Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Google wird zu Yahoo geleitet und Result Hub Ads

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 11.09.2015, 16:41   #1
lephex
 
Google wird zu Yahoo geleitet und Result Hub Ads - Standard

Google wird zu Yahoo geleitet und Result Hub Ads



Hi!

Ich hoffe Ihr könnt mir helfen, ich hab ein Problem mit Results Hub Ads und der Yahoo Suche. In meinen Erweiterungen ist kein Yahoo drin, wenn ich google öffne udn auf die Suche klicke werde ich zu Yahoo umgeleitet. Das wird auf Dauer lästig und ich bin mit meinem Latein am Ende, ich hoffe ihr könnt helfen.

Wenn ich FRST Scan ausführe kommt nach ein paar Sekunden eine Fehlermeldung : Error: Subscript used on non-accessible variable. GMER bricht ebenfalls mit Fehlermeldung ab ((

lg

Alt 11.09.2015, 16:45   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Google wird zu Yahoo geleitet und Result Hub Ads - Standard

Google wird zu Yahoo geleitet und Result Hub Ads



hi,

FRST löschen und neu laden, AV Programm komplett abschalten.
__________________

__________________

Alt 11.09.2015, 20:22   #3
lephex
 
Google wird zu Yahoo geleitet und Result Hub Ads - Standard

Google wird zu Yahoo geleitet und Result Hub Ads



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-09-2015 01
Ran by felix (2015-09-11 20:13:59)
Running from C:\Users\felix\Desktop
Windows 10 Pro Insider Preview (X64) (2015-09-05 19:26:25)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3600270544-3147449856-236785905-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3600270544-3147449856-236785905-503 - Limited - Disabled)
felix (S-1-5-21-3600270544-3147449856-236785905-1001 - Administrator - Enabled) => C:\Users\felix
Guest (S-1-5-21-3600270544-3147449856-236785905-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3600270544-3147449856-236785905-1003 - Limited - Enabled)
penguin (S-1-5-21-3600270544-3147449856-236785905-1005 - Administrator - Enabled) => C:\Users\penguin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3600270544-3147449856-236785905-1001\...\uTorrent) (Version: 3.4.5.41073 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
AMD OverDrive (HKLM-x32\...\{34D5220A-58D0-473C-90E4-15136C3FB0E3}) (Version: 4.3.1.0690 - Advanced Micro Devices, Inc.)
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version:  - Ubisoft)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Autodesk 123D Catch (HKLM-x32\...\{413A0A2B-D154-4457-833F-3299DB3183FF}) (Version: 1.0.654 - Autodesk)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{79809712-A577-4B8C-A9FC-51945690C7DC}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Boot2Docker for Windows version 1.7.0 (HKLM\...\{05BD04E9-4AB5-46AC-891E-60EA8FD57D56}_is1) (Version: 1.7.0 - Docker Inc)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_06_F4500_SW_MIN (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
F4500 (x32 Version: 140.0.851.000 - Hewlett-Packard) Hidden
File Repair (HKLM-x32\...\File Repair_is1) (Version:  - File Repair)
Git version 1.9.5-preview20150319 (HKLM-x32\...\Git_is1) (Version: 1.9.5-preview20150319 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HD Tune Pro 5.50 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{FD126052-310E-4364-937B-6B5564F24578}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
Legoaizer v1.5 (HKLM-x32\...\Legoaizer_is1) (Version: 1.5 - APP Helmond)
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version:  - Line 6)
Mad Max version 1.0 (HKLM-x32\...\{0EA0C5B4-A21F-4AA8-A66C-C2C8730534D1}_is1) (Version: 1.0 - Rldgames)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mortal Kombat X (HKLM-x32\...\TW9ydGFsS29tYmF0WA==_is1) (Version: 1 - )
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
NetBeans IDE 8.1 Beta (HKLM\...\nbi-nb-base-8.1.0.0.201508041349) (Version: 8.1 Beta - NetBeans.org)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation)
NVIDIA CUDA Samples 7.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDASamples_7.0) (Version: 7.0 - NVIDIA Corporation)
NVIDIA CUDA Toolkit 7.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDAToolkit_7.0) (Version: 7.0 - NVIDIA Corporation)
NVIDIA CUDA Visual Studio Integration 7.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDAVisualStudioIntegration_7.0) (Version: 7.0 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.13.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.13.6 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Nsight Visual Studio Edition 4.5.0.15036 (HKLM\...\{DA371382-CABC-44B3-9BB4-14B5081B6446}) (Version: 4.5.0.15036 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Tools Extension SDK (NVTX) - 64 bit (HKLM\...\{4D983759-07FC-4571-BB59-58C9BBADECC5}) (Version: 1.00.00.00 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
OpenSSH for Windows (remove only) (HKLM-x32\...\OpenSSH) (Version:  - Michael Johnson)
Oracle VM VirtualBox 4.3.28 (HKLM\...\{E8BB81BC-E67C-4750-84EE-128DA5A7ADA5}) (Version: 4.3.28 - Oracle Corporation)
PixRecovery 3.0.21083.2 Demo License (HKLM-x32\...\{D9AA12EF-3315-435A-A3E4-CD734D6D0A0B}) (Version: 3.0.21083.2 - Recoveronix)
psynetic® Gif-X 3.00 (HKLM-x32\...\psynetic® Gif-X) (Version: 3.00 - Robert Mundt)
Python 2.7.10 (Anaconda 2.3.0 64-bit) (HKU\S-1-5-21-3600270544-3147449856-236785905-1001\...\Python 2.7.10 (Anaconda 2.3.0 64-bit)) (Version: 2.3.0 - Continuum Analytics, Inc.)
RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.5 - AMD)
RAIDXpert (x32 Version: 3.2.1540.5 - AMD) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.13.6 - NVIDIA Corporation) Hidden
SketchUp 2015 (HKLM\...\{A83795B9-570F-40FF-ACB4-710B568EBA22}) (Version: 15.3.331 - Trimble Navigation Limited)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-3600270544-3147449856-236785905-1001\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.0.0 - GOG.com)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
Vagrant (HKLM-x32\...\{40ADEFDD-ABAC-4AAE-A868-387F666C0B17}) (Version: 1.7.2 - HashiCorp)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.8.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3600270544-3147449856-236785905-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3600270544-3147449856-236785905-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\felix\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3600270544-3147449856-236785905-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\felix\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3600270544-3147449856-236785905-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\felix\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3600270544-3147449856-236785905-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\felix\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3600270544-3147449856-236785905-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\felix\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3600270544-3147449856-236785905-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\felix\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3600270544-3147449856-236785905-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\felix\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3600270544-3147449856-236785905-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-3600270544-3147449856-236785905-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\felix\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3600270544-3147449856-236785905-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\felix\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3600270544-3147449856-236785905-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\felix\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0EB24C6C-7B72-4D39-84AD-42DFBF28372D} - System32\Tasks\Microsoft\Windows\AppReadiness\TriggerTask
Task: {10BB2EE2-5C81-4033-9389-B17835BA0537} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-08-23] (Microsoft Corporation)
Task: {149C1713-57E9-4414-AC58-710C1351AC39} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-08-23] (Microsoft Corporation)
Task: {16208544-47D9-4483-B959-AE7CCE97D82D} - \Microsoft\Windows\Setup\GWXTriggers\Logon -> No File <==== ATTENTION
Task: {1D5371B3-F3CF-4683-B197-BAC151C615DA} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent
Task: {22C94E43-2C59-4A8C-9CAD-7FE692CFB25B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\ausessionconnect => C:\Windows\System32\sihclient.exe [2015-08-23] (Microsoft Corporation)
Task: {23E8D3FA-C7C7-4F50-93DF-4668B044CBC1} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-05-25] ()
Task: {297A1D22-3AA7-4F93-B779-461DE515B551} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-29] (Microsoft Corporation)
Task: {2E44B94C-1B2A-467D-A649-0608BA06B734} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-08-23] (Microsoft Corporation)
Task: {339B6D68-1BEC-49B2-AA7C-BCBAD7B679E3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-19] (Google Inc.)
Task: {373A4142-F09E-4F5B-858F-93DB9E4909D5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {382A29EF-5A9E-4EDB-80B9-4929DCC57D13} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {39237538-E247-4C12-8172-8AC7B0450165} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {4537D848-0AB6-4E4D-92F2-A85FF507B8AB} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-08-23] (Microsoft Corporation)
Task: {4664D7E2-95BE-4D09-9E74-C7732B4D47E0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle -> No File <==== ATTENTION
Task: {4CCF0449-1E21-479D-8EB0-24FBF3D2F62D} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {51C8EE5D-5EF8-4C79-8DC4-9F70B8E8CD21} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {55D7E0D8-8915-40BB-BA73-A97BCCAD21F7} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-23] (Microsoft Corporation)
Task: {5ED05CEC-4167-4A53-8836-A3EBA591ED20} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-12-12] ()
Task: {602AD81C-364C-4EEB-AF5F-D0270290F3A4} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-08-23] (Microsoft Corporation)
Task: {63E13754-9C1C-45B0-BBF5-BA899B799BF7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6AC985C2-1259-4721-9CF9-7836FEB63C68} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-08-23] (Microsoft Corporation)
Task: {82B68E5D-FE3D-468C-868E-C10A19D8DE0F} - \SpeechRuntimeTask -> No File <==== ATTENTION
Task: {8C928627-E2FF-4651-AD41-02766B389C72} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {D0657F9E-1846-415F-9386-CB474D816148} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-08-23] (Microsoft Corporation)
Task: {E4948109-EEE8-48B2-945F-449FF63FC5CB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-19] (Google Inc.)
Task: {E6197990-C5EB-4CB4-9B61-F090647320B7} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-08-23 06:54 - 2015-08-23 06:54 - 02574840 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-23 06:54 - 2015-08-23 06:54 - 02574840 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-07 13:04 - 2015-03-19 23:33 - 00736962 _____ () C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll
2015-08-23 06:52 - 2015-08-23 06:52 - 00431104 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-23 06:52 - 2015-08-23 06:52 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 06369792 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00551424 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 02482688 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-09-03 21:35 - 2015-09-03 21:35 - 00007168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.827.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-09-03 21:35 - 2015-09-03 21:35 - 11606528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.827.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-08-23 08:48 - 2015-08-23 08:48 - 07897088 _____ () C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.0_1.0.22929.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
2015-09-04 00:30 - 2015-08-28 02:17 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-04 00:30 - 2015-08-28 02:17 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll
2015-09-04 00:30 - 2015-08-28 02:17 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\160754be85af964965a09c6e64a1b4:Win32App
AlternateDataStreams: C:\3f024bb582e8df25d26e2f65ba9805ae:Win32App
AlternateDataStreams: C:\46e152a2173a9d947650152efbe932:Win32App
AlternateDataStreams: C:\9aa07cab936acdbcd6a360:Win32App
AlternateDataStreams: C:\Program Files\Adobe:Win32App
AlternateDataStreams: C:\Program Files\Boot2Docker for Windows:Win32App
AlternateDataStreams: C:\Program Files\KMSpico:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Xbox 360 Accessories:Win32App
AlternateDataStreams: C:\Program Files (x86)\Audacity:Win32App
AlternateDataStreams: C:\Program Files (x86)\Battle.net:Win32App
AlternateDataStreams: C:\Program Files (x86)\BlueStacks:Win32App
AlternateDataStreams: C:\Program Files (x86)\Git:Win32App
AlternateDataStreams: C:\Program Files (x86)\HD Tune Pro:Win32App
AlternateDataStreams: C:\Program Files (x86)\HP:Win32App
AlternateDataStreams: C:\Program Files (x86)\OpenOffice.org 3:Win32App
AlternateDataStreams: C:\ProgramData\BlueStacks:Win32App
AlternateDataStreams: C:\ProgramData\HP:Win32App
AlternateDataStreams: C:\ProgramData\HP Product Assistant:Win32App
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3600270544-3147449856-236785905-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\felix\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "ReCycle Patch"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3600270544-3147449856-236785905-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3600270544-3147449856-236785905-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3600270544-3147449856-236785905-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3600270544-3147449856-236785905-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{27C2753F-E650-4C67-882B-FAA27725C8C7}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{277AA9BC-04D7-4F39-AD09-3C59E14C2335}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [TCP Query User{4BB2FD06-098B-4250-AE4F-EF2C615C9BB4}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{365314C1-023A-44A1-BB0B-126EFD7DAFE0}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{79E962D0-2C47-48A1-956C-9481AEE9ABD1}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [TCP Query User{267F0F15-B345-4BD9-960C-464096AA3589}G:\program files\sc2\starcraft ii\versions\base32283\sc2.exe] => (Allow) G:\program files\sc2\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{1977440A-5584-4F6A-A597-8A32EEC09C79}G:\program files\sc2\starcraft ii\versions\base32283\sc2.exe] => (Allow) G:\program files\sc2\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [TCP Query User{F46B167F-6CA5-49D2-9144-8771CBF5F31C}C:\users\felix\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\felix\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{A6F1A138-CA13-4F78-B1FC-A15EA2130A4A}C:\users\felix\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\felix\appdata\roaming\utorrent\utorrent.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/11/2015 08:11:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: loff9bko.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: loff9bko.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0x12e4
Startzeit der fehlerhaften Anwendung: 0xloff9bko.exe0
Pfad der fehlerhaften Anwendung: loff9bko.exe1
Pfad des fehlerhaften Moduls: loff9bko.exe2
Berichtskennung: loff9bko.exe3
Vollständiger Name des fehlerhaften Pakets: loff9bko.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: loff9bko.exe5

Error: (09/11/2015 04:39:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: loff9bko.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: loff9bko.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0xe8
Startzeit der fehlerhaften Anwendung: 0xloff9bko.exe0
Pfad der fehlerhaften Anwendung: loff9bko.exe1
Pfad des fehlerhaften Moduls: loff9bko.exe2
Berichtskennung: loff9bko.exe3
Vollständiger Name des fehlerhaften Pakets: loff9bko.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: loff9bko.exe5

Error: (09/11/2015 04:14:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm onenoteim.exe, Version 16.0.6131.1003 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1248

Startzeit: 01d0ec9bd9369348

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.6131.10031.0_x64__8wekyb3d8bbwe\onenoteim.exe

Berichts-ID: 6a2f4e29-588f-11e5-8284-000cf6fde5dc

Vollständiger Name des fehlerhaften Pakets: Microsoft.Office.OneNote_17.6131.10031.0_x64__8wekyb3d8bbwe

Auf das fehlerhafte Paket bezogene Anwendungs-ID: microsoft.onenoteim

Error: (09/11/2015 04:14:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ZARA)
Description: Das Paket „Microsoft.Office.OneNote_17.6131.10031.0_x64__8wekyb3d8bbwe+microsoft.onenoteim“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (09/10/2015 04:53:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZARA)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/10/2015 04:53:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZARA)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/10/2015 04:53:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZARA)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/10/2015 04:53:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZARA)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/10/2015 04:53:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZARA)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/10/2015 04:48:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: cygrunsrv.exe, Version: 0.0.0.0, Zeitstempel: 0x40826252
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10532.0, Zeitstempel: 0x55d9082b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0004714e
ID des fehlerhaften Prozesses: 0xb84
Startzeit der fehlerhaften Anwendung: 0xcygrunsrv.exe0
Pfad der fehlerhaften Anwendung: cygrunsrv.exe1
Pfad des fehlerhaften Moduls: cygrunsrv.exe2
Berichtskennung: cygrunsrv.exe3
Vollständiger Name des fehlerhaften Pakets: cygrunsrv.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: cygrunsrv.exe5


System errors:
=============
Error: (09/11/2015 04:52:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/11/2015 04:52:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/11/2015 04:52:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA GeForce Experience Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/11/2015 04:52:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD RAIDXpert" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/11/2015 04:52:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Stereoscopic 3D Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/11/2015 04:52:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/10/2015 05:01:06 PM) (Source: DCOM) (EventID: 10010) (User: ZARA)
Description: microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca

Error: (09/10/2015 04:59:05 PM) (Source: DCOM) (EventID: 10010) (User: ZARA)
Description: microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca

Error: (09/10/2015 04:56:36 PM) (Source: DCOM) (EventID: 10010) (User: ZARA)
Description: microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca

Error: (09/10/2015 04:56:35 PM) (Source: DCOM) (EventID: 10010) (User: ZARA)
Description: Microsoft.MicrosoftOfficeHub.AppXrqs94aemecwbtd1veqtvyn34m9ks80g7.mca


Microsoft Office:
=========================
Error: (09/11/2015 08:11:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: loff9bko.exe2.1.19357.052e7ea83loff9bko.exe2.1.19357.052e7ea83c0000005000011aa12e401d0ecbd391469fdC:\Users\felix\Desktop\loff9bko.exeC:\Users\felix\Desktop\loff9bko.exe73bbca72-7059-49d6-acda-e4aceb81b93a

Error: (09/11/2015 04:39:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: loff9bko.exe2.1.19357.052e7ea83loff9bko.exe2.1.19357.052e7ea83c0000005000011aae801d0ec9fab36f224C:\Users\felix\Desktop\loff9bko.exeC:\Users\felix\Desktop\loff9bko.exe3df38e92-289d-4def-ad24-d9eacd37da72

Error: (09/11/2015 04:14:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: onenoteim.exe16.0.6131.1003124801d0ec9bd93693484294967295C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.6131.10031.0_x64__8wekyb3d8bbwe\onenoteim.exe6a2f4e29-588f-11e5-8284-000cf6fde5dcMicrosoft.Office.OneNote_17.6131.10031.0_x64__8wekyb3d8bbwemicrosoft.onenoteim

Error: (09/11/2015 04:14:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ZARA)
Description: Microsoft.Office.OneNote_17.6131.10031.0_x64__8wekyb3d8bbwe+microsoft.onenoteim

Error: (09/10/2015 04:53:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZARA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142

Error: (09/10/2015 04:53:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZARA)
Description: Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub-2144927142

Error: (09/10/2015 04:53:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZARA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142

Error: (09/10/2015 04:53:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZARA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142

Error: (09/10/2015 04:53:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ZARA)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142

Error: (09/10/2015 04:48:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: cygrunsrv.exe0.0.0.040826252ntdll.dll10.0.10532.055d9082bc00000050004714eb8401d0ebd7ccccf5a2C:\Program Files (x86)\OpenSSH\bin\cygrunsrv.exeC:\WINDOWS\SYSTEM32\ntdll.dll67ce7a14-034b-42f2-a298-422d0d4a7945


==================== Memory info =========================== 

Processor: AMD Phenom(tm) II X4 965 Processor
Percentage of memory in use: 60%
Total physical RAM: 4094.49 MB
Available physical RAM: 1614.52 MB
Total Virtual: 9982.49 MB
Available Virtual: 6574.23 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100.01 GB) (Free:6.61 GB) NTFS
Drive d: (Windows8) (Fixed) (Total:48.83 GB) (Free:24.28 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (WIndows8.1) (Fixed) (Total:146.21 GB) (Free:76.93 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive f: (Auslagerungsdatei) (Fixed) (Total:48.82 GB) (Free:14.66 GB) NTFS
Drive g: (Daten) (Fixed) (Total:733.85 GB) (Free:2.07 GB) NTFS
Drive h: (WindowsXP) (Fixed) (Total:68.81 GB) (Free:40.71 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive i: (Fotos) (Fixed) (Total:17.58 GB) (Free:2.1 GB) NTFS
Drive j: (Daten) (Fixed) (Total:146.49 GB) (Free:33.85 GB) NTFS
Drive k: (Mortal Kombat X) (CDROM) (Total:31.23 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================
         
__________________

Alt 11.09.2015, 20:24   #4
lephex
 
Google wird zu Yahoo geleitet und Result Hub Ads - Standard

Google wird zu Yahoo geleitet und Result Hub Ads



Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-09-2015 01
Ran by felix (administrator) on ZARA (11-09-2015 20:09:58)
Running from C:\Users\felix\Desktop
Loaded Profiles: felix (Available Profiles: felix & penguin)
Platform: Windows 10 Pro Insider Preview (X64) Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.827.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6208.42001.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6208.42001.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-07-06] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ReCycle Patch] => C:\Users\felix\Downloads\ReasonPatch(1).exe [184320 2015-05-23] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-3600270544-3147449856-236785905-1001\...\Run: [OneDrive] => C:\Users\felix\AppData\Local\Microsoft\OneDrive\OneDrive.exe [404064 2015-09-05] (Microsoft Corporation)
HKU\S-1-5-21-3600270544-3147449856-236785905-1001\...\Run: [Spotify Web Helper] => C:\Users\felix\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-06-01] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-06-23]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{144ac783-6a83-4537-a2b8-7172a1962a23}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{32eaadb8-3f15-4533-a186-b2c8c9181740}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3600270544-3147449856-236785905-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3600270544-3147449856-236785905-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-07] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-07] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-07] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-07] (Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-07] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-07] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-03] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)

Chrome: 
=======
CHR Profile: C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-05-30]
CHR Extension: (Duolingo on the Web) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-06-07]
CHR Extension: (Google Drive) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-21]
CHR Extension: (Image Downloader) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2015-05-22]
CHR Extension: (Tampermonkey) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-07-20]
CHR Extension: (HTML Revealer and Password Revealer) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgeopcldenngppapceagonnenonklpbn [2015-07-26]
CHR Extension: (Google Docs Offline) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (AdBlock) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-18]
CHR Extension: (Refresh for Twitter) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdpiilkeoldobfomlhipnnfanmgfllmp [2015-06-23]
CHR Extension: (Flamite) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgobopgcnapcnblkpelgjjblnjjpgejk [2015-05-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-19]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-09-19] (AMD) [File not signed]
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
S2 Ds3Service; C:\ScpServer\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [File not signed]
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-18] (NVIDIA Corporation)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-18] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-18] (NVIDIA Corporation)
S2 OpenSSHd; C:\Program Files (x86)\OpenSSH\bin\cygrunsrv.exe [36864 2004-04-18] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-12] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [354912 2015-08-23] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [18760 2015-08-23] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [17656 2015-08-23] (Windows (R) Win 7 DDK provider)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R3 i8042HDR; C:\Windows\system32\DRIVERS\i8042HDR.sys [15920 2009-08-15] (Windows (R) Codename Longhorn DDK provider)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-08-23] (Realtek                                            )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45056 2015-08-23] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46584 2015-08-23] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [294360 2015-08-23] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118248 2015-08-23] (Microsoft Corporation)
U3 pxldypoc; C:\Users\felix\AppData\Local\Temp\pxldypoc.sys [56496 2015-09-11] (GMER) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-11 20:09 - 2015-09-11 20:10 - 00014243 _____ C:\Users\felix\Desktop\FRST.txt
2015-09-11 20:09 - 2015-09-11 20:09 - 02190848 _____ (Farbar) C:\Users\felix\Desktop\FRST64.exe
2015-09-11 20:08 - 2015-09-11 20:08 - 01692672 _____ (Farbar) C:\Users\felix\Desktop\FRST.exe
2015-09-11 19:46 - 2015-09-11 19:46 - 00016148 _____ C:\WINDOWS\system32\ZARA_felix_HistoryPrediction.bin
2015-09-11 19:21 - 2015-09-11 19:21 - 00000735 _____ C:\Users\Public\Desktop\Mortal Kombat X.lnk
2015-09-11 19:21 - 2015-09-11 19:21 - 00000735 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mortal Kombat X.lnk
2015-09-11 19:12 - 2015-09-11 19:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mad Max
2015-09-11 16:54 - 2015-09-11 16:54 - 00001071 _____ C:\Users\felix\Desktop\JRT.txt
2015-09-11 16:38 - 2015-09-11 16:38 - 00380416 _____ C:\Users\felix\Desktop\loff9bko.exe
2015-09-11 16:35 - 2015-09-11 16:35 - 00050477 _____ C:\Users\felix\Desktop\Defogger.exe
2015-09-11 16:35 - 2015-09-11 16:35 - 00000472 _____ C:\Users\felix\Desktop\defogger_disable.log
2015-09-11 16:35 - 2015-09-11 16:35 - 00000000 _____ C:\Users\felix\defogger_reenable
2015-09-10 22:27 - 2015-09-10 22:29 - 00001148 _____ C:\Users\felix\Desktop\regfix.reg
2015-09-10 22:27 - 2015-09-10 22:27 - 00000000 _____ C:\Users\felix\Desktop\Neues Textdokument.txt
2015-09-10 22:16 - 2015-09-11 16:53 - 00000362 _____ C:\Users\felix\Desktop\SystemLook.txt
2015-09-10 22:14 - 2015-09-10 22:14 - 00165376 _____ C:\Users\felix\Desktop\SystemLook_x64.exe
2015-09-10 22:11 - 2015-09-11 16:44 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-10 22:09 - 2015-09-11 16:44 - 00000000 ____D C:\Users\felix\Desktop\mbar
2015-09-10 22:05 - 2015-09-10 22:05 - 16563304 _____ (Malwarebytes Corp.) C:\Users\felix\Desktop\mbar-1.09.2.1008.exe
2015-09-10 21:39 - 2015-09-10 21:39 - 00023639 _____ C:\Users\felix\Downloads\[kat.cr]mad.max.2015.multi9.prepack.by.corepack.torrent
2015-09-10 21:27 - 2015-09-10 21:27 - 00166558 _____ C:\Users\felix\Downloads\torrent (3)
2015-09-10 21:27 - 2015-09-10 21:27 - 00166558 _____ C:\Users\felix\Downloads\torrent (2)
2015-09-10 21:23 - 2015-09-10 21:23 - 00166558 _____ C:\Users\felix\Downloads\torrent
2015-09-10 18:17 - 2015-09-10 18:17 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\felix\Downloads\tdsskiller.exe
2015-09-10 17:03 - 2015-09-10 17:03 - 00000000 ____D C:\WINDOWS\Panther
2015-09-10 16:44 - 2015-09-10 16:44 - 00001857 _____ C:\Users\felix\Desktop\Adobe Illustrator CC 2014.lnk
2015-09-10 16:44 - 2015-09-10 16:44 - 00001709 _____ C:\Users\felix\Desktop\Adobe Photoshop CC 2014.lnk
2015-09-10 16:36 - 2015-09-09 20:11 - 01800104 _____ (Malwarebytes Corporation) C:\Users\felix\Desktop\JRT.exe
2015-09-10 16:35 - 2015-09-10 16:47 - 00000000 ____D C:\AdwCleaner
2015-09-10 16:32 - 2015-09-11 20:10 - 00000000 ____D C:\FRST
2015-09-10 16:32 - 2015-09-11 16:39 - 00010393 _____ C:\Users\felix\Downloads\FRST.txt
2015-09-10 16:31 - 2015-09-10 16:31 - 02190848 _____ (Farbar) C:\Users\felix\Downloads\FRST64.exe
2015-09-10 16:31 - 2015-09-10 16:31 - 01799392 _____ (Malwarebytes Corporation) C:\Users\felix\Downloads\JRT_7600.exe
2015-09-10 16:31 - 2015-09-10 16:31 - 01660416 _____ C:\Users\felix\Downloads\AdwCleaner_5.007.exe
2015-09-08 18:02 - 2015-09-08 18:02 - 00000000 ____D C:\Users\felix\.netbeans-derby
2015-09-08 18:00 - 2015-09-08 18:00 - 00000000 ____D C:\Users\felix\Documents\NetBeansProjects
2015-09-08 17:59 - 2015-09-08 17:59 - 00000000 ____D C:\Users\felix\AppData\Roaming\NetBeans
2015-09-08 17:59 - 2015-09-08 17:59 - 00000000 ____D C:\Users\felix\AppData\Local\NetBeans
2015-09-08 17:53 - 2015-09-08 17:53 - 00002137 _____ C:\Users\Public\Desktop\NetBeans IDE 8.1 Beta.lnk
2015-09-08 17:53 - 2015-09-08 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2015-09-08 17:51 - 2015-09-08 17:57 - 00000000 ____D C:\Program Files\NetBeans 8.1 Beta
2015-09-08 17:49 - 2015-09-11 16:39 - 00000000 ____D C:\Users\felix\.nbi
2015-09-08 17:47 - 2015-09-08 17:48 - 198465120 _____ C:\Users\felix\Downloads\netbeans-8.1beta-javaee-windows.exe
2015-09-08 15:28 - 2015-09-10 22:11 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-08 15:28 - 2015-09-10 22:09 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-08 15:28 - 2015-09-08 15:28 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-08 15:28 - 2015-09-08 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-09-08 15:28 - 2015-09-08 15:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-08 15:28 - 2015-09-08 15:28 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-09-08 15:28 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-09-08 15:28 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-08 15:27 - 2015-09-08 15:27 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\felix\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-08 13:58 - 2015-09-08 13:58 - 00035636 _____ C:\Users\felix\Downloads\uninstallsearchwidget.exe
2015-09-07 22:35 - 2015-09-07 22:35 - 12917862 _____ C:\Users\felix\Downloads\Glitch! v2.12.15 Premium Edition.apk
2015-09-07 22:33 - 2015-09-07 22:33 - 12121472 _____ C:\Users\felix\Downloads\Glitch!_3.1.7_apk-dl.com.apk
2015-09-07 19:29 - 2015-09-07 19:29 - 00608237 _____ C:\Users\felix\Downloads\Introwerks-master.zip
2015-09-07 18:53 - 2015-09-07 18:54 - 00220827 _____ C:\Users\felix\Downloads\drift (1).zip
2015-09-07 17:46 - 2015-09-07 17:47 - 00000000 ____D C:\Users\felix\AppData\Roaming\Processing
2015-09-07 17:46 - 2015-09-07 17:46 - 00000000 ____D C:\Users\felix\Documents\Processing
2015-09-07 17:38 - 2015-09-08 22:35 - 00000000 ____D C:\Users\felix\Documents\processing-2.2.1
2015-09-07 17:29 - 2015-09-07 17:30 - 116409778 _____ C:\Users\felix\Downloads\processing-2.2.1-windows64.zip
2015-09-07 17:08 - 2015-09-07 17:08 - 00000000 ____D C:\Users\felix\AppData\Roaming\NVIDIA Corporation
2015-09-07 17:04 - 2015-09-07 17:53 - 00000000 ____D C:\Users\felix\Desktop\PIXELSORT
2015-09-07 16:54 - 2015-09-07 16:54 - 00110688 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-09-07 16:35 - 2015-09-07 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-09-07 16:33 - 2015-09-07 16:53 - 00000000 ____D C:\Program Files\Java
2015-09-07 16:20 - 2015-09-07 16:20 - 10477144 _____ C:\Users\felix\Downloads\ASDFPixelSort.zip
2015-09-07 16:16 - 2015-09-07 16:18 - 195200088 _____ (Oracle Corporation) C:\Users\felix\Downloads\jdk-8u60-windows-x64.exe
2015-09-07 15:45 - 2015-09-07 15:45 - 00000000 ____D C:\Users\felix\AppData\Roaming\Sun
2015-09-07 15:44 - 2015-09-08 17:49 - 00000000 ____D C:\Users\felix\.oracle_jre_usage
2015-09-07 15:42 - 2015-09-07 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-07 15:40 - 2015-09-07 16:31 - 00000000 ____D C:\ProgramData\Oracle
2015-09-07 15:39 - 2015-09-07 15:39 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-07 15:32 - 2015-09-07 15:33 - 00584288 _____ (Oracle Corporation) C:\Users\felix\Downloads\JavaSetup8u60.exe
2015-09-07 15:30 - 2015-09-07 17:47 - 00000000 ____D C:\Users\felix\Documents\processing-3.0b5
2015-09-07 15:28 - 2015-09-08 17:33 - 00000000 ____D C:\Users\felix\Documents\drift
2015-09-07 15:27 - 2015-09-07 15:28 - 00220078 _____ C:\Users\felix\Downloads\drift.zip
2015-09-07 15:25 - 2015-09-07 15:27 - 122240323 _____ C:\Users\felix\Downloads\processing-3.0b5-windows64.zip
2015-09-07 15:15 - 2015-09-07 15:15 - 00000000 ____D C:\Users\felix\Documents\application.windows64
2015-09-07 15:10 - 2015-09-07 15:11 - 06327745 _____ C:\Users\felix\Downloads\application.windows64.zip
2015-09-06 06:53 - 2015-09-06 06:53 - 00000000 ____D C:\Windows.old
2015-09-06 06:52 - 2015-09-10 16:55 - 00768940 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-06 06:52 - 2015-09-10 16:55 - 00153632 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-06 06:52 - 2015-09-06 06:52 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-09-06 06:52 - 2015-09-06 06:52 - 00000000 ____D C:\WINDOWS\SysWOW64\de
2015-09-06 06:52 - 2015-09-06 06:52 - 00000000 ____D C:\WINDOWS\system32\de
2015-09-06 06:52 - 2015-09-06 06:51 - 00305634 _____ C:\WINDOWS\system32\perfi007.dat
2015-09-06 06:52 - 2015-09-06 06:51 - 00040390 _____ C:\WINDOWS\system32\perfd007.dat
2015-09-06 06:46 - 2015-09-06 06:46 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-09-06 06:42 - 2015-09-06 06:42 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-09-06 06:42 - 2015-09-06 06:42 - 00000000 ____D C:\Program Files\MSBuild
2015-09-06 06:42 - 2015-09-06 06:42 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-09-06 06:42 - 2015-09-06 06:42 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-09-06 06:42 - 2015-08-15 01:26 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-06 06:42 - 2015-08-08 21:01 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-06 06:42 - 2015-05-28 06:03 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-09-06 06:42 - 2015-05-28 06:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-09-06 06:42 - 2015-05-23 04:48 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-09-06 06:42 - 2015-05-23 04:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-09-06 06:37 - 2015-09-06 06:37 - 00000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2015-09-05 21:35 - 2015-09-05 21:35 - 00000000 ___HD C:\OneDriveTemp
2015-09-05 21:26 - 2015-09-05 21:26 - 00000020 ___SH C:\Users\felix\ntuser.ini
2015-09-05 21:14 - 2015-08-23 06:51 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-09-05 21:11 - 2015-09-05 21:11 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-05 21:11 - 2015-09-05 21:11 - 00000000 ____D C:\Users\Default\3D Objects
2015-09-05 21:08 - 2015-09-05 21:11 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-09-05 21:05 - 2015-09-11 16:35 - 00000000 ____D C:\Users\felix
2015-09-05 21:05 - 2015-09-05 21:27 - 00000000 ___RD C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-05 21:05 - 2015-09-05 21:16 - 00000000 ____D C:\Users\penguin
2015-09-05 21:05 - 2015-09-05 21:07 - 00000000 ___RD C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-05 21:05 - 2015-09-05 21:07 - 00000000 ___RD C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-05 21:05 - 2015-09-05 21:07 - 00000000 ____D C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-05 21:05 - 2015-09-05 21:06 - 00000000 ___RD C:\Users\penguin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-05 21:05 - 2015-08-23 07:04 - 00000000 __RSD C:\Users\penguin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-05 21:05 - 2015-08-23 07:04 - 00000000 __RSD C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-05 21:05 - 2015-08-23 07:03 - 00000000 ___RD C:\Users\penguin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-05 21:05 - 2015-08-23 07:03 - 00000000 ___RD C:\Users\penguin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-05 21:05 - 2015-08-23 07:03 - 00000000 ____D C:\Users\penguin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-05 21:03 - 2015-09-10 16:48 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-05 21:03 - 2015-09-05 21:08 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-05 21:03 - 2015-09-05 21:08 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-05 21:03 - 2015-09-05 21:08 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-09-05 21:03 - 2015-09-05 21:03 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-09-05 21:03 - 2015-09-05 21:03 - 00000000 ____D C:\WINDOWS\system32\DAX2
2015-09-05 21:03 - 2015-08-25 17:57 - 06884984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-09-05 21:03 - 2015-08-25 17:57 - 03496752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-09-05 21:03 - 2015-08-25 17:57 - 02558584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-09-05 21:03 - 2015-08-25 17:57 - 00937592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-09-05 21:03 - 2015-08-25 17:57 - 00385144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-09-05 21:03 - 2015-08-25 17:57 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-09-05 21:03 - 2015-08-25 15:02 - 05165808 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-09-05 21:02 - 2015-09-05 21:02 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-09-05 21:02 - 2015-09-05 21:02 - 00000000 ____D C:\Program Files\Realtek
2015-09-05 21:01 - 2015-09-05 21:01 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-09-05 21:00 - 2015-09-05 21:00 - 00045757 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-09-05 20:59 - 2015-09-10 16:48 - 00023718 _____ C:\WINDOWS\PFRO.log
2015-09-05 19:44 - 2015-09-05 19:44 - 01567560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-09-05 19:44 - 2015-09-05 19:44 - 00206152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-09-05 19:44 - 2015-09-05 19:44 - 00040264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-09-04 12:46 - 2015-09-04 12:46 - 00000000 ____D C:\Users\felix\Documents\Recovered _SC08248.JPG 04-Sep-15 12.46.49
2015-09-04 12:46 - 2015-09-04 12:46 - 00000000 ____D C:\Users\felix\Documents\Recovered _SC08247.JPG 04-Sep-15 12.46.45
2015-09-04 12:46 - 2015-09-04 12:46 - 00000000 ____D C:\Users\felix\Documents\Recovered _SC08245.JPG 04-Sep-15 12.46.38
2015-09-04 12:46 - 2015-09-04 12:46 - 00000000 ____D C:\Users\felix\Documents\Recovered _SC08244.JPG 04-Sep-15 12.46.36
2015-09-04 12:46 - 2015-09-04 12:46 - 00000000 ____D C:\Users\felix\Documents\Recovered _SC08242.JPG 04-Sep-15 12.46.30
2015-09-04 12:46 - 2015-09-04 12:46 - 00000000 ____D C:\Users\felix\Documents\Recovered _SC08241.JPG 04-Sep-15 12.46.26
2015-09-04 12:46 - 2015-09-04 12:46 - 00000000 ____D C:\Users\felix\Documents\Recovered _SC08240.JPG 04-Sep-15 12.46.24
2015-09-04 12:46 - 2015-09-04 12:46 - 00000000 ____D C:\Users\felix\Documents\Recovered _SC08239.JPG 04-Sep-15 12.46.19
2015-09-04 12:42 - 2015-09-05 21:11 - 00000000 ____D C:\Users\felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PixRecovery
2015-09-04 12:42 - 2015-09-04 12:46 - 00000000 ____D C:\Users\felix\AppData\Roaming\OfficeRecovery
2015-09-04 12:42 - 2015-09-04 12:42 - 04268544 _____ C:\Users\felix\Downloads\pir-3.0.21083-demo.msi
2015-09-04 12:42 - 2015-09-04 12:42 - 00000000 ____D C:\Users\felix\AppData\Local\Apps\OfficeRecovery
2015-09-04 12:42 - 2015-09-04 12:42 - 00000000 ____D C:\ProgramData\OfficeRecovery.d7cc0641
2015-09-04 12:31 - 2015-09-05 21:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Repair
2015-09-04 12:31 - 2015-09-04 12:31 - 01319328 _____ (File Repair ) C:\Users\felix\Downloads\file-repair-setup.exe
2015-09-04 12:31 - 2015-09-04 12:31 - 01319328 _____ (File Repair ) C:\Users\felix\Downloads\file-repair-setup (1).exe
2015-09-04 12:31 - 2015-09-04 12:31 - 00000000 ____D C:\Program Files (x86)\Repair File
2015-09-04 12:30 - 2015-09-04 12:30 - 01162528 _____ C:\Users\felix\Downloads\File Repair - CHIP-Installer.exe
2015-09-04 12:09 - 2015-09-04 12:09 - 04000946 _____ C:\Users\felix\Downloads\rcsetup1.5.2_slim.zip
2015-09-03 22:41 - 2015-08-25 16:18 - 00574072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-09-03 22:37 - 2015-08-31 00:47 - 11188880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-09-03 22:37 - 2015-08-25 20:38 - 42840184 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 37819184 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 22559352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 18569336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 17932648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 16646624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 15630616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 15334976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 14945552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 13667032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 12611824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 12192048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 03480792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 03074776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 02354808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 02105976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 01898104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435582.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 01558648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435582.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 01178576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 01075320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 01064752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 01001440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 00986232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 00945272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 00176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-09-03 22:37 - 2015-08-25 20:38 - 00034044 _____ C:\WINDOWS\system32\nvinfo.pb
2015-09-03 21:58 - 2015-08-11 06:52 - 00072504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-09-03 21:58 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-09-03 21:58 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-09-03 12:45 - 2015-09-03 12:51 - 00000000 ____D C:\Users\felix\Documents\psynetic-gifx
2015-09-02 14:19 - 2015-09-02 14:19 - 00020623 _____ C:\Users\felix\Desktop\Unbenannt 1.odt
2015-08-23 09:07 - 2015-09-05 20:16 - 00000000 ___HD C:\$Windows.~BT
2015-08-23 08:46 - 2015-08-23 06:58 - 00032200 _____ C:\WINDOWS\Professional.xml
2015-08-23 08:45 - 2015-09-06 06:52 - 00000000 ____D C:\Program Files\Windows Journal
2015-08-23 08:45 - 2015-08-23 08:45 - 00000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2015-08-23 08:45 - 2015-08-23 08:45 - 00000000 __RHD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
2015-08-23 08:45 - 2015-08-23 08:45 - 00000000 ____D C:\WINDOWS\ShellNew
2015-08-23 08:43 - 2015-09-05 21:09 - 00000000 ____D C:\WINDOWS\OCR
2015-08-23 08:42 - 2015-09-06 06:52 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2015-08-23 08:42 - 2015-09-06 06:52 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-08-23 08:42 - 2015-09-06 06:52 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2015-08-23 08:42 - 2015-09-06 06:52 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-08-23 08:42 - 2015-09-06 06:52 - 00000000 ____D C:\WINDOWS\system32\winrm
2015-08-23 08:42 - 2015-09-06 06:52 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-08-23 08:42 - 2015-09-06 06:52 - 00000000 ____D C:\WINDOWS\system32\slmgr
2015-08-23 08:42 - 2015-09-06 06:52 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2015-08-23 08:42 - 2015-08-23 08:42 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-08-23 08:42 - 2015-08-23 08:42 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2015-08-23 08:42 - 2015-08-23 08:42 - 00000000 ____D C:\WINDOWS\system32\0409
2015-08-23 08:42 - 2015-08-23 08:42 - 00000000 ____D C:\WINDOWS\SKB
2015-08-23 08:31 - 2015-08-23 08:31 - 00016384 ___SH C:\WINDOWS\system32\config\BCD-Template.LOG
2015-08-23 08:30 - 2015-09-10 16:48 - 00000000 ____D C:\WINDOWS\qps-ploc
2015-08-23 08:30 - 2015-08-23 08:42 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-08-23 08:30 - 2015-08-23 07:39 - 00000000 ____D C:\WINDOWS\SysWOW64\qps-ploc
2015-08-23 08:30 - 2015-08-23 07:39 - 00000000 ____D C:\WINDOWS\system32\qps-ploc
2015-08-23 07:37 - 2015-08-23 07:37 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-E4C6DDC_Administrator_ploc_HistoryPrediction.bin
2015-08-23 07:35 - 2015-08-23 07:35 - 00000000 ____D C:\ProgramData\USOShared
2015-08-23 07:34 - 2015-09-10 16:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-23 07:31 - 2015-09-10 16:49 - 00038390 _____ C:\WINDOWS\setupact.log
2015-08-23 07:31 - 2015-09-10 16:48 - 00233992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-23 07:31 - 2015-08-23 07:31 - 00001342 _____ C:\WINDOWS\lsasetup.log
2015-08-23 07:31 - 2015-08-23 07:31 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-23 07:05 - 2015-09-05 21:11 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-08-23 07:05 - 2015-08-23 07:05 - 00000000 ____D C:\WINDOWS\Setup
2015-08-23 07:05 - 2015-08-23 06:59 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-23 07:05 - 2015-08-23 06:59 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-23 07:03 - 2015-09-11 19:13 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-23 07:03 - 2015-09-11 18:15 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-23 07:03 - 2015-09-10 16:47 - 00000000 ____D C:\WINDOWS\Registration
2015-08-23 07:03 - 2015-09-06 06:58 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-08-23 07:03 - 2015-09-06 06:52 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-08-23 07:03 - 2015-09-06 06:52 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2015-08-23 07:03 - 2015-09-06 06:52 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-08-23 07:03 - 2015-09-06 06:52 - 00000000 ___SD C:\WINDOWS\system32\dsc
2015-08-23 07:03 - 2015-09-06 06:52 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2015-08-23 07:03 - 2015-09-06 06:52 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-08-23 07:03 - 2015-09-06 06:52 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-08-23 07:03 - 2015-09-06 06:52 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2015-08-23 07:03 - 2015-09-06 06:52 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-08-23 07:03 - 2015-09-06 06:52 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-08-23 07:03 - 2015-09-06 06:52 - 00000000 ____D C:\WINDOWS\system32\migwiz
2015-08-23 07:03 - 2015-09-06 06:52 - 00000000 ____D C:\WINDOWS\system32\Com
2015-08-23 07:03 - 2015-09-06 06:52 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-08-23 07:03 - 2015-09-06 06:52 - 00000000 ____D C:\WINDOWS\IME
2015-08-23 07:03 - 2015-09-06 06:52 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-08-23 07:03 - 2015-09-06 06:52 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-23 07:03 - 2015-09-06 06:52 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-08-23 07:03 - 2015-09-06 06:52 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-23 07:03 - 2015-09-06 06:51 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-23 07:03 - 2015-09-06 03:46 - 00000000 ____D C:\WINDOWS\appcompat
2015-08-23 07:03 - 2015-09-05 21:29 - 00000000 ____D C:\WINDOWS\rescache
2015-08-23 07:03 - 2015-09-05 21:28 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-08-23 07:03 - 2015-09-05 21:28 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-08-23 07:03 - 2015-09-05 21:27 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-08-23 07:03 - 2015-09-05 21:19 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-23 07:03 - 2015-09-05 21:11 - 00000000 __RSD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-23 07:03 - 2015-09-05 21:11 - 00000000 __RSD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-08-23 07:03 - 2015-09-05 21:11 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-23 07:03 - 2015-09-05 21:11 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-23 07:03 - 2015-09-05 21:11 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-08-23 07:03 - 2015-09-05 21:09 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-08-23 07:03 - 2015-09-05 21:09 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-23 07:03 - 2015-09-05 21:09 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-23 07:03 - 2015-09-05 21:09 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-23 07:03 - 2015-09-05 21:09 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-08-23 07:03 - 2015-09-05 21:09 - 00000000 ____D C:\WINDOWS\InputMethod
2015-08-23 07:03 - 2015-09-05 21:08 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-08-23 07:03 - 2015-09-05 21:08 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-23 07:03 - 2015-09-05 21:03 - 00000000 ____D C:\WINDOWS\Help
2015-08-23 07:03 - 2015-08-23 08:45 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-23 07:03 - 2015-08-23 08:45 - 00000000 ____D C:\WINDOWS\Web
2015-08-23 07:03 - 2015-08-23 08:45 - 00000000 ____D C:\WINDOWS\security
2015-08-23 07:03 - 2015-08-23 08:42 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-08-23 07:03 - 2015-08-23 08:42 - 00000000 ____D C:\WINDOWS\system32\setup
2015-08-23 07:03 - 2015-08-23 07:36 - 00000000 ____D C:\WINDOWS\system32\spool
2015-08-23 07:03 - 2015-08-23 07:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-08-23 07:03 - 2015-08-23 07:36 - 00000000 ____D C:\ProgramData\USOPrivate
2015-08-23 07:03 - 2015-08-23 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-08-23 07:03 - 2015-08-23 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 __RSD C:\WINDOWS\Media
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ___SD C:\WINDOWS\system32\Nui
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ___SD C:\Program Files\WindowsPowerShell
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ___SD C:\Program Files (x86)\WindowsPowerShell
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\Vss
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\tracing
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\TAPI
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\WindowsPowerShell
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\uk-UA
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\th-TH
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\sru
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Latn-RS
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Latn-CS
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\sppui
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\spp
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Speech_OneCore
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Speech
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\sl-SI
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\sk-SK
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\ro-RO
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\restore
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Recovery
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\RasToast
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\networklist
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MSDRM
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Licenses
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\hr-HR
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\he-IL
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\fr-CA
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\es-MX
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\bg-BG
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\ar-SA
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SystemResources
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\winevt
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\WindowsPowerShell
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\uk-UA
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\th-TH
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-RS
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\sppui
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\spp
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\Speech_OneCore
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\Speech
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\sl-SI
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\sk-SK
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\ro-RO
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\restore
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\RasToast
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\ras
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\networklist
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\MSDRM
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\Licenses
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\IME
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\icsxml
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\ias
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\hr-HR
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\he-IL
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\fr-CA
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\es-MX
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\bg-BG
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\ar-SA
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\system\Speech
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\System
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\Speech_OneCore
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\Speech
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\schemas
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\SchCache
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\Resources
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\PLA
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\Performance
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\Globalization
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\Cursors
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\Branding
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\WINDOWS\addins
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\ProgramData\Comms
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\Program Files\Windows NT
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\Program Files\Common Files\Services
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\Program Files (x86)\Windows NT
2015-08-23 07:03 - 2015-08-23 07:03 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2015-08-23 07:03 - 2015-08-23 07:01 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2015-08-23 07:03 - 2015-08-23 07:01 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2015-08-23 07:03 - 2015-08-23 07:01 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2015-08-23 07:03 - 2015-08-23 07:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2015-08-23 07:03 - 2015-08-23 07:01 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2015-08-23 07:03 - 2015-08-23 07:01 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2015-08-23 07:03 - 2015-08-23 07:01 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2015-08-23 07:03 - 2015-08-23 07:01 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2015-08-23 07:03 - 2015-08-23 07:01 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2015-08-23 07:03 - 2015-08-23 07:01 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2015-08-23 07:03 - 2015-08-23 07:01 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2015-08-23 07:03 - 2015-08-23 07:01 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2015-08-23 07:03 - 2015-08-23 07:01 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2015-08-23 07:00 - 2015-08-23 08:45 - 01949696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsCpl.dll
2015-08-23 07:00 - 2015-08-23 08:45 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-08-23 07:00 - 2015-08-23 08:45 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 28083280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 12611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 09375232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2015-08-23 07:00 - 2015-08-23 07:00 - 01976320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 01570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2015-08-23 07:00 - 2015-08-23 07:00 - 00987848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00926208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSRESM.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSRESM.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00901824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drmv2clt.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00859648 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSST.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSSVC.exe
2015-08-23 07:00 - 2015-08-23 07:00 - 00640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\blackbox.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceApi.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmsdk.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2015-08-23 07:00 - 2015-08-23 07:00 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpunits.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00497504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmdev.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00484552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceStatus.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSTIFF.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmnet.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscp.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDSp.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcl.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2015-08-23 07:00 - 2015-08-23 07:00 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drmmgrtn.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXST30.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00253736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpeval.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\audiodev.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cewmdm.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00201216 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\elshyph.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unregmp2.exe
2015-08-23 07:00 - 2015-08-23 07:00 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceWMDRM.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00155576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpps.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceTypes.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00142848 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceWiaCompat.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wclPowrProf.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wclUnicode.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msnetobj.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceClassExtension.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\racpldlg.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msra.exe
2015-08-23 07:00 - 2015-08-23 07:00 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSXP32.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raserver.exe
2015-08-23 07:00 - 2015-08-23 07:00 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\whealogr.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Cache.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOM.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSROUTE.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOM.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BlbEvents.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\blb_ps.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceConnectApi.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wclEtw.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSMON.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.tlb
2015-08-23 07:00 - 2015-08-23 07:00 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdchange.exe
2015-08-23 07:00 - 2015-08-23 07:00 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSEXT32.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdmps.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdmlog.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinFax.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinFax.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShextAutoplay.exe
2015-08-23 07:00 - 2015-08-23 07:00 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscTimer.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dscproxy.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\amcompat.tlb
2015-08-23 07:00 - 2015-08-23 07:00 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSUNATD.exe
2015-08-23 07:00 - 2015-08-23 07:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00017576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srdelayed.exe
2015-08-23 07:00 - 2015-08-23 07:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wclSqm.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wclWdi.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSEVENT.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2015-08-23 07:00 - 2015-08-23 07:00 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2015-08-23 07:00 - 2015-08-23 07:00 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2015-08-23 07:00 - 2015-08-23 07:00 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmerror.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\blbres.dll
2015-08-23 07:00 - 2015-08-23 07:00 - 00001649 _____ C:\WINDOWS\SysWOW64\WindowsCodecsRaw.txt
2015-08-23 06:59 - 2015-08-23 08:45 - 02533888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysis.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 01949696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsCpl.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00577536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrptadm.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AdmTmpl.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDistSh.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SrpUxNativeSnapIn.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppIdPolicyEngineApi.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00274360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpendp.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuditNativeSnapIn.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2015-08-23 06:59 - 2015-08-23 08:45 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgmts.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00147439 _____ C:\WINDOWS\SysWOW64\gpedit.msc
2015-08-23 06:59 - 2015-08-23 08:45 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsClassExtension.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\auditpolmsg.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuditPolicyGPInterop.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfdts.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00043566 _____ C:\WINDOWS\SysWOW64\rsop.msc
2015-08-23 06:59 - 2015-08-23 08:45 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.exe
2015-08-23 06:59 - 2015-08-23 08:45 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorPerformanceEvents.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\jnwmon.dll
2015-08-23 06:59 - 2015-08-23 08:45 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorCustomAdbAlgorithm.dll
2015-08-23 06:59 - 2015-08-23 08:42 - 06359040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2015-08-23 06:59 - 2015-08-23 08:42 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2015-08-23 06:59 - 2015-08-23 08:42 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2015-08-23 06:59 - 2015-08-23 08:42 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2015-08-23 06:59 - 2015-08-23 08:42 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 28852880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 19297280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 18628608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 14241280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 11239936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 09375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2015-08-23 06:59 - 2015-08-23 06:59 - 06818816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 05471232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 05179904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 05020344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 04645888 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 04238848 _____ (Microsoft) C:\WINDOWS\SysWOW64\GameUXLegacyGDFs.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 04238848 _____ (Microsoft) C:\WINDOWS\system32\GameUXLegacyGDFs.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 03748864 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 03649024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 03549184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 03444736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 03416576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 03301376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-08-23 06:59 - 2015-08-23 06:59 - 02728960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 02576896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 02370328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2015-08-23 06:59 - 2015-08-23 06:59 - 02362368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 02186752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 02042368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-08-23 06:59 - 2015-08-23 06:59 - 01940480 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 01725112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 01572864 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0000.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 01567232 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 01517056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0000.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 01464320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 01432064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DxpTaskSync.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 01389056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DxpTaskSync.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 01294848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 01270784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 01205760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 01189888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 01163776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2015-08-23 06:59 - 2015-08-23 06:59 - 01140736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 01138688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2015-08-23 06:59 - 2015-08-23 06:59 - 01123840 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 01054912 _____ (Microsoft Corporation) C:\WINDOWS\system32\drmv2clt.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 01001984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00950272 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00918016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00823984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Bubbles.scr
2015-08-23 06:59 - 2015-08-23 06:59 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\blackbox.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Bubbles.scr
2015-08-23 06:59 - 2015-08-23 06:59 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdcpl.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartCardSimulator.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedwipes.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedwipes.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\elslad.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00690016 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00679936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFSR.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00659456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceApi.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\OobeFldr.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OobeFldr.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00622592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmsdk.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\elslad.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00588464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmdev.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2015-08-23 06:59 - 2015-08-23 06:59 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00575168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmnet.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiashext.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadefui.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiashext.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceStatus.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscp.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00433896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCEWMDRMNDBootstrap.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSE.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadefui.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncInfrastructure.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00390552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provsvc.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00372608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2PGraph.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDSp.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncInfrastructure.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-23 06:59 - 2015-08-23 06:59 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\drmmgrtn.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasppp.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00312552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCEWMDRMNDBootstrap.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00307472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dxpserver.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\scansetting.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00294400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasppp.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSNP.ax
2015-08-23 06:59 - 2015-08-23 06:59 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cewmdm.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB7.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scansetting.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00251120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL
2015-08-23 06:59 - 2015-08-23 06:59 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\elshyph.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOVER.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationHost.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\unregmp2.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSyncMetastore.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssText3d.scr
2015-08-23 06:59 - 2015-08-23 06:59 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drt.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSNP.ax
2015-08-23 06:59 - 2015-08-23 06:59 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\cleanmgr.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\EhStorShell.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ssText3d.scr
2015-08-23 06:59 - 2015-08-23 06:59 - 00203112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cleanmgr.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgrade.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbeio.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00197632 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\ir32_32original.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceWMDRM.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB7.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\recdisc.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSyncMetastore.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceTypes.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\moricons.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moricons.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\p2pnetsh.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSUTILITY.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\charmap.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncui.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\charmap.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2015-08-23 06:59 - 2015-08-23 06:59 - 00167472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrdc.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceSyncProvider.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\syncui.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00153600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbeio.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00152576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmidx.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Mystify.scr
2015-08-23 06:59 - 2015-08-23 06:59 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Ribbons.scr
2015-08-23 06:59 - 2015-08-23 06:59 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\immersivetpmvscmgrsvr.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSyncProviders.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvscmgrsvr.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\msnetobj.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmttpmvscmgrsvr.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceSyncProvider.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Mystify.scr
2015-08-23 06:59 - 2015-08-23 06:59 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\EhStorAPI.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Ribbons.scr
2015-08-23 06:59 - 2015-08-23 06:59 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2015-08-23 06:59 - 2015-08-23 06:59 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\EhStorAuthn.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrahc.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\raserver.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountExtension.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EhStorAuthn.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EhStorAPI.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSyncProviders.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManagerAPI.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\isoburn.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00113664 _____ (Microsoft) C:\WINDOWS\system32\SMBHelperClass.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\EhStorPwdMgr.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidfdp.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisrndr.ax
2015-08-23 06:59 - 2015-08-23 06:59 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EhStorPwdMgr.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Mpeg2Data.ax
2015-08-23 06:59 - 2015-08-23 06:59 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\kstvtune.ax
2015-08-23 06:59 - 2015-08-23 06:59 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\isoburn.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiascanprofiles.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvscmgr.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdaplgin.ax
2015-08-23 06:59 - 2015-08-23 06:59 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSTPager.ax
2015-08-23 06:59 - 2015-08-23 06:59 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\synceng.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\cca.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaacmgr.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdmps.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kstvtune.ax
2015-08-23 06:59 - 2015-08-23 06:59 - 00093702 _____ C:\WINDOWS\SysWOW64\SubRange.uce
2015-08-23 06:59 - 2015-08-23 06:59 - 00093702 _____ C:\WINDOWS\system32\SubRange.uce
2015-08-23 06:59 - 2015-08-23 06:59 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiascanprofiles.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisrndr.ax
2015-08-23 06:59 - 2015-08-23 06:59 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mobsync.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSDvbNP.ax
2015-08-23 06:59 - 2015-08-23 06:59 - 00086528 _____ (Radius Inc.) C:\WINDOWS\SysWOW64\iccvid.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pwrshplugin.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logagent.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srhelper.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaacmgr.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mobsync.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
         

Alt 11.09.2015, 20:24   #5
lephex
 
Google wird zu Yahoo geleitet und Result Hub Ads - Standard

Google wird zu Yahoo geleitet und Result Hub Ads



Code:
ATTFilter
2015-08-23 06:59 - 2015-08-23 06:59 - 00084992 _____ (Microsoft) C:\WINDOWS\SysWOW64\SMBHelperClass.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\recovery.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Mpeg2Data.ax
2015-08-23 06:59 - 2015-08-23 06:59 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSTPager.ax
2015-08-23 06:59 - 2015-08-23 06:59 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountControlSettings.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Syncreg.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingHost.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ELSCore.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSSessionUX.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bdaplgin.ax
2015-08-23 06:59 - 2015-08-23 06:59 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidfdp.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\synceng.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cca.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidnsp.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2015-08-23 06:59 - 2015-08-23 06:59 - 00076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2015-08-23 06:59 - 2015-08-23 06:59 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2015-08-23 06:59 - 2015-08-23 06:59 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WABSyncProvider.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00073480 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceConnectApi.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00072896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSDvbNP.ax
2015-08-23 06:59 - 2015-08-23 06:59 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pnrpnsp.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksxbar.ax
2015-08-23 06:59 - 2015-08-23 06:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\scavengeui.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountControlSettings.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountControlSettings.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sberes.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartScreenSettings.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\sberes.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountControlSettings.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartScreenSettings.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ELSCore.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Syncreg.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00060576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00060458 _____ C:\WINDOWS\SysWOW64\ideograf.uce
2015-08-23 06:59 - 2015-08-23 06:59 - 00060458 _____ C:\WINDOWS\system32\ideograf.uce
2015-08-23 06:59 - 2015-08-23 06:59 - 00060416 _____ (Twain Working Group) C:\WINDOWS\twain_32.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WABSyncProvider.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hcproviders.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msauserext.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drtprov.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksxbar.ax
2015-08-23 06:59 - 2015-08-23 06:59 - 00056320 _____ (Microsoft) C:\WINDOWS\SysWOW64\cero.rs
2015-08-23 06:59 - 2015-08-23 06:59 - 00055296 _____ (Microsoft) C:\WINDOWS\SysWOW64\fpb.rs
2015-08-23 06:59 - 2015-08-23 06:59 - 00052736 _____ (Microsoft) C:\WINDOWS\SysWOW64\esrb.rs
2015-08-23 06:59 - 2015-08-23 06:59 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidnsp.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConnectedAccountState.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationHostProxy.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdchange.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmler.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbisurf.ax
2015-08-23 06:59 - 2015-08-23 06:59 - 00047680 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncHost.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00046592 _____ (Microsoft) C:\WINDOWS\SysWOW64\oflc-nz.rs
2015-08-23 06:59 - 2015-08-23 06:59 - 00044544 _____ (Microsoft) C:\WINDOWS\SysWOW64\csrr.rs
2015-08-23 06:59 - 2015-08-23 06:59 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drttransport.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.tlb
2015-08-23 06:59 - 2015-08-23 06:59 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hcproviders.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConnectedAccountState.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00041984 _____ (Microsoft) C:\WINDOWS\SysWOW64\cob-au.rs
2015-08-23 06:59 - 2015-08-23 06:59 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbisurf.ax
2015-08-23 06:59 - 2015-08-23 06:59 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncHost.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdmlog.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiawow64.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxpps.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\tvratings.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncInfrastructureps.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToStatusProvider.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSERES.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDriverRetrievalClient.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00032256 _____ (Microsoft) C:\WINDOWS\SysWOW64\usk.rs
2015-08-23 06:59 - 2015-08-23 06:59 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentHost.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tvratings.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsepno.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShextAutoplay.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00031064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraSettingsUIHost.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\elsTrans.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToStatusProvider.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00029672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WpdUpFltr.sys
2015-08-23 06:59 - 2015-08-23 06:59 - 00029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MemoryDiagnostic.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\DsmUserTask.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ms3dthumbnailprovider.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscisvif.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\srwmi.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00025064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\elsTrans.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00024006 _____ C:\WINDOWS\SysWOW64\gb2312.uce
2015-08-23 06:59 - 2015-08-23 06:59 - 00024006 _____ C:\WINDOWS\system32\gb2312.uce
2015-08-23 06:59 - 2015-08-23 06:59 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ms3dthumbnailprovider.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00022984 _____ C:\WINDOWS\SysWOW64\bopomofo.uce
2015-08-23 06:59 - 2015-08-23 06:59 - 00022984 _____ C:\WINDOWS\system32\bopomofo.uce
2015-08-23 06:59 - 2015-08-23 06:59 - 00022528 _____ (Microsoft) C:\WINDOWS\SysWOW64\grb.rs
2015-08-23 06:59 - 2015-08-23 06:59 - 00021504 _____ (Microsoft) C:\WINDOWS\SysWOW64\pegi-pt.rs
2015-08-23 06:59 - 2015-08-23 06:59 - 00021504 _____ (Microsoft) C:\WINDOWS\SysWOW64\pegi.rs
2015-08-23 06:59 - 2015-08-23 06:59 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscisvif.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\VscMgrPS.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteWipeCSP.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\srdelayed.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\amcompat.tlb
2015-08-23 06:59 - 2015-08-23 06:59 - 00019432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntosext.sys
2015-08-23 06:59 - 2015-08-23 06:59 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vdmdbg.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncInfrastructureps.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00017576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00016740 _____ C:\WINDOWS\SysWOW64\ShiftJIS.uce
2015-08-23 06:59 - 2015-08-23 06:59 - 00016740 _____ C:\WINDOWS\system32\ShiftJIS.uce
2015-08-23 06:59 - 2015-08-23 06:59 - 00016384 _____ (Microsoft) C:\WINDOWS\SysWOW64\djctq.rs
2015-08-23 06:59 - 2015-08-23 06:59 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscproxystub.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentTask.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00015872 _____ (Microsoft) C:\WINDOWS\SysWOW64\pcbp.rs
2015-08-23 06:59 - 2015-08-23 06:59 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msidcrl40.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncHostps.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootim.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VscMgrPS.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msidcrl40.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00012876 _____ C:\WINDOWS\SysWOW64\korean.uce
2015-08-23 06:59 - 2015-08-23 06:59 - 00012876 _____ C:\WINDOWS\system32\korean.uce
2015-08-23 06:59 - 2015-08-23 06:59 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscproxystub.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncHostps.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiaExtensionHost64.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WallpaperHost.exe
2015-08-23 06:59 - 2015-08-23 06:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\getuname.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00010429 _____ C:\WINDOWS\system32\ScavengeSpace.xml
2015-08-23 06:59 - 2015-08-23 06:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LAPRXY.DLL
2015-08-23 06:59 - 2015-08-23 06:59 - 00008960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\typelib.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00008960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storage.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00008960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole2nls.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00008960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole2disp.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00008960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole2.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00008960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compobj.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-08-23 06:59 - 2015-08-23 06:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ir32_32.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\getuname.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00008484 _____ C:\WINDOWS\SysWOW64\kanji_2.uce
2015-08-23 06:59 - 2015-08-23 06:59 - 00008484 _____ C:\WINDOWS\system32\kanji_2.uce
2015-08-23 06:59 - 2015-08-23 06:59 - 00008260 _____ C:\WINDOWS\system32\ResPriImageList
2015-08-23 06:59 - 2015-08-23 06:59 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2015-08-23 06:59 - 2015-08-23 06:59 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2015-08-23 06:59 - 2015-08-23 06:59 - 00006948 _____ C:\WINDOWS\SysWOW64\kanji_1.uce
2015-08-23 06:59 - 2015-08-23 06:59 - 00006948 _____ C:\WINDOWS\system32\kanji_1.uce
2015-08-23 06:59 - 2015-08-23 06:59 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2015-08-23 06:59 - 2015-08-23 06:59 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00005120 _____ (Microsoft) C:\WINDOWS\SysWOW64\WEB.rs
2015-08-23 06:59 - 2015-08-23 06:59 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrEvents.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asferror.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmerror.dll
2015-08-23 06:59 - 2015-08-23 06:59 - 00002349 ___RS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2015-08-23 06:59 - 2015-08-23 06:59 - 00002199 ___RS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2015-08-23 06:59 - 2015-08-23 06:59 - 00002197 ___RS C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk
2015-08-23 06:59 - 2015-08-23 06:59 - 00001649 _____ C:\WINDOWS\system32\WindowsCodecsRaw.txt
2015-08-23 06:57 - 2015-08-23 08:45 - 03802112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 03603968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysis.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 01977856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mblctr.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCacheProvider.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrptadm.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2015-08-23 06:57 - 2015-08-23 08:45 - 00512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SnippingTool.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvgogl32.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSh.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppIdPolicyEngineApi.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrpUxNativeSnapIn.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00306936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpendp.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmstormod.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\srm.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srm.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddputils.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ppcsnap.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SNTSearch.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddpchunk.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuditNativeSnapIn.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationSettings.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscobj.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmstormod.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgmts.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvgocl32.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistWSDDiscoProv.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hwrreg.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinput.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmshell.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveprompt.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00147439 _____ C:\WINDOWS\system32\gpedit.msc
2015-08-23 06:57 - 2015-08-23 08:45 - 00147432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CscMig.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00146389 _____ C:\WINDOWS\system32\printmanagement.msc
2015-08-23 06:57 - 2015-08-23 08:45 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddptrace.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\adrclient.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfg.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmshell.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvgu1132.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00120458 _____ C:\WINDOWS\system32\secpol.msc
2015-08-23 06:57 - 2015-08-23 08:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\baaupdate.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00109056 _____ C:\WINDOWS\system32\RDVGHelper.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adrclient.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerWizardElev.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerWizard.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvgumd32.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\auditpolmsg.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmlib.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmlib.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmtrace.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\DFDWiz.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuditPolicyGPInterop.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintBrmUi.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmtrace.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistHttpTrans.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddp_ps.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00052712 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedapplauncher.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\RotMgr.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hwrcomp.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00043566 _____ C:\WINDOWS\system32\rsop.msc
2015-08-23 06:57 - 2015-08-23 08:45 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistAD.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00041448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmbeddedAppLauncherConfig.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\srm_ps.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00029672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2015-08-23 06:57 - 2015-08-23 08:45 - 00029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\qwinsta.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\qprocess.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00027136 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msg.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\quser.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\chgport.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\qappsrv.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tskill.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsdiscon.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscon.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoff.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetppui.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rwinsta.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\chglogon.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\chgusr.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\reset.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\change.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srm_ps.dll
2015-08-23 06:57 - 2015-08-23 08:45 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\query.exe
2015-08-23 06:57 - 2015-08-23 08:45 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeSysprep.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 46214656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imageres.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 24473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 22116864 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 20831600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 12512768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 09909248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 07805120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSetup.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 07584256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 06713344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 06440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 05893304 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 05329920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 04899328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 04326400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 04064464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 04041728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 03064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 02849280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 02833408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 02813560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-08-23 06:57 - 2015-08-23 06:57 - 02641008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2015-08-23 06:57 - 2015-08-23 06:57 - 02508800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 02248704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 02213360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 02119168 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-23 06:57 - 2015-08-23 06:57 - 02102272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 02058240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01996472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01925096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplaySwitch.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 01867808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01867776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01845248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 01649664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfshim.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01550696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01547088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01520828 _____ C:\WINDOWS\system32\WpcNBModel.bin
2015-08-23 06:57 - 2015-08-23 06:57 - 01495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01345624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01222144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfshim.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01193984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01183744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shellstyle.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01100800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ogldrv.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01074176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01058992 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01049088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dim700.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00854016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\opengl32.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00781312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00775680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00753664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2015-08-23 06:57 - 2015-08-23 06:57 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00714432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00706560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagesp1.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00673088 _____ C:\WINDOWS\SysWOW64\mlang.dat
2015-08-23 06:57 - 2015-08-23 06:57 - 00672768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsuiext.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00633832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2015-08-23 06:57 - 2015-08-23 06:57 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dramp.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00587224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00577024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00563192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00530616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00526068 _____ C:\WINDOWS\system32\staticurllist.bin
2015-08-23 06:57 - 2015-08-23 06:57 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\riched20.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceCenter.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00503736 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2015-08-23 06:57 - 2015-08-23 06:57 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnfldr.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercpl.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\main.cpl
2015-08-23 06:57 - 2015-08-23 06:57 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00435712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glmf32.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DbgModel.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shwebsvc.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2015-08-23 06:57 - 2015-08-23 06:57 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00423424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-23 06:57 - 2015-08-23 06:57 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2015-08-23 06:57 - 2015-08-23 06:57 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsquery.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dim.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscoree.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00366904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10_1core.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscoree.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00332792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00322560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10core.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00316640 _____ C:\WINDOWS\WMSysPr9.prx
2015-08-23 06:57 - 2015-08-23 06:57 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cttune.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eudcedit.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00300232 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00299736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMASF.DLL
2015-08-23 06:57 - 2015-08-23 06:57 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WmpDui.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysdm.cpl
2015-08-23 06:57 - 2015-08-23 06:57 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2015-08-23 06:57 - 2015-08-23 06:57 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\drt.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00274904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00273896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiagn.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00271816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationHost.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00261096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscandui.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00247552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgprint.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00231016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00211938 _____ C:\WINDOWS\SysWOW64\lcphrase.tbl
2015-08-23 06:57 - 2015-08-23 06:57 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remotepg.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2015-08-23 06:57 - 2015-08-23 06:57 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmidx.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairingFolder.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2015-08-23 06:57 - 2015-08-23 06:57 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrdc.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mlang.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msls31.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dskquoui.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\desk.cpl
2015-08-23 06:57 - 2015-08-23 06:57 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00163800 _____ C:\WINDOWS\SysWOW64\weretw.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10_1.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fms.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00152576 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cabview.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2015-08-23 06:57 - 2015-08-23 06:57 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\verifiergui.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00142808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glu32.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\softkbd.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twext.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaatext.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\repair-bde.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dsui.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00119480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.ps.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgcore.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rshx32.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\control.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontview.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsadu.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\logagent.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsetup.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Fondue.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dskquota.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfui.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceProperties.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\console.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2015-08-23 06:57 - 2015-08-23 06:57 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00087744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpnsp.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regapi.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemPropertiesRemote.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemPropertiesProtection.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemPropertiesPerformance.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemPropertiesHardware.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemPropertiesDataExecutionPrevention.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemPropertiesComputerName.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SystemPropertiesAdvanced.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00081560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscories.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usbui.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tasklist.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairingWizard.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pnrphc.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00080736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00080368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2015-08-23 06:57 - 2015-08-23 06:57 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systeminfo.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DpiScaling.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskkill.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00073880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscories.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Groupinghc.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvvmtransport.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\drtprov.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationHostProxy.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WorkFoldersRes.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersRes.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RunLegacyCPLElevated.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dxof.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winver.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00056320 _____ (Microsoft) C:\WINDOWS\system32\cero.rs
2015-08-23 06:57 - 2015-08-23 06:57 - 00055896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wtsapi32.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00055296 _____ (Microsoft) C:\WINDOWS\system32\fpb.rs
2015-08-23 06:57 - 2015-08-23 06:57 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00054432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-08-23 06:57 - 2015-08-23 06:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rundll32.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoveDeviceContextHandler.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\drttransport.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00052736 _____ (Microsoft) C:\WINDOWS\system32\esrb.rs
2015-08-23 06:57 - 2015-08-23 06:57 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\playlistfolder.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msident.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsRdpWebAccess.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmler.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dssec.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deskadp.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00047104 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSTheme.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bidispl.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\bderepair.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00047096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PickerHost.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00046592 _____ (Microsoft) C:\WINDOWS\system32\oflc-nz.rs
2015-08-23 06:57 - 2015-08-23 06:57 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msports.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netfxperf.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deskmon.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00044544 _____ (Microsoft) C:\WINDOWS\system32\csrr.rs
2015-08-23 06:57 - 2015-08-23 06:57 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\f3ahvoas.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RegCtrl.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00041984 _____ (Microsoft) C:\WINDOWS\system32\cob-au.rs
2015-08-23 06:57 - 2015-08-23 06:57 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regini.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\netfxperf.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnification.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00039384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\utildll.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cttunesvr.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RdpSa.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimtf.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\grpconv.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pifmgr.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\docprop.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\htui.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00034208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraSettingsUIHost.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MirrorDrvCompat.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprnext.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XInput1_4.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbrpm.sys
2015-08-23 06:57 - 2015-08-23 06:57 - 00032256 _____ (Microsoft) C:\WINDOWS\system32\usk.rs
2015-08-23 06:57 - 2015-08-23 06:57 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofTasks.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ThumbnailExtractionHost.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00028120 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpauto.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00027496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\version.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecerts.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrnsave.scr
2015-08-23 06:57 - 2015-08-23 06:57 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaApi.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\linkinfo.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shgina.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00024114 _____ C:\WINDOWS\SysWOW64\lcptr.tbl
2015-08-23 06:57 - 2015-08-23 06:57 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairingProxy.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RdpSaProxy.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lsmproxy.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RdpSaUacHelper.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsCtfMonitor.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00022528 _____ (Microsoft) C:\WINDOWS\system32\grb.rs
2015-08-23 06:57 - 2015-08-23 06:57 - 00021504 _____ (Microsoft) C:\WINDOWS\system32\pegi-pt.rs
2015-08-23 06:57 - 2015-08-23 06:57 - 00021504 _____ (Microsoft) C:\WINDOWS\system32\pegi.rs
2015-08-23 06:57 - 2015-08-23 06:57 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shunimpl.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscorier.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drprov.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscorier.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NcaApi.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shpafact.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shimgvw.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanui2.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDCHERP.DLL
2015-08-23 06:57 - 2015-08-23 06:57 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\clrhost.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00016384 _____ (Microsoft) C:\WINDOWS\system32\djctq.rs
2015-08-23 06:57 - 2015-08-23 06:57 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wksprtPS.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Startupscan.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prevhost.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00015872 _____ (Microsoft) C:\WINDOWS\system32\pcbp.rs
2015-08-23 06:57 - 2015-08-23 06:57 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\muifontsetup.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2015-08-23 06:57 - 2015-08-23 06:57 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clrhost.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDKOR.DLL
2015-08-23 06:57 - 2015-08-23 06:57 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LAPRXY.DLL
2015-08-23 06:57 - 2015-08-23 06:57 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\panmap.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsControlInternal.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IconCodecService.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceUxRes.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\verclsid.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RdpSaPs.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browseui.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoveDeviceElevated.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CHxReadingStringIME.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\write.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ctfmon.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebCache.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systray.exe
2015-08-23 06:57 - 2015-08-23 06:57 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nddeapi.dll
2015-08-23 06:57 - 2015-08-23 06:57 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msidle.dll
         


Alt 11.09.2015, 20:26   #6
lephex
 
Google wird zu Yahoo geleitet und Result Hub Ads - Standard

Google wird zu Yahoo geleitet und Result Hub Ads



Hab mal gezippt die Datei hatte fast 1 MB. lg

Alt 12.09.2015, 14:33   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Google wird zu Yahoo geleitet und Result Hub Ads - Standard

Google wird zu Yahoo geleitet und Result Hub Ads



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.09.2015, 14:33   #8
lephex
 
Google wird zu Yahoo geleitet und Result Hub Ads - Standard

Google wird zu Yahoo geleitet und Result Hub Ads



So hier nun endlich die Logs:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 17.09.2015
Suchlaufzeit: 13:42
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.09.17.02
Rootkit-Datenbank: v2015.08.16.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: felix

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 430374
Abgelaufene Zeit: 13 Min., 19 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 2
PUP.Optional.ResultsHub, C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_resultshub-a.akamaihd.net_0.localstorage, In Quarantäne, [0cea141cadde181e6a68654b44c008f8], 
PUP.Optional.ResultsHub, C:\Users\felix\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_resultshub-a.akamaihd.net_0.localstorage-journal, In Quarantäne, [01f50a260982c670be14921e46be39c7], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
# AdwCleaner v5.007 - Bericht erstellt am 17/09/2015 um 14:19:33
# Aktualisiert am 08/09/2015 von Xplode
# Datenbank : 2015-09-15.1 [Server]
# Betriebssystem : Windows 10 Pro Insider Preview  (x64)
# Benutzername : felix - ZARA
# Gestartet von : C:\Users\felix\Desktop\AdwCleaner_5.007.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [741 Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.1 (09.08.2015:1)
OS: Windows 10 Pro Insider Preview x64
Ran by felix on 17.09.2015 at 14:24:54,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Chrome


[C:\Users\felix\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\felix\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\felix\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\felix\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.09.2015 at 14:27:01,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 18.09.2015, 07:07   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Google wird zu Yahoo geleitet und Result Hub Ads - Standard

Google wird zu Yahoo geleitet und Result Hub Ads




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.09.2015, 14:06   #10
lephex
 
Google wird zu Yahoo geleitet und Result Hub Ads - Standard

Google wird zu Yahoo geleitet und Result Hub Ads



Also scheinbar bin ich wieder gesäubert unterwegs. Sollte sich wieder etwas einschleichen werde ich mich wieder hier melden. Vielen Dank für die Hilfe und einen schönen Tag !

Alt 19.09.2015, 16:57   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Google wird zu Yahoo geleitet und Result Hub Ads - Standard

Google wird zu Yahoo geleitet und Result Hub Ads



KOntrollscans von oben würde ich trotzdem machen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Google wird zu Yahoo geleitet und Result Hub Ads
ads, bricht, ebenfalls, error, erweiterungen, fehlermeldung, geleitet, gen, gmer, google, hoffe, klicke, latein, meinem, problem, results, scan, sekunden, yahoo



Ähnliche Themen: Google wird zu Yahoo geleitet und Result Hub Ads


  1. Yahoo anstelle von Google
    Log-Analyse und Auswertung - 26.11.2015 (41)
  2. Windows 7: Benutzerkonto wird fremd geleitet
    Log-Analyse und Auswertung - 09.04.2014 (9)
  3. Google-links werden auf falsche Webseiten geleitet
    Plagegeister aller Art und deren Bekämpfung - 18.03.2013 (12)
  4. Suche mit google wird nicht auf das ergebnis geleitet, sondern auf "newsfudge.com"
    Plagegeister aller Art und deren Bekämpfung - 21.06.2012 (23)
  5. Werde über Google immer auf die Seite www.abnow.com geleitet
    Plagegeister aller Art und deren Bekämpfung - 05.02.2012 (1)
  6. Suchergebnisse von Google werden auf falsche Seiten geleitet
    Log-Analyse und Auswertung - 18.01.2012 (17)
  7. Werde bei Google auf andere Seiten geleitet: 95.com oder mediashifting
    Plagegeister aller Art und deren Bekämpfung - 09.01.2012 (21)
  8. zwei Probleme: Avira AntiVir ist verschwunden + werde aus google auf fremde Seiten geleitet
    Plagegeister aller Art und deren Bekämpfung - 08.12.2011 (38)
  9. Google Suchergebnisse werden weiter geleitet Windows 7 Firewall kann nicht mehr aktiviert werden
    Log-Analyse und Auswertung - 15.07.2011 (19)
  10. Echter Anfänger braucht Hilfe: Google ergebnisse werden auf falsche Seiten geleitet
    Plagegeister aller Art und deren Bekämpfung - 24.01.2011 (18)
  11. Google wird über trialtry.cn geleitet
    Log-Analyse und Auswertung - 04.10.2009 (14)
  12. Google-Suche wird auf Werbeseiten geleitet
    Log-Analyse und Auswertung - 27.08.2009 (12)
  13. suchergeb. google wird auf yahoo usa umgeleitet
    Plagegeister aller Art und deren Bekämpfung - 18.08.2009 (2)
  14. Ich werde bei Google zu anderen Seiten geleitet
    Log-Analyse und Auswertung - 27.02.2009 (7)
  15. (Google-) Links werde auf andere URL geleitet. Bitte um Hilfe...
    Log-Analyse und Auswertung - 03.02.2009 (12)
  16. Explorer wird automatisch auf eine Seite geleitet
    Plagegeister aller Art und deren Bekämpfung - 06.08.2006 (1)
  17. Langsam und Blockade von Google und Yahoo
    Plagegeister aller Art und deren Bekämpfung - 13.12.2004 (2)

Zum Thema Google wird zu Yahoo geleitet und Result Hub Ads - Hi! Ich hoffe Ihr könnt mir helfen, ich hab ein Problem mit Results Hub Ads und der Yahoo Suche. In meinen Erweiterungen ist kein Yahoo drin, wenn ich google öffne - Google wird zu Yahoo geleitet und Result Hub Ads...
Archiv
Du betrachtest: Google wird zu Yahoo geleitet und Result Hub Ads auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.