-01-23 20:52 - 2015-10-30 08:17 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-01-23 20:52 - 2015-10-30 08:17 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2017-01-23 20:52 - 2015-10-30 08:17 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2017-01-23 20:52 - 2015-10-30 08:17 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-01-23 20:51 - 2016-04-27 06:17 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-01-23 20:51 - 2016-04-27 06:17 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-01-23 20:51 - 2016-04-27 06:17 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-01-23 20:51 - 2016-04-27 06:17 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-01-23 20:51 - 2016-04-27 06:17 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-01-23 20:51 - 2016-04-27 06:17 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-01-23 20:51 - 2016-04-27 06:17 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-01-23 20:51 - 2016-04-27 06:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-01-23 20:51 - 2016-04-27 06:17 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-01-23 20:51 - 2016-04-27 06:17 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-01-23 20:51 - 2016-04-27 06:17 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-01-23 20:51 - 2016-04-27 06:17 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-01-23 20:51 - 2016-04-27 06:17 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-01-23 20:51 - 2016-04-27 06:17 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2017-01-23 20:51 - 2016-04-27 06:17 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-01-23 20:51 - 2016-04-27 06:17 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-01-23 20:51 - 2016-04-27 06:17 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-23 20:51 - 2016-04-27 06:17 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2017-01-23 20:51 - 2016-04-27 06:17 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2017-01-23 20:51 - 2016-04-27 06:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2017-01-23 20:51 - 2016-04-27 06:17 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-01-23 20:51 - 2016-04-27 06:17 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2017-01-23 20:51 - 2016-04-27 06:17 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2017-01-23 20:51 - 2016-04-27 06:17 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2017-01-23 20:51 - 2015-10-30 08:19 - 03415040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2017-01-23 20:51 - 2015-10-30 08:19 - 02331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2017-01-23 20:51 - 2015-10-30 08:19 - 02217984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2017-01-23 20:51 - 2015-10-30 08:19 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2017-01-23 20:51 - 2015-10-30 08:19 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-01-23 20:51 - 2015-10-30 08:19 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2017-01-23 20:51 - 2015-10-30 08:19 - 00520704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceApi.dll
2017-01-23 20:51 - 2015-10-30 08:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-23 20:51 - 2015-10-30 08:19 - 00253080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2017-01-23 20:51 - 2015-10-30 08:19 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2017-01-23 20:51 - 2015-10-30 08:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceClassExtension.dll
2017-01-23 20:51 - 2015-10-30 08:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-01-23 20:51 - 2015-10-30 08:19 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceConnectApi.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 06471168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-23 20:51 - 2015-10-30 08:18 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 04143104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 03577344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 02849792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 02632192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 02195128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 02106368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certmgr.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 01676288 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 01557504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 01552104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 01537024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pla.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 01535024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 01336832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 01240064 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 01228800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 01194496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-01-23 20:51 - 2015-10-30 08:18 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-01-23 20:51 - 2015-10-30 08:18 - 00846080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00726288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00686080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00638304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-01-23 20:51 - 2015-10-30 08:18 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00535088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00503600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00453464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DbgModel.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2017-01-23 20:51 - 2015-10-30 08:18 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00360960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-01-23 20:51 - 2015-10-30 08:18 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00322560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysdm.cpl
2017-01-23 20:51 - 2015-10-30 08:18 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WmpDui.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-01-23 20:51 - 2015-10-30 08:18 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2017-01-23 20:51 - 2015-10-30 08:18 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2017-01-23 20:51 - 2015-10-30 08:18 - 00256192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Maps.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2017-01-23 20:51 - 2015-10-30 08:18 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-01-23 20:51 - 2015-10-30 08:18 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10_1.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usbceip.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-01-23 20:51 - 2015-10-30 08:18 - 00116216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00097088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00064584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msobjs.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2017-01-23 20:51 - 2015-10-30 08:18 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2017-01-23 20:51 - 2015-10-30 08:18 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 06536248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-01-23 20:51 - 2015-10-30 08:17 - 03350528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 03079168 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 02745856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 02476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 02103296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 01965568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2017-01-23 20:51 - 2015-10-30 08:17 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 01603224 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 01568768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe
2017-01-23 20:51 - 2015-10-30 08:17 - 01540216 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 01447784 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 01338368 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 01337184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-01-23 20:51 - 2015-10-30 08:17 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppinst.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00742200 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-23 20:51 - 2015-10-30 08:17 - 00528736 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2017-01-23 20:51 - 2015-10-30 08:17 - 00360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-01-23 20:51 - 2015-10-30 08:17 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-01-23 20:51 - 2015-10-30 08:17 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcbase.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2017-01-23 20:51 - 2015-10-30 08:17 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2017-01-23 20:51 - 2015-10-30 08:17 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00259840 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-01-23 20:51 - 2015-10-30 08:17 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2017-01-23 20:51 - 2015-10-30 08:17 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-01-23 20:51 - 2015-10-30 08:17 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-01-23 20:51 - 2015-10-30 08:17 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2017-01-23 20:51 - 2015-10-30 08:17 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcshext.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-01-23 20:51 - 2015-10-30 08:17 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoipRT.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvc.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00087904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2017-01-23 20:51 - 2015-10-30 08:17 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2017-01-23 20:51 - 2015-10-30 08:17 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2017-01-23 20:51 - 2015-10-30 08:17 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2017-01-23 20:51 - 2015-10-30 08:17 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-01-23 20:51 - 2015-10-30 08:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-01-23 20:50 - 2016-04-27 06:17 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-23 20:50 - 2016-04-27 06:17 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
|
|
24.01.2017, 09:53
| #10 |
| | rootkit? virus? festplatte zu 100% ausgelastet. hilfe mit frst. ereignis id: 1014, 7031, 10010, 5973, 69, 1000, 10016, 7006,......Code:
ATTFilter 2017-01-23 20:50 - 2016-04-27 06:17 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-01-23 20:50 - 2016-04-27 06:17 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2017-01-23 20:50 - 2016-04-27 06:17 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-01-23 20:50 - 2016-04-27 06:17 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-01-23 20:50 - 2016-04-27 06:17 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-01-23 20:50 - 2016-04-27 06:17 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-01-23 20:50 - 2016-04-27 06:17 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2017-01-23 20:50 - 2016-04-27 06:17 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-01-23 20:50 - 2016-04-27 06:17 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-01-23 20:50 - 2016-04-27 06:17 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2017-01-23 20:50 - 2016-04-27 06:17 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2017-01-23 20:50 - 2015-10-30 08:19 - 03573248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-01-23 20:50 - 2015-10-30 08:19 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-01-23 20:50 - 2015-10-30 08:19 - 03459584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-01-23 20:50 - 2015-10-30 08:19 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2017-01-23 20:50 - 2015-10-30 08:19 - 01570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-01-23 20:50 - 2015-10-30 08:19 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2017-01-23 20:50 - 2015-10-30 08:19 - 00992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-01-23 20:50 - 2015-10-30 08:19 - 00918016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2017-01-23 20:50 - 2015-10-30 08:19 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-23 20:50 - 2015-10-30 08:19 - 00610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmsdk.dll
2017-01-23 20:50 - 2015-10-30 08:19 - 00588320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmdev.dll
2017-01-23 20:50 - 2015-10-30 08:19 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-01-23 20:50 - 2015-10-30 08:19 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2017-01-23 20:50 - 2015-10-30 08:19 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-01-23 20:50 - 2015-10-30 08:19 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2017-01-23 20:50 - 2015-10-30 08:19 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-01-23 20:50 - 2015-10-30 08:19 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2017-01-23 20:50 - 2015-10-30 08:19 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 03065344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-01-23 20:50 - 2015-10-30 08:18 - 03046400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 02563584 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-01-23 20:50 - 2015-10-30 08:18 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 01865584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 01537024 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 01466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 01276928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 01162144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00952320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-01-23 20:50 - 2015-10-30 08:18 - 00716640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-01-23 20:50 - 2015-10-30 08:18 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmIndexer.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00620176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00512816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnfldr.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\filemgmt.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2017-01-23 20:50 - 2015-10-30 08:18 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2017-01-23 20:50 - 2015-10-30 08:18 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00388896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authfwcfg.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\syncutil.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00268040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-01-23 20:50 - 2015-10-30 08:18 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2017-01-23 20:50 - 2015-10-30 08:18 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00175120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2017-01-23 20:50 - 2015-10-30 08:18 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00129888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-01-23 20:50 - 2015-10-30 08:18 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00107408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FingerprintEnrollment.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevDispItemProvider.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SCardDlg.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00064072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00057912 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-01-23 20:50 - 2015-10-30 08:18 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwcfg.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-01-23 20:50 - 2015-10-30 08:18 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CheckNetIsolation.exe
2017-01-23 20:50 - 2015-10-30 08:18 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 02874880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 02445312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 01465344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-01-23 20:50 - 2015-10-30 08:17 - 01434112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 01098640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 01037824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00904704 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipsecsnp.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00775344 _____ C:\WINDOWS\SysWOW64\locale.nls
2017-01-23 20:50 - 2015-10-30 08:17 - 00757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc_ssp.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-01-23 20:50 - 2015-10-30 08:17 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-01-23 20:50 - 2015-10-30 08:17 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-01-23 20:50 - 2015-10-30 08:17 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-01-23 20:50 - 2015-10-30 08:17 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00422752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-01-23 20:50 - 2015-10-30 08:17 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2017-01-23 20:50 - 2015-10-30 08:17 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00290856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-01-23 20:50 - 2015-10-30 08:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-01-23 20:50 - 2015-10-30 08:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2017-01-23 20:50 - 2015-10-30 08:17 - 00124248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2017-01-23 20:50 - 2015-10-30 08:17 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2017-01-23 20:50 - 2015-10-30 08:17 - 00100752 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2017-01-23 20:50 - 2015-10-30 08:17 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-01-23 20:50 - 2015-10-30 08:17 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-01-23 20:49 - 2016-04-27 06:17 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-01-23 20:49 - 2016-04-27 06:17 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-01-23 20:49 - 2016-04-27 06:17 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-01-23 20:49 - 2016-04-27 06:17 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-01-23 20:49 - 2016-04-27 06:17 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-01-23 20:49 - 2016-04-27 06:17 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-23 20:49 - 2016-04-27 06:17 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-23 20:49 - 2016-04-27 06:17 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2017-01-23 20:49 - 2016-04-27 06:17 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-01-23 20:49 - 2016-04-27 06:17 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-01-23 20:49 - 2016-04-27 06:17 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-01-23 20:49 - 2016-04-27 06:17 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2017-01-23 20:49 - 2015-10-30 08:19 - 28083144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 09375232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2017-01-23 20:49 - 2015-10-30 08:19 - 04170240 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 02578432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 01976832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 01140224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceApi.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 00546816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-01-23 20:49 - 2015-10-30 08:19 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 00388896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 00305296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceConnectApi.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2017-01-23 20:49 - 2015-10-30 08:19 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 06675968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-23 20:49 - 2015-10-30 08:18 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 04170752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 03053568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 02902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 02679808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 02641928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2017-01-23 20:49 - 2015-10-30 08:18 - 02548432 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 02055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 01582592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 01508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 01487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 01297408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-01-23 20:49 - 2015-10-30 08:18 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 01159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2017-01-23 20:49 - 2015-10-30 08:18 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00836208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2017-01-23 20:49 - 2015-10-30 08:18 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00753664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00706048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00686984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00486400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2017-01-23 20:49 - 2015-10-30 08:18 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00430816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2017-01-23 20:49 - 2015-10-30 08:18 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wbemcomn.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certreq.exe
2017-01-23 20:49 - 2015-10-30 08:18 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00328520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysdm.cpl
2017-01-23 20:49 - 2015-10-30 08:18 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00273752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00252064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2017-01-23 20:49 - 2015-10-30 08:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2017-01-23 20:49 - 2015-10-30 08:18 - 00183896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00129368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-01-23 20:49 - 2015-10-30 08:18 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00069224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-01-23 20:49 - 2015-10-30 08:18 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Cortana.ProxyStub.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2017-01-23 20:49 - 2015-10-30 08:18 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2017-01-23 20:49 - 2015-10-30 08:18 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IconCodecService.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 04212736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 02881536 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 01951848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 01847520 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 01783808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 01743872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 01567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 01526784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 01487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\pla.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 01479168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 01318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00958464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00871776 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00707424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-23 20:49 - 2015-10-30 08:17 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2017-01-23 20:49 - 2015-10-30 08:17 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxApplicabilityEngine.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00454496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2017-01-23 20:49 - 2015-10-30 08:17 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00439128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-01-23 20:49 - 2015-10-30 08:17 - 00414559 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-01-23 20:49 - 2015-10-30 08:17 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-01-23 20:49 - 2015-10-30 08:17 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00337328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00254816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2017-01-23 20:49 - 2015-10-30 08:17 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2017-01-23 20:49 - 2015-10-30 08:17 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00216408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-01-23 20:49 - 2015-10-30 08:17 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00110552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevDispItemProvider.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-01-23 20:49 - 2015-10-30 08:17 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2017-01-23 20:49 - 2015-10-30 08:17 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2017-01-23 20:49 - 2015-10-30 08:17 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2017-01-23 20:49 - 2015-10-30 08:17 - 00030048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2017-01-23 20:49 - 2015-10-30 08:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\genericusbfn.sys
2017-01-23 20:49 - 2015-10-30 08:17 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-01-23 20:48 - 2016-04-27 06:17 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-01-23 20:48 - 2016-04-27 06:17 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-23 20:48 - 2016-04-27 06:17 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-01-23 20:48 - 2016-04-27 06:17 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-01-23 20:48 - 2016-04-27 06:17 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2017-01-23 20:48 - 2016-04-27 06:17 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-01-23 20:48 - 2015-10-30 08:19 - 09375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2017-01-23 20:48 - 2015-10-30 08:19 - 04646400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-01-23 20:48 - 2015-10-30 08:19 - 03549184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2017-01-23 20:48 - 2015-10-30 08:19 - 03301376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2017-01-23 20:48 - 2015-10-30 08:19 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-01-23 20:48 - 2015-10-30 08:19 - 01211392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-01-23 20:48 - 2015-10-30 08:19 - 01186816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2017-01-23 20:48 - 2015-10-30 08:19 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-01-23 20:48 - 2015-10-30 08:19 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-01-23 20:48 - 2015-10-30 08:19 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-01-23 20:48 - 2015-10-30 08:19 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-01-23 20:48 - 2015-10-30 08:19 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-23 20:48 - 2015-10-30 08:19 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-01-23 20:48 - 2015-10-30 08:19 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2017-01-23 20:48 - 2015-10-30 08:19 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 04268360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 03294208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-01-23 20:48 - 2015-10-30 08:18 - 02527232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 02285568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 02177024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 02144512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 01915392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2017-01-23 20:48 - 2015-10-30 08:18 - 01554152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 01355344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 01349128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 01083136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2017-01-23 20:48 - 2015-10-30 08:18 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-01-23 20:48 - 2015-10-30 08:18 - 00854016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00730352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00589856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00564736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00507904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnfldr.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-23 20:48 - 2015-10-30 08:18 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00385376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-01-23 20:48 - 2015-10-30 08:18 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00306840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00300032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcbase.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneOm.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3ui.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2017-01-23 20:48 - 2015-10-30 08:18 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2017-01-23 20:48 - 2015-10-30 08:18 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2017-01-23 20:48 - 2015-10-30 08:18 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcshext.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsmprovhost.exe
2017-01-23 20:48 - 2015-10-30 08:18 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-01-23 20:48 - 2015-10-30 08:18 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2017-01-23 20:48 - 2015-10-30 08:18 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 04456448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 01671168 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 01051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagCpl.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 01040792 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00994816 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-01-23 20:48 - 2015-10-30 08:17 - 00904704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00775344 _____ C:\WINDOWS\system32\locale.nls
2017-01-23 20:48 - 2015-10-30 08:17 - 00764976 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00705584 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-01-23 20:48 - 2015-10-30 08:17 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\filemgmt.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\authfwcfg.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbemcomn.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00458240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroleui.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00414232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00341944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00330080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-23 20:48 - 2015-10-30 08:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-01-23 20:48 - 2015-10-30 08:17 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidpolicyconverter.exe
2017-01-23 20:48 - 2015-10-30 08:17 - 00159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00106928 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2017-01-23 20:48 - 2015-10-30 08:17 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00075448 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwcfg.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2017-01-23 20:48 - 2015-10-30 08:17 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2017-01-23 20:48 - 2015-10-30 08:17 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys
2017-01-23 20:48 - 2015-10-30 08:17 - 00033472 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-01-23 20:48 - 2015-10-30 08:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CheckNetIsolation.exe
2017-01-23 20:48 - 2015-10-30 08:17 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2017-01-23 20:48 - 2015-10-30 08:17 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MTConfig.sys
2017-01-23 20:47 - 2016-04-27 06:17 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-01-23 20:47 - 2016-04-27 06:17 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-01-23 20:47 - 2015-10-30 08:19 - 02731008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-01-23 20:47 - 2015-10-30 08:18 - 03679232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-01-23 20:47 - 2015-10-30 08:18 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-01-23 20:29 - 2016-08-09 18:42 - 00000000 ____D C:\Users\Dragonfly\Documents\Projects
2017-01-23 20:29 - 2016-07-30 23:04 - 00000000 ___RD C:\Users\Dragonfly\Desktop\-
2017-01-23 19:36 - 2016-11-18 17:23 - 00000000 ____D C:\Users\Dragonfly\AppData\LocalLow\Mozilla
2017-01-17 15:54 - 2016-10-07 14:14 - 00000000 ____D C:\Users\Dragonfly\dwhelper
2017-01-02 14:10 - 2016-07-14 15:21 - 10328598 _____ (Nullsoft, Inc.) C:\Users\Dragonfly\Downloads\winamp5666_full_en-us_redux.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-01-24 01:16 - 2017-01-24 06:28 - 0007616 _____ () C:\Users\Dragonfly\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-01-23 21:42
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 22-01-2017
durchgeführt von Dragonfly (24-01-2017 09:39:54)
Gestartet von C:\Users\Dragonfly\Desktop
Windows 10 Home Version 1511 (X64) (2017-01-23 20:26:00)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-614321186-1851163967-905647231-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-614321186-1851163967-905647231-503 - Limited - Disabled)
Dragonfly (S-1-5-21-614321186-1851163967-905647231-1000 - Administrator - Enabled) => C:\Users\Dragonfly
Gast (S-1-5-21-614321186-1851163967-905647231-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Emsisoft Anti-Malware (Enabled - Up to date) {701CB209-EBBC-AADC-11E6-DE73E7AF4C9D}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {CB7D53ED-CD86-A552-2B56-E5019C280620}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 12.2 - Emsisoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.123 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
NVIDIA Grafiktreiber 369.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 369.09 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-614321186-1851163967-905647231-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {50EB80B4-0793-4AD7-880B-13CF2D3CE57A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-23] (Google Inc.)
Task: {FC35B7C5-F263-4BA7-B430-A22F1D73449E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-23] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 ____N () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-01-23 21:17 - 2016-08-01 13:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-27 06:17 - 2017-01-23 20:53 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-01-24 01:54 - 2017-01-24 01:55 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-04-27 06:17 - 2017-01-23 20:53 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-27 06:17 - 2016-04-27 06:17 - 00093696 ____N () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-27 06:17 - 2017-01-23 20:49 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-27 06:17 - 2017-01-23 20:52 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-27 06:17 - 2017-01-23 20:52 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-27 06:17 - 2017-01-23 20:52 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-27 06:17 - 2017-01-23 20:52 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-01-24 01:54 - 2017-01-24 01:55 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2017-01-24 01:54 - 2017-01-24 01:55 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2017-01-23 20:55 - 2017-01-23 20:53 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-614321186-1851163967-905647231-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dragonfly\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper -> $(runtime.windows)\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "331BigDog"
HKU\S-1-5-21-614321186-1851163967-905647231-1000\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{5F2A0CDB-43ED-4F23-87D2-5FCC23AB5538}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{BF250A34-5A24-49D6-8698-DF9993664B60}C:\windows\system32\mmc.exe] => C:\windows\system32\mmc.exe
FirewallRules: [UDP Query User{978339B8-8D4A-4EF1-BE90-837538EA8ADE}C:\windows\system32\mmc.exe] => C:\windows\system32\mmc.exe
==================== Wiederherstellungspunkte =========================
23-01-2017 22:09:56 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Lenovo EasyCamera
Description: Lenovo EasyCamera
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Chicony
Service: vm331avs
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft Device Association Root Enumerator
Description: Generisches Softwaregerät
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Qualcomm Atheros AR3012 Bluetooth 4.0
Description: Qualcomm Atheros AR3012 Bluetooth 4.0
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft GS Wavetable Synthesizer
Description: Generisches Softwaregerät
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/24/2017 09:08:57 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dragonfly-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/24/2017 09:08:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SearchUI.exe, Version: 10.0.10586.63, Zeitstempel: 0x568b1fdc
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.10586.71, Zeitstempel: 0x5699d8e0
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000006fce8b
ID des fehlerhaften Prozesses: 0xdac
Startzeit der fehlerhaften Anwendung: 0x01d276191700dba4
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: beee5f28-69a6-4673-94dd-567d6955e075
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CortanaUI
Error: (01/24/2017 05:34:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.10586.20, Zeitstempel: 0x56540c35
Name des fehlerhaften Moduls: edgehtml.dll, Version: 11.0.10586.162, Zeitstempel: 0x56cd3d95
Ausnahmecode: 0xc0000602
Fehleroffset: 0x00000000004a5851
ID des fehlerhaften Prozesses: 0x15ec
Startzeit der fehlerhaften Anwendung: 0x01d275faf8b28cf1
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\edgehtml.dll
Berichtskennung: 01245a2d-b6cb-4750-95f2-1b5fe855ca3f
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge
Error: (01/24/2017 05:33:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.10586.20, Zeitstempel: 0x56540c35
Name des fehlerhaften Moduls: edgehtml.dll, Version: 11.0.10586.162, Zeitstempel: 0x56cd3d95
Ausnahmecode: 0xc0000602
Fehleroffset: 0x00000000004a5851
ID des fehlerhaften Prozesses: 0xcd4
Startzeit der fehlerhaften Anwendung: 0x01d275fac07488be
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\edgehtml.dll
Berichtskennung: 569b9f98-4557-4687-b457-000e87aeeacc
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge
Error: (01/24/2017 05:31:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.10586.20, Zeitstempel: 0x56540c35
Name des fehlerhaften Moduls: edgehtml.dll, Version: 11.0.10586.162, Zeitstempel: 0x56cd3d95
Ausnahmecode: 0xc0000602
Fehleroffset: 0x00000000004a5851
ID des fehlerhaften Prozesses: 0x15d8
Startzeit der fehlerhaften Anwendung: 0x01d275fa7ec9c3bc
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\edgehtml.dll
Berichtskennung: 72017a3c-39b0-48d7-aa89-9c44bbad21d6
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge
Error: (01/24/2017 01:56:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dragonfly-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/24/2017 01:23:56 AM) (Source: MSDTC Client 2) (EventID: 4361) (User: )
Description: Fehler des Cluster-API-Aufrufs mit dem Fehlercode: 0x800706D9. Cluster-API-Funktion: OpenCluster, Argumente: lpszClusterName: (null)
Error: (01/23/2017 11:43:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dragonfly-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/23/2017 11:25:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SystemSettings.exe, Version: 10.0.10586.11, Zeitstempel: 0x56457cb1
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.10586.71, Zeitstempel: 0x5699d8e0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000023c018
ID des fehlerhaften Prozesses: 0x1a54
Startzeit der fehlerhaften Anwendung: 0x01d275c768039362
Pfad der fehlerhaften Anwendung: C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: 2b4653e2-a5e0-4b02-a640-7d38792bce4c
Vollständiger Name des fehlerhaften Pakets: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoft.windows.immersivecontrolpanel
Error: (01/23/2017 10:39:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dragonfly-PC)
Description: Bei der Aktivierung der App „Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App“ ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (01/24/2017 08:10:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_487cb" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/24/2017 08:10:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _487cb" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/24/2017 08:10:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_487cb" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/24/2017 08:10:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_487cb" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/24/2017 01:56:28 AM) (Source: DCOM) (EventID: 10001) (User: Dragonfly-PC)
Description: Ein DCOM-Server konnte nicht gestartet werden: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca als Nicht verfügbar/Nicht verfügbar. Fehler:
"15616"
Aufgetreten beim Start dieses Befehls:
"C:\Program Files\WindowsApps\Microsoft.Messaging_1.10.22012.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
Error: (01/24/2017 01:30:45 AM) (Source: DCOM) (EventID: 10029) (User: NT-AUTORITÄT)
Description: Das Zeitlimit für die Aktivierung der CLSID "{752073A1-23F2-4396-85F0-8FDB879ED0ED}" wurde überschritten, während auf das Beenden von Dienst "TrustedInstaller" gewartet wurde.
Error: (01/24/2017 01:25:54 AM) (Source: DCOM) (EventID: 10010) (User: Dragonfly-PC)
Description: Der Server "{0002DF02-0000-0000-C000-000000000046}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/24/2017 01:25:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_3dca0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/24/2017 01:25:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _3dca0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/24/2017 01:25:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_3dca0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2017-01-24 01:56:04.124
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.
Date: 2017-01-24 01:56:04.116
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.
Date: 2017-01-24 01:56:04.109
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.
Date: 2017-01-23 22:13:12.937
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-23 21:21:04.596
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
Date: 2017-01-23 21:21:04.591
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe because the set of per-page image hashes could not be found on the system.
Date: 2017-01-23 21:15:36.505
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 8053.6 MB
Verfügbarer physikalischer RAM: 6032.96 MB
Summe virtueller Speicher: 9973.6 MB
Verfügbarer virtueller Speicher: 7916.26 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.91 GB) (Free:862.76 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9BCA118F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=511 MB) - (Type=27)
==================== Ende von Addition.txt ============================
|
Linear-Darstellung
