Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 8/10: Hartnäckige russische Adware, die auch trotz Neuinstallation von Windows nicht verschwindet

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 05.10.2015, 14:44   #1
sky-frog
 
Windows 8/10: Hartnäckige russische Adware, die auch trotz Neuinstallation von Windows nicht verschwindet - Standard

Windows 8/10: Hartnäckige russische Adware, die auch trotz Neuinstallation von Windows nicht verschwindet



Hallo zusammen!

Folgendes Problem:

Seid ein paar Tagen taucht bei mir in allen Browsern (IE, Chrome, Mozilla etc.) nervige russische Adware auf, die ich einfach nicht wegbekomme. Die adware besteht aus Chatfenstern in russischer Sprache und Werbeeinblendungen (siehe Screenshots im Anhang) Drückt man auf Schließen, wird man auf russiche Seiten, wie epara.ru, wonderlandads.com etc. umgeleitet.
Mit meinem Virenscanner Avira Antivir, konnte ich nichts finden, daraufhin habe ich diverse Tools heruntergeladen, um die Adware aufzuspüren. Unter anderem:
Malwarebytes Antimalware, Adw Cleaner, TDSKiller, Hijackthis, Lavasoft Antispy etc.
Das Probleme ist, wenn ich im Internet nach "Adware epara.ru" oder "remove russian adware" suche, kommt es mir vor, als würde ich gezielt auf Seiten geleitet, die sich als falsche Hilfeseiten ausgeben und einem noch mehr Adware unterjubeln wollen.
Da mir die Sache nicht ganz geheuer war, habe ich daraufhin von meinem Handy aus gesucht und siehe da - die Suchergebnisse waren andere. Naja, irgendwie muss ich dann aber doch einen Fehler gemacht haben und jetzt habe ich die russische Adware auch auf meinem Android Smartphone. Es ist echt zum verzweifeln, da auch alle die oben genannten Programme nicht fündig werden. Lediglich das Programm von Malwarebytes zeigt an, dass "C:\Windows\System32\svchost.exe" ständig auf bösartige Websites (89.248.171.33, scopedi.ru, orodi.ru etc.) zugreifen möchte.

Nach zwei Tagen erfolgloser Rumprobiererei dachte ich mir: Gut, anstatt noch mehr Zeit zu vergeuden, installierst du Windows (ich habe Windows 8.1 verwendet) einfach neu. Gesagt getan, Windows neu installiert, aber zu meinem Schrecken: Beim ersten Öffnen des Browsers: Die Adware war immer noch da.
Daraufhin habe ich mein BIOS aktuallisiert und Windows statt von der Recoverypartition der Festplatte, noch einmal von CD installiert. Auch erfolglos. Auch ein Update auf Windows 10 hat nichts gebracht.
So langsam bin ich mit meinem Latein am Ende. Ich hoffe daher sehr, dass ihr mir weiterhelfen könnt.
Die Logfiles habe ich erstellt. Allerdings wurde beim Start von GMER, die Fehlermeldung "C:\WINDOWS\system32\config\system: The process cannot acces the file because it is being used by another process" angezeigt. In der Liste von GMER sind bereits zwei Einträge vorhanden (siehe Screenshot im Anhang). Den Scan mit GMER konnte ich leider nicht ausführen, da mein PC während des Scanvorgangs abstürzt. Daher habe ich keine Logdatei für GMER.

Bis dahin schonmal besten Dank.
Angehängte Grafiken
Dateityp: jpg Untitled2.jpg (126,4 KB, 217x aufgerufen)
Dateityp: jpg Untitled3.jpg (53,7 KB, 227x aufgerufen)
Angehängte Dateien
Dateityp: txt Addition.txt (15,2 KB, 133x aufgerufen)
Dateityp: log defogger_disable.log (472 Bytes, 77x aufgerufen)

Geändert von sky-frog (05.10.2015 um 14:47 Uhr) Grund: Formulierungsfehler

Alt 05.10.2015, 14:47   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8/10: Hartnäckige russische Adware, die auch trotz Neuinstallation von Windows nicht verschwindet - Standard

Windows 8/10: Hartnäckige russische Adware, die auch trotz Neuinstallation von Windows nicht verschwindet



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 05.10.2015, 14:59   #3
sky-frog
 
Windows 8/10: Hartnäckige russische Adware, die auch trotz Neuinstallation von Windows nicht verschwindet - Standard

Windows 8/10: Hartnäckige russische Adware, die auch trotz Neuinstallation von Windows nicht verschwindet



Oh, Entschuldigung, mein Fehler. Anbei die Logs:

Addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
Ran by miche (2015-10-05 08:23:26)
Running from C:\Users\miche\Desktop
Windows 10 Home (X64) (2015-10-05 10:47:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4089028371-3749330214-1444215298-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4089028371-3749330214-1444215298-503 - Limited - Disabled)
Guest (S-1-5-21-4089028371-3749330214-1444215298-501 - Limited - Disabled)
miche (S-1-5-21-4089028371-3749330214-1444215298-1001 - Administrator - Enabled) => C:\Users\miche

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avira Launcher (HKLM-x32\...\{5dfbeba9-9f22-463d-8c95-c861911810a2}) (Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation)
Mozilla Firefox 41.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 en-US)) (Version: 41.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.1 - Mozilla)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7589 - Realtek Semiconductor Corp.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

ATTENTION: System Restore is disabled
03-10-2015 12:07:22 Windows Modules Installer
04-10-2015 18:48:28 AA11

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-30 19:42 - 2015-07-30 19:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {220F2D4E-8F5F-4633-9CDB-13E5AB253612} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-05] (Google Inc.)
Task: {25398562-2931-4E64-B48B-62313DB583ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-05] (Google Inc.)
Task: {F638F5F4-A54F-4DB7-B73F-4B25D8C4E829} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-10 00:33 - 2015-07-10 00:33 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-07-10 00:19 - 2015-07-10 00:19 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 00:13 - 2015-07-10 00:13 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00406952 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 00:13 - 2015-09-10 02:08 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4089028371-3749330214-1444215298-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\miche\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\cimg4390.jpg
DNS Servers: 89.248.171.33 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B1785986-C01A-4271-870F-00AD98AAC4E5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{322FC412-B769-4DBC-BA1A-207B5C2E65E1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1A421D8B-9FFA-4858-A260-F661643BDEC3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/05/2015 08:03:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: tdsskiller.exe, version: 3.1.0.5, time stamp: 0x55b205b0
Faulting module name: tdsskiller.exe, version: 3.1.0.5, time stamp: 0x55b205b0
Exception code: 0x40000015
Fault offset: 0x0014240c
Faulting process id: 0x1378
Faulting application start time: 0xtdsskiller.exe0
Faulting application path: tdsskiller.exe1
Faulting module path: tdsskiller.exe2
Report Id: tdsskiller.exe3
Faulting package full name: tdsskiller.exe4
Faulting package-relative application ID: tdsskiller.exe5

Error: (10/05/2015 08:01:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10240.16384, time stamp: 0x559f3853
Faulting module name: EDGEHTML.dll, version: 11.0.10240.16485, time stamp: 0x55dea860
Exception code: 0xc0000602
Fault offset: 0x000000000053d7e6
Faulting process id: 0x1188
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (10/05/2015 08:01:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10240.16384, time stamp: 0x559f3853
Faulting module name: KERNELBASE.dll, version: 10.0.10240.16384, time stamp: 0x559f38c3
Exception code: 0x80000003
Fault offset: 0x000000000002a1c8
Faulting process id: 0x1188
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (10/05/2015 08:01:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10240.16384, time stamp: 0x559f3853
Faulting module name: EDGEHTML.dll, version: 11.0.10240.16485, time stamp: 0x55dea860
Exception code: 0xc0000602
Fault offset: 0x000000000053d7e6
Faulting process id: 0x1740
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5

Error: (10/05/2015 08:01:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10240.16384, time stamp: 0x559f3853
Faulting module name: KERNELBASE.dll, version: 10.0.10240.16384, time stamp: 0x559f38c3
Exception code: 0x80000003
Fault offset: 0x000000000002a1c8
Faulting process id: 0x1740
Faulting application start time: 0xmicrosoftedgecp.exe0
Faulting application path: microsoftedgecp.exe1
Faulting module path: microsoftedgecp.exe2
Report Id: microsoftedgecp.exe3
Faulting package full name: microsoftedgecp.exe4
Faulting package-relative application ID: microsoftedgecp.exe5


System errors:
=============
Error: (10/05/2015 08:02:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Intel(R) HD Graphics Control Panel Service service failed to start due to the following error: 
%%1053

Error: (10/05/2015 08:02:22 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Intel(R) HD Graphics Control Panel Service service to connect.

Error: (10/05/2015 07:52:30 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GRGQCFC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-GRGQCFCmicheS-1-5-21-4089028371-3749330214-1444215298-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (10/05/2015 07:52:30 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GRGQCFC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-GRGQCFCmicheS-1-5-21-4089028371-3749330214-1444215298-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (10/05/2015 07:52:30 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GRGQCFC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-GRGQCFCmicheS-1-5-21-4089028371-3749330214-1444215298-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (10/05/2015 07:52:30 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GRGQCFC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-GRGQCFCmicheS-1-5-21-4089028371-3749330214-1444215298-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (10/05/2015 07:52:30 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GRGQCFC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-GRGQCFCmicheS-1-5-21-4089028371-3749330214-1444215298-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (10/05/2015 07:52:29 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GRGQCFC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-GRGQCFCmicheS-1-5-21-4089028371-3749330214-1444215298-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (10/05/2015 07:52:29 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GRGQCFC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-GRGQCFCmicheS-1-5-21-4089028371-3749330214-1444215298-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (10/05/2015 07:52:29 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-GRGQCFC)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DESKTOP-GRGQCFCmicheS-1-5-21-4089028371-3749330214-1444215298-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 50%
Total physical RAM: 4019.27 MB
Available physical RAM: 1973.54 MB
Total Virtual: 5427.27 MB
Available Virtual: 3119.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:454.61 GB) (Free:428.44 GB) NTFS
Drive d: (Acer) (Fixed) (Total:460.34 GB) (Free:411.56 GB) NTFS
Drive e: (IRM_CCSA_X64CHK_EN-US_DV5) (CDROM) (Total:3.52 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 83E85FED)

Partition: GPT.

==================== End of Addition.txt ============================
         



defogger_disable.txt:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 08:19 on 05/10/2015 (miche)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
__________________

Alt 05.10.2015, 15:00   #4
sky-frog
 
Windows 8/10: Hartnäckige russische Adware, die auch trotz Neuinstallation von Windows nicht verschwindet - Standard

Windows 8/10: Hartnäckige russische Adware, die auch trotz Neuinstallation von Windows nicht verschwindet



FRST.txt

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
Ran by miche (administrator) on DESKTOP-GRGQCFC (05-10-2015 08:21:34)
Running from C:\Users\miche\Desktop
Loaded Profiles: miche (Available Profiles: miche)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16405744 2015-10-05] (Realtek Semiconductor)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-10] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-4089028371-3749330214-1444215298-1001\...\RunOnce: [Uninstall C:\Users\miche\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\miche\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-4089028371-3749330214-1444215298-1001\...\RunOnce: [Uninstall C:\Users\miche\AppData\Local\Microsoft\OneDrive\17.3.5892.0626] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\miche\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 89.248.171.33 8.8.8.8
Tcpip\..\Interfaces\{28c02460-3617-40d9-a98e-0653c343177d}: [DhcpNameServer] 89.248.171.33 8.8.8.8

Internet Explorer:
==================

FireFox:
========
FF ProfilePath: C:\Users\miche\AppData\Roaming\Mozilla\Firefox\Profiles\zswb6h5f.default
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-05] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\miche\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\miche\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-05]
CHR Extension: (Google Docs) - C:\Users\miche\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-05]
CHR Extension: (Google Drive) - C:\Users\miche\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-05]
CHR Extension: (YouTube) - C:\Users\miche\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-05]
CHR Extension: (Google-Suche) - C:\Users\miche\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-05]
CHR Extension: (Google Tabellen) - C:\Users\miche\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-05]
CHR Extension: (Google Docs Offline) - C:\Users\miche\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\miche\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-10-05]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\miche\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-05]
CHR Extension: (Google Mail) - C:\Users\miche\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-05]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2278152 2015-10-05] (Broadcom Corporation.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [361384 2015-10-05] (Intel Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [199472 2015-10-05] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7593176 2015-06-17] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-06-17] (Realtek                                            )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [761600 2015-10-05] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [56520 2015-10-05] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-05 08:22 - 2015-10-05 08:22 - 00380416 _____ C:\Users\miche\Desktop\Gmer-19357.exe
2015-10-05 08:21 - 2015-10-05 08:22 - 00007669 _____ C:\Users\miche\Desktop\FRST.txt
2015-10-05 08:20 - 2015-10-05 08:21 - 00000000 ____D C:\FRST
2015-10-05 08:19 - 2015-10-05 08:19 - 00000472 _____ C:\Users\miche\Desktop\defogger_disable.log
2015-10-05 08:19 - 2015-10-05 08:19 - 00000000 _____ C:\Users\miche\defogger_reenable
2015-10-05 08:18 - 2015-10-05 08:20 - 02193920 _____ (Farbar) C:\Users\miche\Desktop\FRST64.exe
2015-10-05 08:18 - 2015-10-05 08:17 - 00050477 _____ C:\Users\miche\Desktop\Defogger.exe
2015-10-05 08:17 - 2015-10-05 08:17 - 00050477 _____ C:\Users\miche\Downloads\Defogger.exe
2015-10-05 08:07 - 2015-10-05 08:07 - 00000000 ___HD C:\OneDriveTemp
2015-10-05 08:07 - 2015-10-05 08:07 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-10-05 08:07 - 2015-10-05 08:07 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-10-05 08:07 - 2015-10-05 08:07 - 00000000 ____D C:\WINDOWS\system32\DAX2
2015-10-05 08:07 - 2015-10-05 08:07 - 00000000 ____D C:\Program Files\Realtek
2015-10-05 08:06 - 2015-10-05 08:06 - 72121872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2015-10-05 08:06 - 2015-10-05 08:06 - 14058776 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 13122280 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 12988048 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 07172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 06264640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 05804772 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2015-10-05 08:06 - 2015-10-05 08:06 - 05778712 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 05410272 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 05289952 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 04607744 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-10-05 08:06 - 2015-10-05 08:06 - 03653480 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-10-05 08:06 - 2015-10-05 08:06 - 03299832 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 03273432 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 03234992 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 03200501 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat
2015-10-05 08:06 - 2015-10-05 08:06 - 02999024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 02988288 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 02824800 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 02712816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-10-05 08:06 - 2015-10-05 08:06 - 02633960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 02491640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 02423480 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 02192512 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 02110600 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 02051704 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 01961128 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 01761024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 01601952 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 01592584 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 01436672 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 01397288 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 01383760 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 01347816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 01335904 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 01213360 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 01165856 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 01124168 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 01005384 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00999552 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00966552 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00962544 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00953728 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00933144 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00925264 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00888480 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00874736 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00873472 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00832864 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00751296 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00728960 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00709840 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00700592 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00679712 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00679200 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00645456 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00619712 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00596120 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00570960 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.DLL
2015-10-05 08:06 - 2015-10-05 08:06 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00505832 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00502080 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00468688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00450104 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00449248 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00445408 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00429752 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00363576 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00358272 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00342680 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00342680 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00342168 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00332088 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00327464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00323240 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00323240 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00274240 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00260808 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00255424 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00255392 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00233448 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00225784 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaemaxapo64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00223496 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00216360 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00209544 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00196712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00174104 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00167728 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00158704 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00153312 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00135728 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00122328 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00120120 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00118600 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00112512 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00105312 _____ C:\WINDOWS\system32\audioLibVc.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00092448 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00089872 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00088328 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00086144 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00077064 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2015-10-05 08:06 - 2015-10-05 08:06 - 00025224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2015-10-05 08:04 - 2015-10-05 08:04 - 00001283 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-10-05 08:04 - 2015-10-05 08:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-10-05 08:04 - 2015-10-05 08:04 - 00000000 ____D C:\ProgramData\Avira
2015-10-05 08:04 - 2015-10-05 08:04 - 00000000 ____D C:\Program Files (x86)\Avira
2015-10-05 08:03 - 2015-10-05 08:03 - 09898752 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2015-10-05 08:03 - 2015-10-05 08:03 - 04559688 _____ (Avira Operations GmbH & Co. KG) C:\Users\miche\Downloads\avira_en_av_561258aef309d__ws.exe
2015-10-05 08:03 - 2015-10-05 08:03 - 00761600 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsPer.sys
2015-10-05 08:03 - 2015-10-05 08:03 - 00091904 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll
2015-10-05 08:03 - 2015-10-05 08:03 - 00056520 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynRMIHID.sys
2015-10-05 08:03 - 2015-10-05 08:03 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-10-05 08:03 - 2015-10-05 08:03 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-05 08:02 - 2015-10-05 08:02 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2015-10-05 08:02 - 2015-10-05 08:02 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-10-05 08:02 - 2015-10-05 08:02 - 00000000 ____D C:\Program Files (x86)\Intel
2015-10-05 08:02 - 2015-10-05 08:00 - 00096768 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-10-05 08:02 - 2015-10-05 08:00 - 00092672 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-10-05 08:01 - 2015-10-05 08:01 - 00000000 ____D C:\WINDOWS\LastGood
2015-10-05 08:01 - 2015-10-05 08:01 - 00000000 ____D C:\Program Files\Intel
2015-10-05 08:00 - 2015-10-05 08:00 - 36300128 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 35373416 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 31279752 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 29970032 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 29094400 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 19852808 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 13822376 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 13045848 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 11423736 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 11359024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 10654536 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 08518656 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 07957573 _____ C:\WINDOWS\system32\igdclbif.bin
2015-10-05 08:00 - 2015-10-05 08:00 - 06415288 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-10-05 08:00 - 2015-10-05 08:00 - 06382720 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 05676544 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 05254152 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 05062576 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 05040848 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 04919224 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 04673544 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 04111368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 03959816 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 02813952 _____ C:\WINDOWS\system32\iglhxa64.cpa
2015-10-05 08:00 - 2015-10-05 08:00 - 02038792 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 01792384 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 01789768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 01653704 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 01575936 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 01323712 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 01166840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 01017272 _____ C:\WINDOWS\system32\igfxSDK.exe
2015-10-05 08:00 - 2015-10-05 08:00 - 00940968 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-10-05 08:00 - 2015-10-05 08:00 - 00935864 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-10-05 08:00 - 2015-10-05 08:00 - 00816487 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2015-10-05 08:00 - 2015-10-05 08:00 - 00735232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00641530 _____ C:\WINDOWS\system32\FilmModeDetection.wmv
2015-10-05 08:00 - 2015-10-05 08:00 - 00617480 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00606632 _____ (Intel Corporation) C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2015-10-05 08:00 - 2015-10-05 08:00 - 00528808 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-10-05 08:00 - 2015-10-05 08:00 - 00511260 _____ C:\WINDOWS\system32\cp_resources.bin
2015-10-05 08:00 - 2015-10-05 08:00 - 00459176 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-10-05 08:00 - 2015-10-05 08:00 - 00432128 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00408056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00406952 _____ C:\WINDOWS\system32\igfxTray.exe
2015-10-05 08:00 - 2015-10-05 08:00 - 00403671 _____ C:\WINDOWS\system32\ImageStabilization.wmv
2015-10-05 08:00 - 2015-10-05 08:00 - 00394760 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00380928 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00375173 _____ C:\WINDOWS\system32\ColorImageEnhancement.wmv
2015-10-05 08:00 - 2015-10-05 08:00 - 00368120 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00361384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-10-05 08:00 - 2015-10-05 08:00 - 00342032 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCComp64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00338344 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-10-05 08:00 - 2015-10-05 08:00 - 00322600 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00310272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00296728 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00291768 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-10-05 08:00 - 2015-10-05 08:00 - 00280688 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00278216 ____N (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\03840608.sys
2015-10-05 08:00 - 2015-10-05 08:00 - 00266240 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-10-05 08:00 - 2015-10-05 08:00 - 00259584 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00259496 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-10-05 08:00 - 2015-10-05 08:00 - 00253440 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00232848 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00229288 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-10-05 08:00 - 2015-10-05 08:00 - 00224680 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-10-05 08:00 - 2015-10-05 08:00 - 00224168 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-10-05 08:00 - 2015-10-05 08:00 - 00218112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00215560 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4279.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00212080 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00196408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00182272 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00175176 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00172632 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00171032 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00167336 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-10-05 08:00 - 2015-10-05 08:00 - 00163840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00152616 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00151720 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00150192 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00102920 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00096768 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00096256 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00092672 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00092168 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00082440 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00073224 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00045960 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00045560 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00044025 _____ C:\WINDOWS\system32\iglhxo64.vp
2015-10-05 08:00 - 2015-10-05 08:00 - 00043816 _____ C:\WINDOWS\system32\iglhxc64_dev.vp
2015-10-05 08:00 - 2015-10-05 08:00 - 00043494 _____ C:\WINDOWS\system32\iglhxc64.vp
2015-10-05 08:00 - 2015-10-05 08:00 - 00043298 _____ C:\WINDOWS\system32\iglhxg64_dev.vp
2015-10-05 08:00 - 2015-10-05 08:00 - 00043256 _____ C:\WINDOWS\system32\iglhxg64.vp
2015-10-05 08:00 - 2015-10-05 08:00 - 00042079 _____ C:\WINDOWS\system32\iglhxo64_dev.vp
2015-10-05 08:00 - 2015-10-05 08:00 - 00022016 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00022016 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00020472 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00018952 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00015360 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00015360 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-10-05 08:00 - 2015-10-05 08:00 - 00004674 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-10-05 08:00 - 2015-10-05 08:00 - 00001125 _____ C:\WINDOWS\system32\iglhxa64.vp
2015-10-05 07:59 - 2015-10-05 08:00 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\miche\Downloads\tdsskiller.exe
2015-10-05 07:57 - 2015-10-05 08:14 - 00000000 ____D C:\Users\miche\AppData\Local\Mozilla
2015-10-05 07:57 - 2015-10-05 07:58 - 00000000 ____D C:\Users\miche\AppData\Roaming\Mozilla
2015-10-05 07:57 - 2015-10-05 07:57 - 00002328 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-05 07:57 - 2015-10-05 07:57 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-05 07:57 - 2015-10-05 07:57 - 00001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-05 07:57 - 2015-10-05 07:57 - 00000000 ____D C:\Users\miche\AppData\Roaming\Macromedia
2015-10-05 07:57 - 2015-10-05 07:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-05 07:57 - 2015-10-05 07:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-05 07:57 - 2015-10-05 07:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-05 07:56 - 2015-10-05 08:01 - 00001140 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-05 07:56 - 2015-10-05 08:01 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-05 07:56 - 2015-10-05 07:56 - 00004198 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-10-05 07:56 - 2015-10-05 07:56 - 00003966 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-10-05 07:55 - 2015-10-05 07:57 - 00000000 ____D C:\Users\miche\AppData\Local\Google
2015-10-05 07:55 - 2015-10-05 07:56 - 00243672 _____ C:\Users\miche\Downloads\Firefox Setup Stub 41.0.1.exe
2015-10-05 07:55 - 2015-10-05 07:56 - 00000000 ____D C:\Program Files (x86)\Google
2015-10-05 07:55 - 2015-10-05 07:55 - 00929872 _____ (Google Inc.) C:\Users\miche\Downloads\ChromeSetup.exe
2015-10-05 07:54 - 2015-10-05 08:08 - 00000000 ____D C:\Users\miche\OneDrive
2015-10-05 07:54 - 2015-10-05 07:56 - 00002338 _____ C:\Users\miche\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-05 07:54 - 2015-10-05 07:54 - 00000000 ____D C:\Users\miche\AppData\Local\MicrosoftEdge
2015-10-05 07:53 - 2015-10-05 07:53 - 00000000 ____D C:\Users\miche\AppData\Local\Comms
2015-10-05 07:53 - 2015-07-09 20:38 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0007.dll
2015-10-05 07:53 - 2015-07-09 20:37 - 09565696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData000a.dll
2015-10-05 07:53 - 2015-07-09 20:37 - 04386304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MLS6.dll
2015-10-05 07:53 - 2015-07-09 20:36 - 12039680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0007.dll
2015-10-05 07:53 - 2015-07-09 20:36 - 09893888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons000a.dll
2015-10-05 07:53 - 2015-07-09 20:36 - 05091840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0416.dll
2015-10-05 07:53 - 2015-07-09 20:36 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0416.dll
2015-10-05 07:53 - 2015-07-09 20:26 - 09687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData000a.dll
2015-10-05 07:53 - 2015-07-09 20:26 - 04431872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MLS6.dll
2015-10-05 07:53 - 2015-07-09 20:26 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0007.dll
2015-10-05 07:53 - 2015-07-09 20:25 - 12039680 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0007.dll
2015-10-05 07:53 - 2015-07-09 20:25 - 11602944 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0007.dll
2015-10-05 07:53 - 2015-07-09 20:25 - 09893888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons000a.dll
2015-10-05 07:53 - 2015-07-09 20:25 - 05091840 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0416.dll
2015-10-05 07:53 - 2015-07-09 20:25 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0416.dll
2015-10-05 07:52 - 2015-10-05 07:52 - 00001051 _____ C:\Users\miche\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk
2015-10-05 07:52 - 2015-10-05 07:52 - 00000000 ____D C:\Users\miche\AppData\Local\Publishers
2015-10-05 07:51 - 2015-10-05 08:14 - 00000000 ____D C:\Users\miche\AppData\Local\Packages
2015-10-05 07:51 - 2015-10-05 08:11 - 00000000 ____D C:\Users\miche\AppData\Local\PackageStaging
2015-10-05 07:51 - 2015-10-05 07:51 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-GRGQCFC_miche_HistoryPrediction.bin
2015-10-05 07:51 - 2015-10-05 07:51 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-GRGQCFC_defaultuser0_HistoryPrediction.bin
2015-10-05 07:51 - 2015-10-05 07:51 - 00000000 ____D C:\Users\miche\AppData\Roaming\Adobe
2015-10-05 07:51 - 2015-10-05 07:51 - 00000000 ____D C:\Users\miche\AppData\Local\VirtualStore
2015-10-05 07:51 - 2015-10-05 07:51 - 00000000 ____D C:\Users\miche\AppData\Local\TileDataLayer
2015-10-05 07:50 - 2015-10-05 07:50 - 02278152 _____ (Broadcom Corporation.) C:\WINDOWS\system32\BtwRSupportService.exe
2015-10-05 07:50 - 2015-10-05 07:50 - 00214320 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\btwampfl.sys
2015-10-05 07:50 - 2015-10-05 07:50 - 00199472 _____ (Broadcom Corporation.) C:\WINDOWS\system32\Drivers\bcbtums.sys
2015-10-05 07:50 - 2015-10-05 07:50 - 00092424 _____ (Broadcom Corporation.) C:\WINDOWS\system32\btwdi.dll
2015-10-05 07:50 - 2015-10-05 07:50 - 00058720 _____ C:\WINDOWS\system32\Drivers\BCM43142A0_001.001.011.0311.0330.hex
2015-10-05 07:49 - 2015-10-05 08:19 - 00000000 ____D C:\Users\miche
2015-10-05 07:49 - 2015-10-05 07:51 - 00000000 ___RD C:\Users\miche\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-05 07:49 - 2015-10-05 07:49 - 00000020 ___SH C:\Users\miche\ntuser.ini
2015-10-05 07:49 - 2015-07-30 19:42 - 00000000 __RSD C:\Users\miche\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-05 07:49 - 2015-07-30 19:42 - 00000000 ___RD C:\Users\miche\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-05 07:49 - 2015-07-30 19:42 - 00000000 ___RD C:\Users\miche\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-05 07:49 - 2015-07-30 19:42 - 00000000 ____D C:\Users\miche\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-05 06:55 - 2015-10-05 07:46 - 00000000 ___DC C:\WINDOWS\Panther
2015-10-05 06:52 - 2015-10-05 06:52 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-10-05 06:52 - 2015-10-05 06:52 - 00000000 ____D C:\Windows.old
2015-10-05 06:06 - 2015-10-05 08:06 - 00830266 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-05 06:02 - 2015-10-05 06:02 - 00000000 __SHD C:\Recovery
2015-10-05 06:00 - 2015-10-05 07:48 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-05 05:57 - 2015-10-05 05:57 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-10-05 01:06 - 2015-10-05 06:52 - 00000000 ___HD C:\$Windows.~BT
2015-10-05 00:56 - 2015-10-05 00:57 - 00000000 ____D C:\ESD
2015-10-05 00:42 - 2015-10-05 00:42 - 00000000 ____D C:\AdwCleaner
2015-10-05 00:04 - 2015-10-05 00:04 - 00000000 ___HD C:\$Windows.~WS
2015-10-04 22:13 - 2015-10-05 08:02 - 00000000 ____D C:\Intel
2015-09-10 02:45 - 2015-09-10 02:45 - 00016148 _____ C:\WINDOWS\system32\WIN-NNT08T7CH0A_Administrator_HistoryPrediction.bin
2015-09-10 02:43 - 2015-09-10 02:43 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-09-10 02:35 - 2015-07-10 02:37 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-09-10 02:32 - 2015-10-05 05:55 - 00000796 _____ C:\WINDOWS\PFRO.log
2015-09-10 02:20 - 2015-07-09 22:57 - 00031816 _____ C:\WINDOWS\Core.xml
2015-09-10 02:19 - 2015-09-10 02:19 - 00000000 __RHD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
2015-09-10 02:19 - 2015-09-10 02:19 - 00000000 ____D C:\WINDOWS\ShellNew
2015-09-10 02:19 - 2015-09-10 02:19 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 02:09 - 2015-10-05 07:53 - 00000000 ____D C:\WINDOWS\OCR
2015-09-10 02:08 - 2015-09-10 02:08 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 07051264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 06488312 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 05118024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 05076480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02741760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02207744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01562968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01561872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01420288 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01356368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-09-10 02:08 - 2015-09-10 02:08 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-09-10 02:08 - 2015-09-10 02:08 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-09-10 02:08 - 2015-09-10 02:08 - 00966424 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00808856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00762896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00521216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-09-10 02:08 - 2015-09-10 02:08 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00407616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-09-10 02:08 - 2015-09-10 02:08 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00335360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-09-10 02:08 - 2015-09-10 02:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-09-10 02:08 - 2015-09-10 02:08 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-09-10 02:08 - 2015-09-10 02:08 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-09-10 02:08 - 2015-09-10 02:08 - 00000000 ____D C:\WINDOWS\SKB
2015-09-10 02:05 - 2015-09-10 02:05 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2015-09-10 02:05 - 2015-09-10 02:05 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-09-10 02:05 - 2015-09-10 02:05 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-09-10 02:05 - 2015-09-10 02:05 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2015-09-10 02:05 - 2015-09-10 02:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-09-10 02:05 - 2015-09-10 02:05 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2015-09-10 02:05 - 2015-09-10 02:05 - 00000000 ____D C:\WINDOWS\system32\winrm
2015-09-10 02:05 - 2015-09-10 02:05 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-09-10 02:05 - 2015-09-10 02:05 - 00000000 ____D C:\WINDOWS\system32\slmgr
2015-09-10 02:05 - 2015-09-10 02:05 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2015-09-10 02:05 - 2015-09-10 02:05 - 00000000 ____D C:\WINDOWS\system32\0409

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-05 08:19 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-05 08:07 - 2015-07-30 18:50 - 00010636 _____ C:\WINDOWS\setupact.log
2015-10-05 07:54 - 2015-07-30 19:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-05 07:50 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-10-05 07:47 - 2015-07-30 18:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-05 07:46 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-05 06:55 - 2015-07-30 19:42 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-10-05 06:54 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-10-05 06:04 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\rescache
2015-10-05 06:01 - 2015-07-30 18:49 - 00189240 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-05 06:01 - 2015-07-10 06:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-10-05 05:59 - 2015-07-30 19:43 - 00003077 _____ C:\WINDOWS\DtcInstall.log
2015-10-05 05:59 - 2015-07-10 06:47 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-10-05 05:55 - 2015-07-10 06:47 - 00000000 __RHD C:\Users\Default
2015-09-10 02:38 - 2015-07-30 19:42 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-09-10 02:38 - 2015-07-30 19:42 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-09-10 02:38 - 2015-07-30 19:42 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-09-10 02:37 - 2015-07-30 19:42 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-09-10 02:20 - 2015-07-30 19:42 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-10 02:20 - 2015-07-30 19:42 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-10 02:20 - 2015-07-30 19:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-10 02:20 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-09-10 02:20 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-09-10 02:20 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-09-10 02:20 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-09-10 02:20 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-10 02:20 - 2015-07-10 06:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-09-10 02:20 - 2015-07-10 06:47 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-09-10 02:19 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\Web
2015-09-10 02:19 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\Provisioning
2015-09-10 02:19 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-10 02:19 - 2015-07-10 00:36 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorCustomAdbAlgorithm.dll
2015-09-10 02:19 - 2015-07-10 00:32 - 02533888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysis.dll
2015-09-10 02:19 - 2015-07-10 00:31 - 01949696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsCpl.dll
2015-09-10 02:19 - 2015-07-10 00:28 - 03793408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-09-10 02:19 - 2015-07-10 00:27 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll
2015-09-10 02:19 - 2015-07-10 00:27 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll
2015-09-10 02:19 - 2015-07-10 00:26 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SNTSearch.dll
2015-09-10 02:19 - 2015-07-10 00:25 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mblctr.exe
2015-09-10 02:19 - 2015-07-10 00:25 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2015-09-10 02:19 - 2015-07-10 00:25 - 00274224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpendp.dll
2015-09-10 02:19 - 2015-07-10 00:24 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinput.exe
2015-09-10 02:19 - 2015-07-10 00:24 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-09-10 02:19 - 2015-07-10 00:24 - 00038752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\terminpt.sys
2015-09-10 02:19 - 2015-07-10 00:24 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpbus.sys
2015-09-10 02:19 - 2015-07-10 00:23 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2015-09-10 02:19 - 2015-07-10 00:22 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2015-09-10 02:19 - 2015-07-10 00:22 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hwrcomp.exe
2015-09-10 02:19 - 2015-07-10 00:21 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hwrreg.exe
2015-09-10 02:19 - 2015-07-10 00:21 - 00177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2015-09-10 02:19 - 2015-07-10 00:21 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsClassExtension.dll
2015-09-10 02:19 - 2015-07-10 00:20 - 01949696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsCpl.dll
2015-09-10 02:19 - 2015-07-10 00:20 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorPerformanceEvents.dll
2015-09-10 02:19 - 2015-07-10 00:17 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpendp.dll
2015-09-10 02:19 - 2015-07-10 00:16 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\RotMgr.dll
2015-09-10 02:19 - 2015-07-10 00:15 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfdts.dll
2015-09-10 02:19 - 2015-07-10 00:13 - 00029536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2015-09-10 02:18 - 2015-07-10 00:24 - 00512512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SnippingTool.exe
2015-09-10 02:18 - 2015-07-10 00:24 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2015-09-10 02:18 - 2015-07-10 00:22 - 03603968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysis.dll
2015-09-10 02:18 - 2015-07-10 00:18 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2015-09-10 02:18 - 2015-07-10 00:18 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetppui.dll
2015-09-10 02:18 - 2015-07-10 00:18 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2015-09-10 02:18 - 2015-07-10 00:17 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2015-09-10 02:18 - 2015-07-10 00:15 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\DFDWiz.exe
2015-09-10 02:08 - 2015-07-30 19:43 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-10 02:08 - 2015-07-30 19:43 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-10 02:08 - 2015-07-10 00:38 - 04847104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2015-09-10 02:08 - 2015-07-10 00:36 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2015-09-10 02:08 - 2015-07-10 00:28 - 06358016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2015-09-10 02:08 - 2015-07-10 00:25 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2015-09-10 02:08 - 2015-07-10 00:25 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2015-09-10 02:08 - 2015-07-10 00:21 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\jnwmon.dll
2015-09-10 02:05 - 2015-07-30 19:42 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-09-10 02:05 - 2015-07-30 19:42 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2015-09-10 02:05 - 2015-07-30 19:42 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-09-10 02:05 - 2015-07-30 19:42 - 00000000 ___SD C:\WINDOWS\system32\dsc
2015-09-10 02:05 - 2015-07-30 19:42 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2015-09-10 02:05 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-09-10 02:05 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2015-09-10 02:05 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-09-10 02:05 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\system32\migwiz
2015-09-10 02:05 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\system32\Com
2015-09-10 02:05 - 2015-07-30 19:42 - 00000000 ____D C:\WINDOWS\Help
2015-09-10 02:05 - 2015-07-30 19:42 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-09-10 02:05 - 2015-07-30 19:42 - 00000000 ____D C:\Program Files\Windows Defender
2015-09-10 02:05 - 2015-07-30 19:42 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-10 02:05 - 2015-07-30 19:42 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-09-10 02:05 - 2015-07-30 19:42 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-09-10 02:05 - 2015-07-10 06:47 - 00000000 ____D C:\WINDOWS\servicing

==================== Files in the root of some directories =======

2015-10-05 08:07 - 2015-10-05 08:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-05 05:55

==================== End of FRST.txt ============================
         
--- --- ---

Alt 06.10.2015, 11:31   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8/10: Hartnäckige russische Adware, die auch trotz Neuinstallation von Windows nicht verschwindet - Standard

Windows 8/10: Hartnäckige russische Adware, die auch trotz Neuinstallation von Windows nicht verschwindet



Router bitte auf Werkseinstellungen zurücksetzen, Verbindungsdaten neu eingeben, frisches FRST log bitte.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.10.2015, 13:38   #6
sky-frog
 
Windows 8/10: Hartnäckige russische Adware, die auch trotz Neuinstallation von Windows nicht verschwindet - Standard

Dankeee



Hey Schrauber,

vielen Dank für den Tipp! Genau das war es auch: Router zurückgesetzt, Passwort und DNS Daten geändert und jetzt läuft wieder alles. Ich wäre niemals darauf gekommen, dass mein Router evtl. befallen sein könnte.

Vielen Dank nochmal. Ihr macht hier echt nen super Job! Großer Respekt!

Beste Grüße!

Alt 27.10.2015, 18:22   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 8/10: Hartnäckige russische Adware, die auch trotz Neuinstallation von Windows nicht verschwindet - Standard

Windows 8/10: Hartnäckige russische Adware, die auch trotz Neuinstallation von Windows nicht verschwindet



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 8/10: Hartnäckige russische Adware, die auch trotz Neuinstallation von Windows nicht verschwindet
adware, antivir, avira, bios, browser, diverse, fehler, fehlermeldung, festplatte, hijack, hijacker, hijackthis, internet, langsam, logfiles, malware / spyware, mozilla, problem, programme, russische seite, scan, schließen, seiten, suche, svchost.exe, system, werbeeinblendungen, windows



Ähnliche Themen: Windows 8/10: Hartnäckige russische Adware, die auch trotz Neuinstallation von Windows nicht verschwindet


  1. Windows 8 / Firefox russische Po-ups behindern normales Surfen
    Log-Analyse und Auswertung - 16.09.2015 (10)
  2. Windows XP mit Adware befallen, eventuell auch mit Virus
    Plagegeister aller Art und deren Bekämpfung - 25.05.2015 (15)
  3. Windows 8.1: nach Update Adware/PUA Fund und Windows.old nicht gefunden
    Log-Analyse und Auswertung - 22.02.2015 (3)
  4. Windows 7 : Windows Version Installer Overlay und Continue Live Installation.exe verschwindet nicht.
    Log-Analyse und Auswertung - 09.10.2014 (9)
  5. Internet trotz Neuinstallation Windows 7 extrem langsam
    Alles rund um Windows - 25.09.2014 (9)
  6. Windows 7 Neuinstallation nicht möglich
    Log-Analyse und Auswertung - 07.09.2014 (3)
  7. Sowohl Windows XP als auch Windows 7: defogger_disable.txt ist nicht auffindbar.
    Log-Analyse und Auswertung - 28.04.2014 (33)
  8. Windows 7 64bit: Computer bootet langsam trotz Neuinstallation
    Alles rund um Windows - 06.03.2014 (1)
  9. Adware trotz Windows 7 Neuinstallation
    Alles rund um Windows - 17.11.2013 (0)
  10. Windows 7: QV06 Virus verschwindet nicht
    Log-Analyse und Auswertung - 23.08.2013 (3)
  11. Trojaner trotz Windows neuinstallation NICHT vom PC entfernt
    Plagegeister aller Art und deren Bekämpfung - 14.08.2013 (2)
  12. "Eazel" in Firefox verschwindet nicht trotz Malware-Scan+löschen der infizierten Objekte
    Plagegeister aller Art und deren Bekämpfung - 30.04.2013 (19)
  13. Windows Neuinstallation nicht möglich
    Plagegeister aller Art und deren Bekämpfung - 03.10.2012 (3)
  14. Laptop Läuft nur noch im Abgesicherten Modus, auch nach Windows Neuinstallation !
    Alles rund um Windows - 09.05.2011 (5)
  15. trotz Neuinstallation von Windows Probleme mit TR/Crypt.XPACK.Gen
    Plagegeister aller Art und deren Bekämpfung - 02.12.2010 (5)
  16. SecurityTool verschwindet trotz AntiMalware nicht
    Plagegeister aller Art und deren Bekämpfung - 23.08.2010 (5)
  17. Ad Aware läuft nicht mehr trotz mehrfacher Neuinstallation
    Antiviren-, Firewall- und andere Schutzprogramme - 20.06.2006 (3)

Zum Thema Windows 8/10: Hartnäckige russische Adware, die auch trotz Neuinstallation von Windows nicht verschwindet - Hallo zusammen! Folgendes Problem: Seid ein paar Tagen taucht bei mir in allen Browsern (IE, Chrome, Mozilla etc.) nervige russische Adware auf, die ich einfach nicht wegbekomme. Die adware besteht - Windows 8/10: Hartnäckige russische Adware, die auch trotz Neuinstallation von Windows nicht verschwindet...
Archiv
Du betrachtest: Windows 8/10: Hartnäckige russische Adware, die auch trotz Neuinstallation von Windows nicht verschwindet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.