Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Streaming Dienst Account gehackt. PC befallen?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 29.01.2016, 17:31   #1
Yannick95
 
Streaming Dienst Account gehackt. PC befallen? - Böse

Streaming Dienst Account gehackt. PC befallen?



Hallo mir wurde vorgestern mein Account bei einem Streamingdienst gehackt. Und von daher wollte ich euch Fragen ob ihr mir helfen könnt mein PC zu scannen. Obwohl ich hauptsächlich die PS4 für den Streamingdienst genutzt habe. Das Adminkonto war zu diesem Zeitpunkt versucht habe eine Datei unter x86 zu löschen was aber nicht funktioniert hat


Hatte die Logs leider ausgestellt vom Virenssystem, deshalb nur ein Screen.

Ich hoffe ihr könnt mir mit diesen Sachen helfen. (Addition + FRST als 7Zip im Anhang, wäre sonst zu lang, selbst wenn ich alles einzeln den Code reinschreiben würde)

Beste Grüße Yannick

Geändert von Yannick95 (29.01.2016 um 17:38 Uhr)

Alt 31.01.2016, 20:07   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Streaming Dienst Account gehackt. PC befallen? - Standard

Streaming Dienst Account gehackt. PC befallen?



Hi und

Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 31.01.2016, 20:30   #3
Yannick95
 
Streaming Dienst Account gehackt. PC befallen? - Standard

Streaming Dienst Account gehackt. PC befallen?



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-01-2016
durchgeführt von Yannick (2016-01-29 17:13:19)
Gestartet von C:\Users\Yannick\Desktop
Windows 10 Home (X64) (2016-01-01 22:54:14)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3391011429-186193620-3244763449-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3391011429-186193620-3244763449-503 - Limited - Disabled)
Gast (S-1-5-21-3391011429-186193620-3244763449-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3391011429-186193620-3244763449-1005 - Limited - Enabled)
Yannick (S-1-5-21-3391011429-186193620-3244763449-1002 - Administrator - Enabled) => C:\Users\Yannick

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Aftermath version 1.0 (HKLM-x32\...\{024D0ADC-6846-4B7A-B12F-D571DF826068}}_is1) (Version: 1.0 - Free Reign Entertainment)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version:  - Gameforge)
Amazon Music (HKU\S-1-5-21-3391011429-186193620-3244763449-1002\...\Amazon Amazon Music) (Version: 4.0.0.1205 - Amazon Services LLC)
Andy OS (HKLM\...\Andy OS) (Version: 46.1.528.0 - Andy OS, Inc)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version:  - Studio Wildcard)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
BrowserProtect (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version:  - ) <==== ACHTUNG
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version:  - )
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1.172 - SG Europe)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dropbox (HKU\S-1-5-21-3391011429-186193620-3244763449-1002\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Flixster (HKLM-x32\...\com.wb.DC2) (Version: 0.1.15 - Warner Bros. Entertainment Inc.)
Flixster (x32 Version: 0.1.15 - Warner Bros. Entertainment Inc.) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.50.1122 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.50.1122 - DVDVideoSoft Ltd.)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Gameforge Live 2.0.7 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.7 - Gameforge)
Geeks3D FurMark 1.13.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
ICQ 8.0 (build 5996, für aktuellen Benutzer) (HKU\S-1-5-21-3391011429-186193620-3244763449-1002\...\ICQ) (Version: 8.0.5996.0 - Mail.Ru)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
KeePass Password Safe 2.28 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.28 - Dominik Reichl)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
LoLSkinView (HKLM-x32\...\{875EAEE1-97A8-4A2A-9307-CF5EA171EA31}) (Version: 2.1.0.7 - MooreR Software)
LyricsMonkey-15 (HKLM-x32\...\LyricsMonkey-15) (Version: 1.28.153.5 - Showpass)
Mediathek (HKLM-x32\...\{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}) (Version: 1.4.0 - Medion)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.43 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.43 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 361.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 361.43 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4481.1005 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4481.1005 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4481.1005 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Panda Devices Agent (x32 Version: 1.03.06 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.01.00.0000 - Panda Security)
Panda Free Antivirus (Version: 8.20.00.0000 - Panda Security) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
QuickLaunch (HKLM-x32\...\{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}) (Version: 1.00.0019 - Lenovo Group Limited)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6710 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Sennheiser 3D G4ME1 (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392DDDFB6}) (Version: 1.00.0001 - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SpeedSim (HKLM-x32\...\SpeedSim) (Version: 0.9.8.1b - )
Spotify (HKU\S-1-5-21-3391011429-186193620-3244763449-1002\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
SSD Tweaker version 3.5.2 (HKLM-x32\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 3.5.2 - Elpamsoft.com)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
TERA (HKLM-x32\...\{A2S166A0-F031-4E27-A057-C69733219434}_is1) (Version: 19.04.02.03.hf3 - Gameforge Productions GmbH)
The Evil Within (HKLM-x32\...\Steam App 268050) (Version:  - Tango Gameworks)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
USB Multi-Channel Audio Device (HKLM\...\C-Media CM106 Like Sound Driver) (Version:  - )
VMware Player (HKLM\...\{57AA4E8A-E2C9-4F1C-B3F1-762C36E34472}) (Version: 12.1.0 - VMware, Inc.)
VMware VIX (HKLM-x32\...\{F99FC179-EA67-4BBC-8955-BDDA0CB94B88}) (Version: 1.15.2.00000 - VMware, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Xerox WorkCentre 6015N_NI (HKLM-x32\...\InstallShield_{AF0A195E-2ECE-4B02-AC0E-B7B8B57F5E76}) (Version: 1.014.00 - Xerox)
Xerox WorkCentre 6015N_NI (x32 Version: 1.014.00 - Xerox) Hidden
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3391011429-186193620-3244763449-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Yannick\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3391011429-186193620-3244763449-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Yannick\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3391011429-186193620-3244763449-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Yannick\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3391011429-186193620-3244763449-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Yannick\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3391011429-186193620-3244763449-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Yannick\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3391011429-186193620-3244763449-500_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00DE839A-D10B-4439-85D8-A2767DEF76E7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {0F454AC0-5760-4DD7-9394-ED7380B4A279} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {136E7DAF-358D-439D-9E20-A84118379607} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {142541F0-9211-49A0-835D-CBF9BFD0E11B} - \{5C06D2BE-375D-4C7D-8984-655483795A52} -> Keine Datei <==== ACHTUNG
Task: {3D380D3E-EFAB-45AD-BBF2-947A39883DB7} - \Software Updater -> Keine Datei <==== ACHTUNG
Task: {48B662FD-8217-4838-860F-1FAB3BFF5D6E} - \{D6D7D7CB-A8DB-4F05-831F-DDF3BA57513B} -> Keine Datei <==== ACHTUNG
Task: {4F1D20DA-D1BE-48D5-9F6C-A4B736361689} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {50D37279-C4D0-4FEB-A3D2-00EF46F30112} - \{19B60141-CCFA-4941-A5F7-28E699DD4F70} -> Keine Datei <==== ACHTUNG
Task: {566EC659-B42D-4B27-9B3D-89BDFFCEDDBE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {613C6E22-37CA-4A43-B476-AB625DEE67C9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {757A3FA9-3F9F-4BB5-9BAB-CC87DCDCD1F3} - \EPUpdater -> Keine Datei <==== ACHTUNG
Task: {759EA1CE-DB9C-4F8B-B8CF-FED7D0A5E2CA} - \{B83B40C0-D424-429B-B533-6413572AB56E} -> Keine Datei <==== ACHTUNG
Task: {77ECA296-2D02-4F76-96A5-CAAB5F109E39} - \User_Feed_Synchronization-{5F2F4A0A-634D-451C-A862-DD2863870B25} -> Keine Datei <==== ACHTUNG
Task: {85B5B092-F096-4535-9AF9-747BC7A0D9D8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-14] (Microsoft Corporation)
Task: {94134650-2B66-4C61-BEC8-4ADA052E265C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {A20B2CAE-96B0-4388-B8C9-A8AC43E1FEAA} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {A375DEBA-7ECB-4B21-99C2-CC50BD4A04B6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {B2B6FCDF-0514-4635-A8ED-DC1EE78AC2C2} - \Run LSI -> Keine Datei <==== ACHTUNG
Task: {B4E6230E-8727-4F96-971A-AC968409F575} - \Software Updater Ui -> Keine Datei <==== ACHTUNG
Task: {C7DD0E17-8D34-47F8-9568-E58097F9F917} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {CE031ACD-13A2-443E-941E-626547AA2C00} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {E2C2836D-6033-4398-A83D-96F05B77527B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {EB918DC6-E5FC-46EE-995B-2DF7BEC7D033} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {F68A1E7B-54DD-4907-B4B7-7EC2B6D7FB9C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {F8A121BF-21AE-430D-AC4A-911BB64F7B4E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\{D6D7D7CB-A8DB-4F05-831F-DDF3BA57513B}.job => D:\Program Files (x86)\JobLauncher.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-01-02 15:30 - 2015-07-15 03:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2016-01-01 23:32 - 2015-08-07 01:24 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-03-09 14:34 - 2012-03-09 14:34 - 00022528 _____ () C:\WINDOWS\System32\xrhk2alm.dll
2013-11-22 18:45 - 2012-03-15 14:48 - 15028224 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\xrhk2aRC.DLL
2016-01-02 15:29 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2013-10-12 02:15 - 2013-03-19 18:05 - 01558032 _____ () C:\ProgramData\gaupdt\service\0\gaupsvc.exe
2015-12-26 14:25 - 2015-12-09 02:52 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2012-01-03 10:04 - 2012-01-03 10:04 - 00095744 _____ () D:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
2016-01-02 15:29 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-02 15:29 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-01-02 15:28 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2016-01-02 15:29 - 2015-11-25 05:20 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-02 15:29 - 2015-11-25 05:17 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-02 15:29 - 2015-11-25 05:17 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-02 15:29 - 2015-09-17 06:43 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:45 - 00210432 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2014-11-13 10:38 - 2013-05-28 17:56 - 00151552 _____ () C:\Windows\System\3DG4me.exe
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 19:51 - 2014-10-14 19:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 19:51 - 2014-10-14 19:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-11-22 23:36 - 2015-12-15 01:43 - 05890368 _____ () C:\Users\Yannick\AppData\Local\Amazon Music\Amazon Music Helper.exe
2016-01-10 20:23 - 2016-01-06 17:40 - 00974536 _____ () C:\Program Files\Andy\HandyAndy.exe
2014-11-22 01:03 - 2014-11-22 01:03 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2012-01-03 10:04 - 2012-01-03 10:04 - 00247296 _____ () D:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmW.exe
2012-01-03 10:04 - 2012-01-03 10:04 - 00227840 _____ () D:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe
2012-01-03 10:05 - 2012-01-03 10:05 - 04476928 _____ () D:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe
2013-10-12 02:15 - 2013-02-22 09:08 - 00454656 _____ () C:\ProgramData\gaupdt\service\0\archive.dll
2013-10-12 02:15 - 2012-08-01 16:42 - 00156160 _____ () C:\ProgramData\gaupdt\service\0\libzmq.dll
2015-12-15 18:17 - 2015-12-15 18:17 - 00618544 _____ () D:\Program Files (x86)\SQLite3.dll
2015-12-26 14:25 - 2015-12-09 02:53 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-11-13 10:38 - 2012-06-06 10:56 - 00143360 _____ () C:\Windows\System\3DG4me.dll
2015-12-26 14:11 - 2015-11-10 20:55 - 00778752 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2015-12-26 14:11 - 2015-07-03 17:12 - 04962816 _____ () D:\Program Files (x86)\Steam\v8.dll
2015-12-26 14:11 - 2015-12-14 21:01 - 02547280 _____ () D:\Program Files (x86)\Steam\video.dll
2015-12-26 14:11 - 2015-07-03 17:12 - 01187840 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2015-12-26 14:11 - 2015-07-03 17:12 - 01556992 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2015-12-26 14:11 - 2015-09-24 01:33 - 02549248 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2015-12-26 14:11 - 2015-09-24 01:33 - 00491008 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2015-12-26 14:11 - 2015-09-24 01:33 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2015-12-26 14:11 - 2015-09-24 01:33 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2015-12-26 14:11 - 2015-09-24 01:33 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2015-12-26 14:11 - 2015-12-14 21:01 - 00804432 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-12-26 14:11 - 2015-11-03 23:00 - 00201728 _____ () D:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-12-26 14:11 - 2015-11-17 01:31 - 47846176 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll
2012-11-27 11:46 - 2012-11-16 03:32 - 01199648 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3391011429-186193620-3244763449-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Yannick\Pictures\Neues Wallpaper\1.jpg
HKU\S-1-5-21-3391011429-186193620-3244763449-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3391011429-186193620-3244763449-1002\...\StartupApproved\Run: => "icq"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2BC9AC5C-1D3E-4241-830D-F9837DF1265E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Age2HD\AoK HD.exe
FirewallRules: [{5C6DB745-A923-4B6B-B791-F0C6BBAE809B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9D4184BE-8D84-4D32-AC5B-FD344E9C2CBC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2CFE9A82-BD58-498D-94DC-42E2A0D97AEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{3D0849A4-EF56-456C-B0C5-CF78884E1341}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1F1CB72C-080B-49B5-B16A-29BE3896D5D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4995DD9F-4EA2-41C8-A87A-A1693951B582}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{102CB0B9-F5E8-4DA0-9496-5DDF2F7D5F0A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3D34637F-93AD-41FB-872C-4F654747E3B2}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{A40D9534-6B52-4A1F-8928-D396F793BA42}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{DDF76FE6-81A4-47F0-8363-5B3CEDFD4C18}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9BBCFCF6-46C4-4A20-95D0-D452B85C9F07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5847A416-0206-411B-B689-711712DF49C1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7BA13275-CE89-45B2-B7DE-51AB2C043A05}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{ACBDA20C-E0CD-4B0D-AA56-35BC0A53AC67}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{794053C4-62E4-4664-B810-6B1B7438C832}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{C8E84F69-B513-46B8-B8A7-CF35AF9BC9AB}D:\program files\warcraft iii\war3.exe] => (Block) D:\program files\warcraft iii\war3.exe
FirewallRules: [TCP Query User{9D8C3C09-6A08-47C1-9D2A-B91963B18564}D:\program files\warcraft iii\war3.exe] => (Block) D:\program files\warcraft iii\war3.exe
FirewallRules: [UDP Query User{3709FC88-21F7-40B2-A89C-A2407A57CB53}D:\program files\warcraft 3 tft\war3.exe] => (Block) D:\program files\warcraft 3 tft\war3.exe
FirewallRules: [TCP Query User{3DCD431B-011C-4DAF-8BE2-67D8AD8AB774}D:\program files\warcraft 3 tft\war3.exe] => (Block) D:\program files\warcraft 3 tft\war3.exe
FirewallRules: [{6B0B9D69-0E2B-4D90-9ECB-A3584A61B5F0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{4700A9BE-3E3F-4690-9C21-515D16F5F8AF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{0A2BF57D-132E-4979-9EAB-CCA091201ED6}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe
FirewallRules: [{33F604F3-6734-419C-9DD5-93F061884E4D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGameServer.exe
FirewallRules: [{6EBEAF27-C947-485F-B970-EC6828DC1DCE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{1E8CB62D-E4D5-44A2-9A87-E65510B622B9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{BC2CDB09-8BAB-4A6A-A18C-32ECC2755E7A}] => (Allow) D:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [UDP Query User{B640B982-A0A0-48D6-9FAA-2482936CF144}C:\program files (x86)\moorer software\lolskinview\lolskinview.exe] => (Allow) C:\program files (x86)\moorer software\lolskinview\lolskinview.exe
FirewallRules: [TCP Query User{59850461-A5EB-42B8-82F2-E6FAD4B658F6}C:\program files (x86)\moorer software\lolskinview\lolskinview.exe] => (Allow) C:\program files (x86)\moorer software\lolskinview\lolskinview.exe
FirewallRules: [UDP Query User{D2E53298-B340-4EC4-99F2-2B3C8A90D3CD}D:\program files (x86)\aftermath\amlauncher.exe.new.exe] => (Allow) D:\program files (x86)\aftermath\amlauncher.exe.new.exe
FirewallRules: [TCP Query User{E4A9A9B1-1D4D-46B9-B137-B8081F100419}D:\program files (x86)\aftermath\amlauncher.exe.new.exe] => (Allow) D:\program files (x86)\aftermath\amlauncher.exe.new.exe
FirewallRules: [{58CBBE01-EEBA-46FF-905A-791361D4D4BB}] => (Allow) D:\Program Files (x86)\Aftermath\Aftermath.exe
FirewallRules: [UDP Query User{7331BE84-BF58-43C9-BC53-A3D041985FA9}D:\program files (x86)\aftermath\amlauncher.exe] => (Allow) D:\program files (x86)\aftermath\amlauncher.exe
FirewallRules: [TCP Query User{8AAE3135-FA78-4416-AE67-4C3C7B44BC8C}D:\program files (x86)\aftermath\amlauncher.exe] => (Allow) D:\program files (x86)\aftermath\amlauncher.exe
FirewallRules: [UDP Query User{F325CD6B-FACF-43F2-AABD-863FEF93F65E}D:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{09A5585C-1B94-4A76-A5FC-0A27FA3BF6D4}D:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{02E79A43-D84F-4575-A9CB-0AEC1D0A8845}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{B1D5C3F9-CAAE-4C20-B199-42EF50003FC1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{EAD814CA-F48B-40B5-BF49-46F6542EE110}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4FB2AE6A-B611-4D3C-941D-2A9F49DE0E6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{25F1767E-271B-4FAD-BA39-E56BE679889E}D:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe] => (Allow) D:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [TCP Query User{0FAF8291-D655-4EFF-B1E0-4788D86ECC2A}D:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe] => (Allow) D:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [{5992381E-6F71-476E-8423-FEED9F48C541}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{DBF98B37-9383-41CB-B313-C4237D1FB73E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{C6AE51A1-F952-4330-8371-E715441DE7E4}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{DC3441D9-3A08-42EC-B8B0-77CA4F933ED5}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{BE0F52E9-FCA8-44E4-BD32-73420F57BA13}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{503A2FCB-DC9C-46F5-B22F-F7BFBEA958D0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{4032E0F1-B6D1-4794-936E-E23A89BDFCB2}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TheEvilWithin\EvilWithin.exe
FirewallRules: [{62AABBF0-F9EE-4E28-9C95-4DC63E1483BF}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TheEvilWithin\EvilWithin.exe
FirewallRules: [{9296BD5E-C49F-4038-8F40-ECC2824217E0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{CF2F25FA-0DC8-4E1C-8D19-872FDA6C205C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{EC22A999-21B5-463E-B404-B9A1D5DBF7F7}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{483AFEE9-E24E-4D20-9885-8DA34935E136}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CE74383C-7255-4406-8817-786C663FAE17}] => (Allow) D:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{BC587060-FA5C-4522-80D1-F89074271728}] => (Allow) D:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{CD1F6CAF-ABEB-4D81-85F6-D7BAE2D92F28}] => (Allow) D:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{96034A45-A7EF-4A4B-A98D-986E83E911C7}] => (Allow) D:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{EB0D2D02-D990-4B2E-A3FF-0C8A876B2BEB}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{D0B3CCA4-797F-4AFB-8B67-D9D140A73189}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{D9C5F331-8A93-4A1A-91CE-CB0CE41FF236}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{1A937E19-5BB8-43DC-802C-DF8F739F72C7}] => (Allow) D:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{A1472765-9CCB-4238-843D-1735BFBC4E2A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{E4B2C475-9DD6-473B-94F5-515B3C51576B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D4A8286D-C4BB-4136-A4D8-16700CE36773}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{EB6103E7-4F29-47B4-BBA7-FE15D34A1795}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{A47D49AB-9096-4B95-A5D8-B473E2B10705}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{2FF7D7F1-F6A5-48BB-9CB2-63D71167DC43}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{3F065157-0262-4EE8-B2AE-ACF6A18E4E8A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{5CD6AACA-9E38-42D6-A724-366947888050}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{9F1C6057-7646-437E-92D1-678547887E34}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{239C9805-C1D0-4B10-B9A4-D195105E4B9D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [UDP Query User{F11C3ED4-3509-47F7-8698-C7983D4678C3}D:\program files (x86)\steam\steam.exe] => (Allow) D:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{9C443645-88CE-4604-92E6-79AD3CA85AC1}D:\program files (x86)\steam\steam.exe] => (Allow) D:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{7DFC864B-B773-4CD1-A3D4-7D1F84E02606}D:\program files (x86)\tera\tera-launcher.exe] => (Allow) D:\program files (x86)\tera\tera-launcher.exe
FirewallRules: [TCP Query User{CFDD9031-DB8B-41D2-B5EE-6432669FA8DF}D:\program files (x86)\tera\tera-launcher.exe] => (Allow) D:\program files (x86)\tera\tera-launcher.exe
FirewallRules: [{A717DB53-233B-40DD-8847-5EE18B6B07B0}] => (Allow) D:\Program Files (x86)\InitEngine.exe
FirewallRules: [{E24CB3E0-3022-4B64-93D3-9601CCC47BCD}] => (Allow) D:\Program Files (x86)\InitEngine.exe
FirewallRules: [{D135C8AD-9952-4003-8B40-1629EF5CE5C1}] => (Allow) D:\Program Files (x86)\AutoPatcher.exe
FirewallRules: [{AEF871AC-5791-4B9B-91F6-1416BD232AAF}] => (Allow) D:\Program Files (x86)\AutoPatcher.exe
FirewallRules: [{4924EE32-2FDB-479B-8A59-90E6343CCCB6}] => (Allow) D:\Program Files (x86)\Anno5.exe
FirewallRules: [{AD5AD1E6-A161-45A7-804B-25BFE21A8448}] => (Allow) D:\Program Files (x86)\Anno5.exe
FirewallRules: [{27E3B9C1-4C70-489F-9EE8-C46E26E9715A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F7218085-98A7-483D-8F82-31BF21913E71}] => (Allow) LPort=2869
FirewallRules: [{48236E57-1BA0-420C-8D42-002FD75F0D3C}] => (Allow) LPort=1900
FirewallRules: [{75F702FC-3B3A-4205-B04C-257AC9A33510}] => (Allow) C:\Users\Yannick\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{CE2C0457-8278-45CC-B5E9-77047B556563}] => (Allow) C:\Users\Yannick\AppData\Roaming\ICQM\icq.exe
FirewallRules: [TCP Query User{0BDD6573-05D3-4EC8-90D9-700980C0DB17}C:\users\yannick\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\yannick\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DA860A6F-BF48-456F-BB74-9C2912EB9CAD}C:\users\yannick\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\yannick\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{21ECF702-5F8E-4E05-9721-65BBE0C11B8E}D:\program files (x86)\tera\tera-launcher.exe] => (Allow) D:\program files (x86)\tera\tera-launcher.exe
FirewallRules: [UDP Query User{B4CF6EC6-05A3-4C74-B9E8-CDC017C75A6D}D:\program files (x86)\tera\tera-launcher.exe] => (Allow) D:\program files (x86)\tera\tera-launcher.exe
FirewallRules: [{EC8014EB-9C84-43E9-8D17-FF1F7A683316}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F2D69005-F893-4424-A56E-65EB92842F9F}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{A7AA81D0-2819-4FF3-8070-D8CC1938C0D8}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{86549713-A20C-47CF-A7C2-24DC70D6F5F4}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{4B22B60D-F2E0-4360-9CBB-E9F120A01FDE}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{92B88D33-05D1-426A-9B26-89E08487DA52}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4F64DD16-7415-40B0-BF85-D3CF04009665}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{499D0DC2-D28F-4258-88D4-EE6C5C7769D4}C:\users\yannick\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\yannick\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E68E418B-615F-4BA5-B17C-D517B440FBC9}C:\users\yannick\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\yannick\appdata\roaming\spotify\spotify.exe
FirewallRules: [{798EEABB-33EF-41E8-A703-5F72154D1844}] => (Allow) LPort=2099
FirewallRules: [{B44923ED-F71B-43DD-942A-A10F936F3129}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{2210A644-7C16-4AEF-A57E-E734B3DDAEAE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{40B87D24-ECB3-4A60-9676-738D02162AA7}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{4C706D4F-279B-4175-B894-668E6BDA17F9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{E07C79FB-2651-4C78-B295-6BB86CC50B1E}] => (Allow) C:\Users\Yannick\AppData\Local\Temp\Andy_46.2_x64\Setup.exe
FirewallRules: [{4F3FDFB2-A529-41B1-B75A-D24CD7FD7CCF}] => (Allow) C:\Users\Yannick\AppData\Local\Temp\Andy_46.2_x64\Setup.exe
FirewallRules: [{0E8A42F5-2EF7-4329-9631-9EC64852A5F3}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{C5073EA5-9DC9-43D9-80C2-6DE5C89CEB23}] => (Allow) C:\Program Files\Andy\andy.exe
FirewallRules: [{70F71DDF-0126-416E-8CC6-E74C8BD1E419}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{6E7497A4-E197-4EEA-89D6-38A5B9B905FF}] => (Allow) C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{7F8A5FA5-B7CB-41C1-A4A8-489774B2BDA8}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{30B14B5F-D02E-4375-BB33-9663D883D555}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{6EBE5D9F-481A-47C3-88C7-1B794F93FBE6}] => (Allow) C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{BBC6B7DB-782D-4D93-A38D-A87F5860215B}] => (Allow) C:\Program Files\Andy\HandyAndy.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/29/2016 04:40:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Yannick-PC)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/29/2016 12:03:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LoLLauncher.exe, Version: 3.1.0.118, Zeitstempel: 0x56a6c5f8
Name des fehlerhaften Moduls: LoLLauncher.exe, Version: 3.1.0.118, Zeitstempel: 0x56a6c5f8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003429d
ID des fehlerhaften Prozesses: 0x3860
Startzeit der fehlerhaften Anwendung: 0xLoLLauncher.exe0
Pfad der fehlerhaften Anwendung: LoLLauncher.exe1
Pfad des fehlerhaften Moduls: LoLLauncher.exe2
Berichtskennung: LoLLauncher.exe3
Vollständiger Name des fehlerhaften Pakets: LoLLauncher.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LoLLauncher.exe5

Error: (01/28/2016 10:11:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LoLLauncher.exe, Version: 3.1.0.118, Zeitstempel: 0x56a6c5f8
Name des fehlerhaften Moduls: LoLLauncher.exe, Version: 3.1.0.118, Zeitstempel: 0x56a6c5f8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003429d
ID des fehlerhaften Prozesses: 0x8bc
Startzeit der fehlerhaften Anwendung: 0xLoLLauncher.exe0
Pfad der fehlerhaften Anwendung: LoLLauncher.exe1
Pfad des fehlerhaften Moduls: LoLLauncher.exe2
Berichtskennung: LoLLauncher.exe3
Vollständiger Name des fehlerhaften Pakets: LoLLauncher.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LoLLauncher.exe5

Error: (01/28/2016 10:09:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LoLLauncher.exe, Version: 3.1.0.118, Zeitstempel: 0x56a6c5f8
Name des fehlerhaften Moduls: LoLLauncher.exe, Version: 3.1.0.118, Zeitstempel: 0x56a6c5f8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003429d
ID des fehlerhaften Prozesses: 0x1a08
Startzeit der fehlerhaften Anwendung: 0xLoLLauncher.exe0
Pfad der fehlerhaften Anwendung: LoLLauncher.exe1
Pfad des fehlerhaften Moduls: LoLLauncher.exe2
Berichtskennung: LoLLauncher.exe3
Vollständiger Name des fehlerhaften Pakets: LoLLauncher.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LoLLauncher.exe5

Error: (01/28/2016 10:08:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LoLLauncher.exe, Version: 3.1.0.118, Zeitstempel: 0x56a6c5f8
Name des fehlerhaften Moduls: LoLLauncher.exe, Version: 3.1.0.118, Zeitstempel: 0x56a6c5f8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003429d
ID des fehlerhaften Prozesses: 0x1610
Startzeit der fehlerhaften Anwendung: 0xLoLLauncher.exe0
Pfad der fehlerhaften Anwendung: LoLLauncher.exe1
Pfad des fehlerhaften Moduls: LoLLauncher.exe2
Berichtskennung: LoLLauncher.exe3
Vollständiger Name des fehlerhaften Pakets: LoLLauncher.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LoLLauncher.exe5

Error: (01/28/2016 09:42:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SMCLpav.exe, Version 2.0.4.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1da0

Startzeit: 01d15a0c40c35fef

Beendigungszeit: 2

Anwendungspfad: C:\SMCLpav\SMCLpav.exe

Berichts-ID: a9240ce3-c5ff-11e5-bf16-eca86b299fcf

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (01/28/2016 09:40:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: YANNICK-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (01/28/2016 09:40:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "NdkApi,type="win32",version="1.0.0.1"1".
Die abhängige Assemblierung "NdkApi,type="win32",version="1.0.0.1"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/28/2016 09:30:36 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (8316) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.

Error: (01/28/2016 09:30:36 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (8316) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.


Systemfehler:
=============
Error: (01/29/2016 04:50:00 PM) (Source: DCOM) (EventID: 10016) (User: YANNICK-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}Yannick-PCYannickS-1-5-21-3391011429-186193620-3244763449-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/29/2016 04:49:59 PM) (Source: DCOM) (EventID: 10016) (User: YANNICK-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}Yannick-PCYannickS-1-5-21-3391011429-186193620-3244763449-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/29/2016 04:49:59 PM) (Source: DCOM) (EventID: 10016) (User: YANNICK-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}Yannick-PCYannickS-1-5-21-3391011429-186193620-3244763449-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/29/2016 04:40:58 PM) (Source: DCOM) (EventID: 10016) (User: YANNICK-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}Yannick-PCYannickS-1-5-21-3391011429-186193620-3244763449-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/29/2016 04:40:53 PM) (Source: DCOM) (EventID: 10016) (User: YANNICK-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}Yannick-PCYannickS-1-5-21-3391011429-186193620-3244763449-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/29/2016 04:40:46 PM) (Source: DCOM) (EventID: 10016) (User: YANNICK-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}Yannick-PCYannickS-1-5-21-3391011429-186193620-3244763449-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/29/2016 04:40:40 PM) (Source: DCOM) (EventID: 10016) (User: YANNICK-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}Yannick-PCYannickS-1-5-21-3391011429-186193620-3244763449-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/29/2016 04:40:30 PM) (Source: DCOM) (EventID: 10016) (User: YANNICK-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}Yannick-PCYannickS-1-5-21-3391011429-186193620-3244763449-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/29/2016 04:40:24 PM) (Source: DCOM) (EventID: 10016) (User: YANNICK-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}Yannick-PCYannickS-1-5-21-3391011429-186193620-3244763449-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/29/2016 04:40:23 PM) (Source: DCOM) (EventID: 10016) (User: YANNICK-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}Yannick-PCYannickS-1-5-21-3391011429-186193620-3244763449-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


CodeIntegrity:
===================================
  Date: 2016-01-28 21:48:27.687
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-28 21:48:27.676
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-28 21:48:27.665
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-28 21:48:27.649
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-28 21:48:27.638
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-23 14:19:19.227
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-23 14:19:19.166
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-23 14:19:19.157
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-23 14:19:19.150
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-23 14:19:19.141
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 16337.23 MB
Verfügbarer physikalischer RAM: 13091.93 MB
Summe virtueller Speicher: 17377.23 MB
Verfügbarer virtueller Speicher: 13382.92 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:57.13 GB) (Free:0.49 GB) NTFS
Drive d: (Data) (Fixed) (Total:1803.01 GB) (Free:1507.42 GB) NTFS
Drive f: (Recover) (Fixed) (Total:60 GB) (Free:43.43 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 59.6 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2047D4ED)
Partition 1: (Not Active) - (Size=1803 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=60 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
durchgeführt von Yannick (Administrator) auf YANNICK-PC (29-01-2016 17:12:51)
Gestartet von C:\Users\Yannick\Desktop
Geladene Profile: Yannick & Administrator (Verfügbare Profile: Yannick & Administrator)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\ProgramData\gaupdt\service\0\gaupsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Panda Security, S.L.) D:\Program Files (x86)\PSANHost.exe
(Panda Security, S.L.) D:\Program Files (x86)\PSUAService.exe
() D:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Windows\System\3DG4me.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Spotify Ltd) C:\Users\Yannick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
() C:\Users\Yannick\AppData\Local\Amazon Music\Amazon Music Helper.exe
(fabi.me) C:\Users\Yannick\Documents\SpeedAutoClicker\SpeedAutoClicker.exe
() C:\Program Files\Andy\HandyAndy.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Xerox) D:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() D:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmw.exe
() D:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe
() D:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe
(Panda Security, S.L.) D:\Program Files (x86)\PSUAMain.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Windows\System\3DG4me.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
() D:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmw.exe
() D:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe
() D:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe
(Panda Security, S.L.) D:\Program Files (x86)\PSUAMain.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Panda Security, S.L.) D:\Program Files (x86)\PSUAMain.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [Cm106Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
HKLM\...\Run: [3DG4me] => C:\WINDOWS\System\3DG4me.exe [151552 2013-05-28] ()
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => D:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2109952 2014-10-07] (Dominik Reichl)
HKLM-x32\...\Run: [Launcher6015N] => D:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe [2571264 2011-05-19] (Xerox)
HKLM-x32\...\Run: [6015N RUN] => D:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe [355840 2012-01-03] ()
HKLM-x32\...\Run: [StatusAutoRun6015N] => D:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe [4476928 2012-01-03] ()
HKLM-x32\...\Run: [PSUAMain] => D:\Program Files (x86)\PSUAMain.exe [99064 2015-12-07] (Panda Security, S.L.)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-3391011429-186193620-3244763449-1002\...\Run: [icq] => C:\Users\Yannick\AppData\Roaming\ICQM\icq.exe [26934632 2013-02-12] (ICQ)
HKU\S-1-5-21-3391011429-186193620-3244763449-1002\...\Run: [Spotify Web Helper] => C:\Users\Yannick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-01-25] (Spotify Ltd)
HKU\S-1-5-21-3391011429-186193620-3244763449-1002\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-3391011429-186193620-3244763449-1002\...\Run: [Amazon Music] => C:\Users\Yannick\AppData\Local\Amazon Music\Amazon Music Helper.exe [5890368 2015-12-15] ()
HKU\S-1-5-21-3391011429-186193620-3244763449-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-3391011429-186193620-3244763449-1002\...\Run: [Speed AutoClicker] => C:\Users\Yannick\Documents\SpeedAutoClicker\SpeedAutoClicker.exe [179200 2015-04-01] (fabi.me)
HKU\S-1-5-21-3391011429-186193620-3244763449-1002\...\RunOnce: [Uninstall C:\Users\Yannick\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Yannick\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Yannick\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2016-01-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Yannick\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2016-01-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Yannick\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2016-01-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} =>  Keine Datei
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} =>  Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Yannick\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2016-01-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Yannick\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2016-01-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Yannick\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2016-01-02] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HandyAndy.lnk [2016-01-10]
ShortcutTarget: HandyAndy.lnk -> C:\Program Files\Andy\HandyAndy.exe ()
CHR HKU\S-1-5-21-3391011429-186193620-3244763449-1002\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{103633a8-4a03-442a-81ed-15a3f1c3e540}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1391629333&from=amt&uid=C400-MTFDDAC064MAM_000000001239091D2392
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1391629333&from=amt&uid=C400-MTFDDAC064MAM_000000001239091D2392&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1391629333&from=amt&uid=C400-MTFDDAC064MAM_000000001239091D2392
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391629333&from=amt&uid=C400-MTFDDAC064MAM_000000001239091D2392&q={searchTerms}
HKU\S-1-5-21-3391011429-186193620-3244763449-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-3391011429-186193620-3244763449-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-3391011429-186193620-3244763449-1002\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=121562&tt=gc_&babsrc=HP_ss&mntrId=E665ECA86B299FCF
HKU\S-1-5-21-3391011429-186193620-3244763449-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
HKU\S-1-5-21-3391011429-186193620-3244763449-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391629333&from=amt&uid=C400-MTFDDAC064MAM_000000001239091D2392&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391629333&from=amt&uid=C400-MTFDDAC064MAM_000000001239091D2392&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391629333&from=amt&uid=C400-MTFDDAC064MAM_000000001239091D2392&q={searchTerms}
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3391011429-186193620-3244763449-1002 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-3391011429-186193620-3244763449-1002 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.enhanced-search.com/?q={searchTerms}&affID=121562&tt=gc_&babsrc=SP_ss_mib2&mntrId=E665ECA86B299FCF
SearchScopes: HKU\S-1-5-21-3391011429-186193620-3244763449-1002 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1391629333&from=amt&uid=C400-MTFDDAC064MAM_000000001239091D2392&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3391011429-186193620-3244763449-1002 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3391011429-186193620-3244763449-1002 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-3391011429-186193620-3244763449-1002 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC8} URL = hxxp://search.icq.com/search/results.php?q=%s&ch_id=hm&search_mode=web
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Kein Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Keine Datei
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-11-20] (DVDVideoSoft Ltd.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-11-22] (DVDVideoSoft Ltd.)
Toolbar: HKLM-x32 - Kein Name - {82E1477C-B154-48D3-9891-33D83C26BCD3} -  Keine Datei
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} -  Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Yannick\AppData\Roaming\Mozilla\Firefox\Profiles\uf0q2oem.default
FF DefaultSearchUrl: hxxps://de.search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF Homepage: about:home
FF Session Restore: -> ist aktiviert.
FF Keyword.URL: hxxps://de.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-11-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-11-16] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-3391011429-186193620-3244763449-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Keine Datei]
FF SearchPlugin: C:\Users\Yannick\AppData\Roaming\Mozilla\Firefox\Profiles\uf0q2oem.default\searchplugins\icq.xml [2013-02-12]
FF SearchPlugin: C:\Users\Yannick\AppData\Roaming\Mozilla\Firefox\Profiles\uf0q2oem.default\searchplugins\yahoo-avast.xml [2014-06-18]
FF Extension: 360 Web Shield - C:\Users\Yannick\AppData\Roaming\Mozilla\Firefox\Profiles\uf0q2oem.default\Extensions\webshield@360safe.com [2014-08-30] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Yannick\AppData\Roaming\Mozilla\Firefox\Profiles\uf0q2oem.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-19]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [lightningnewtab@gmail.com] - C:\Users\Yannick\AppData\Roaming\Mozilla\Firefox\Profiles\uf0q2oem.default\extensions\lightningnewtab@gmail.com.xpi => nicht gefunden
FF HKU\S-1-5-21-3391011429-186193620-3244763449-1002\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff => nicht gefunden
         
__________________

Alt 31.01.2016, 20:33   #4
Yannick95
 
Streaming Dienst Account gehackt. PC befallen? - Standard

Streaming Dienst Account gehackt. PC befallen?



FRST Teil 2
Code:
ATTFilter
Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [pkndmigholgfjlniaohblojbhgjbkakn] - C:\Users\Yannick\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 GaUpdateService; C:\ProgramData\gaupdt\service\0\gaupsvc.exe [1558032 2013-03-19] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-11-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [164736 2012-11-16] (Intel Corporation)
R2 NanoServiceMain; D:\Program Files (x86)\PSANHost.exe [142072 2015-12-07] (Panda Security, S.L.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [72952 2015-11-30] (Panda Security, S.L.)
R2 PSUAService; D:\Program Files (x86)\PSUAService.exe [38136 2015-12-07] (Panda Security, S.L.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [746392 2013-03-20] (Tunngle.net GmbH) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 XRNADB; D:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe [95744 2012-01-03] () [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R1 NNSALPC; C:\Windows\system32\DRIVERS\NNSALPC.sys [103856 2015-12-10] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [210864 2015-12-10] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [120240 2015-12-10] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [120240 2015-12-10] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [112560 2015-12-10] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [87984 2015-12-10] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [133552 2015-12-10] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [309680 2015-12-10] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [179632 2015-12-10] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [122800 2015-12-10] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [267184 2015-12-10] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\system32\DRIVERS\NNSTLSC.sys [115632 2015-12-10] (Panda Security, S.L.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S0 PsBoot; C:\Windows\System32\Drivers\PsBoot.sys [42624 2015-06-16] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [173488 2015-12-10] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [129456 2015-12-10] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [207280 2015-12-10] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [133552 2015-12-10] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [146352 2015-12-10] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [117168 2015-12-10] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )
S1 SymIM; C:\Windows\system32\DRIVERS\SymIMv.sys [43680 2013-03-05] (Symantec Corporation)
R3 tap0901t; C:\Windows\System32\drivers\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [Datei ist nicht signiert]
R3 USBADVAU; C:\Windows\system32\drivers\cm11264.sys [4121088 2012-11-29] (C-Media Electronics Inc)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-29 17:12 - 2016-01-29 17:13 - 00026500 _____ C:\Users\Yannick\Desktop\FRST.txt
2016-01-29 17:12 - 2016-01-29 17:12 - 00000000 ____D C:\FRST
2016-01-29 17:10 - 2016-01-29 17:10 - 02370560 _____ (Farbar) C:\Users\Yannick\Downloads\FRST64(1).exe
2016-01-29 17:02 - 2016-01-29 17:02 - 02370560 _____ (Farbar) C:\Users\Yannick\Desktop\FRST64.exe
2016-01-29 17:02 - 2015-06-16 15:41 - 00042624 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PsBoot.sys
2016-01-29 16:51 - 2016-01-29 16:51 - 00016148 _____ C:\WINDOWS\system32\YANNICK-PC_Yannick_HistoryPrediction.bin
2016-01-29 16:51 - 2016-01-29 16:51 - 00016148 _____ C:\WINDOWS\system32\YANNICK-PC_Administrator_HistoryPrediction.bin
2016-01-29 16:35 - 2016-01-29 16:35 - 00000000 ___HD C:\OneDriveTemp
2016-01-28 23:54 - 2016-01-28 23:54 - 00001092 _____ C:\Users\Public\Desktop\Notepad++.lnk
2016-01-28 23:54 - 2016-01-28 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-01-28 23:54 - 2016-01-28 23:54 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-01-28 23:52 - 2016-01-28 23:54 - 00000000 ____D C:\Users\Yannick\AppData\Roaming\Notepad++
2016-01-28 23:36 - 2016-01-28 23:42 - 00000000 ____D C:\Users\Administrator\AppData\Local\Mozilla
2016-01-28 23:36 - 2016-01-28 23:36 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla
2016-01-28 23:36 - 2016-01-28 23:36 - 00000000 ____D C:\Users\Administrator\AppData\Local\Macromedia
2016-01-28 23:35 - 2016-01-28 23:35 - 00002451 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-01-28 23:35 - 2016-01-28 23:35 - 00000000 ___RD C:\Users\Administrator\OneDrive
2016-01-28 23:35 - 2016-01-28 23:35 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2016-01-28 23:34 - 2016-01-28 23:34 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Panda Security
2016-01-28 23:34 - 2016-01-28 23:34 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Andy
2016-01-28 23:34 - 2016-01-28 23:34 - 00000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2016-01-28 23:34 - 2016-01-28 23:34 - 00000000 ____D C:\Users\Administrator\AppData\Local\Logitech
2016-01-28 23:34 - 2016-01-28 23:34 - 00000000 ____D C:\Users\Administrator\Andy
2016-01-28 23:33 - 2016-01-28 23:53 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2016-01-28 23:33 - 2016-01-28 23:35 - 00000000 ____D C:\Users\Administrator
2016-01-28 23:33 - 2016-01-28 23:33 - 00000020 ___SH C:\Users\Administrator\ntuser.ini
2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos
2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 ____D C:\Users\Administrator\AppData\Local\TileDataLayer
2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA Corporation
2016-01-28 23:33 - 2016-01-28 23:33 - 00000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA
2016-01-28 23:33 - 2016-01-01 23:38 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2016-01-28 23:33 - 2016-01-01 23:38 - 00000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2016-01-28 23:33 - 2012-10-17 14:13 - 00001655 _____ C:\Users\Administrator\Desktop\LIFESTORE.lnk
2016-01-28 23:33 - 2012-09-21 04:40 - 00001021 _____ C:\Users\Administrator\Desktop\Gutscheine bei coupons4u.lnk
2016-01-28 23:33 - 2012-09-17 16:22 - 00002439 _____ C:\Users\Administrator\Desktop\MEDIONmediathek.lnk
2016-01-28 23:33 - 2012-09-15 19:56 - 00001995 _____ C:\Users\Administrator\Desktop\MEDIONplay.lnk
2016-01-28 23:33 - 2012-09-15 19:55 - 00002786 _____ C:\Users\Administrator\Desktop\MEDIONmail.lnk
2016-01-28 23:33 - 2012-09-15 19:55 - 00001779 _____ C:\Users\Administrator\Desktop\MEDION Serviceportal.lnk
2016-01-28 23:33 - 2012-08-30 14:56 - 00000977 _____ C:\Users\Administrator\Desktop\Windows 8 Info.lnk
2016-01-28 22:10 - 2016-01-28 22:10 - 00000000 ____D C:\Users\Yannick\AppData\Local\ElevatedDiagnostics
2016-01-28 22:07 - 2016-01-28 22:07 - 00002185 _____ C:\Users\Yannick\Desktop\LoLLauncher - Shortcut.lnk
2016-01-28 21:56 - 2016-01-28 22:11 - 00000342 ____H C:\WINDOWS\Tasks\{D6D7D7CB-A8DB-4F05-831F-DDF3BA57513B}.job
2016-01-28 21:48 - 2016-01-28 21:54 - 00001689 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus.lnk
2016-01-28 21:48 - 2016-01-28 21:48 - 00000000 ____D C:\Program Files (x86)\Panda Security
2016-01-28 21:48 - 2015-12-10 15:09 - 00207280 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINKNC.sys
2016-01-28 21:48 - 2015-12-10 15:09 - 00173488 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINAflt.sys
2016-01-28 21:48 - 2015-12-10 15:09 - 00146352 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINProt.sys
2016-01-28 21:48 - 2015-12-10 15:09 - 00129456 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINFile.sys
2016-01-28 21:48 - 2015-12-10 15:04 - 00133552 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINProc.sys
2016-01-28 21:48 - 2015-12-10 15:04 - 00117168 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINReg.sys
2016-01-28 21:48 - 2015-06-16 15:41 - 00062080 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2016-01-28 21:41 - 2016-01-28 21:46 - 00000000 ____D C:\SMCLpav
2016-01-28 21:38 - 2016-01-28 21:38 - 01509968 _____ C:\Users\Yannick\Desktop\uninstaller.exe
2016-01-28 21:30 - 2016-01-28 21:33 - 66586256 _____ C:\Users\Yannick\Desktop\FREEAV.exe
2016-01-28 20:54 - 2016-01-28 20:55 - 00000503 _____ C:\Users\Yannick\Desktop\Neues Textdokument (4).txt
2016-01-28 20:53 - 2016-01-28 20:53 - 02113152 _____ C:\Users\Yannick\Desktop\PANDAFREEAV.exe
2016-01-23 14:20 - 2016-01-23 14:20 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-01-14 20:53 - 2016-01-14 20:53 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-01-12 21:10 - 2016-01-05 04:07 - 02463704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-12 21:10 - 2016-01-05 04:07 - 00377592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-12 21:10 - 2016-01-05 04:06 - 08022368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-12 21:10 - 2016-01-05 04:06 - 01991120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-12 21:10 - 2016-01-05 04:06 - 01270104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-12 21:10 - 2016-01-05 04:06 - 01063504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-12 21:10 - 2016-01-05 04:06 - 00119800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-12 21:10 - 2016-01-05 04:04 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-01-12 21:10 - 2016-01-05 04:04 - 02641928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-12 21:10 - 2016-01-05 04:04 - 01591848 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-12 21:10 - 2016-01-05 04:04 - 01150816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-12 21:10 - 2016-01-05 04:04 - 00862056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-12 21:10 - 2016-01-05 04:04 - 00787720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-12 21:10 - 2016-01-05 04:04 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-12 21:10 - 2016-01-05 04:04 - 00779928 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-12 21:10 - 2016-01-05 04:04 - 00772448 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-12 21:10 - 2016-01-05 04:04 - 00751992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-12 21:10 - 2016-01-05 04:04 - 00667856 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-12 21:10 - 2016-01-05 04:04 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-12 21:10 - 2016-01-05 04:04 - 00249464 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-12 21:10 - 2016-01-05 04:04 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-12 21:10 - 2016-01-05 04:04 - 00233992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-12 21:10 - 2016-01-05 04:04 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-12 21:10 - 2016-01-05 04:04 - 00090912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-12 21:10 - 2016-01-05 04:04 - 00083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-12 21:10 - 2016-01-05 03:59 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-01-12 21:10 - 2016-01-05 03:52 - 00441696 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-12 21:10 - 2016-01-05 03:50 - 01817064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-12 21:10 - 2016-01-05 03:50 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-12 21:10 - 2016-01-05 03:50 - 00723648 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-12 21:10 - 2016-01-05 03:50 - 00345080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-12 21:10 - 2016-01-05 03:50 - 00251544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-12 21:10 - 2016-01-05 03:50 - 00205072 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-12 21:10 - 2016-01-05 03:31 - 01365576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-12 21:10 - 2016-01-05 03:30 - 02459096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-12 21:10 - 2016-01-05 03:30 - 02162064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-12 21:10 - 2016-01-05 03:30 - 02152744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-12 21:10 - 2016-01-05 03:30 - 01106872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-12 21:10 - 2016-01-05 03:30 - 00882208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-12 21:10 - 2016-01-05 03:30 - 00368776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-12 21:10 - 2016-01-05 03:30 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-12 21:10 - 2016-01-05 03:30 - 00100712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-12 21:10 - 2016-01-05 03:29 - 00208688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-12 21:10 - 2016-01-05 03:28 - 02445128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-01-12 21:10 - 2016-01-05 03:28 - 00714808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-12 21:10 - 2016-01-05 03:28 - 00696192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-12 21:10 - 2016-01-05 03:28 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-12 21:10 - 2016-01-05 03:28 - 00645144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-12 21:10 - 2016-01-05 03:28 - 00635312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-12 21:10 - 2016-01-05 03:28 - 00497896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-12 21:10 - 2016-01-05 03:28 - 00277400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-12 21:10 - 2016-01-05 03:28 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-12 21:10 - 2016-01-05 03:28 - 00107952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-12 21:10 - 2016-01-05 03:28 - 00082096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-12 21:10 - 2016-01-05 03:28 - 00072808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-12 21:10 - 2016-01-05 03:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-01-12 21:10 - 2016-01-05 03:18 - 21873152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-12 21:10 - 2016-01-05 03:15 - 24592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-12 21:10 - 2016-01-05 03:15 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-01-12 21:10 - 2016-01-05 03:15 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-12 21:10 - 2016-01-05 03:15 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-12 21:10 - 2016-01-05 03:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2016-01-12 21:10 - 2016-01-05 03:10 - 00305776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-12 21:10 - 2016-01-05 03:10 - 00278424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-12 21:10 - 2016-01-05 03:10 - 00188032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-12 21:10 - 2016-01-05 03:09 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-12 21:10 - 2016-01-05 03:09 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-12 21:10 - 2016-01-05 03:02 - 01672192 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-12 21:10 - 2016-01-05 03:02 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-12 21:10 - 2016-01-05 03:02 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-12 21:10 - 2016-01-05 03:01 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-12 21:10 - 2016-01-05 03:00 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-12 21:10 - 2016-01-05 03:00 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-12 21:10 - 2016-01-05 02:59 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-12 21:10 - 2016-01-05 02:57 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-12 21:10 - 2016-01-05 02:57 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-12 21:10 - 2016-01-05 02:57 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-12 21:10 - 2016-01-05 02:56 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-12 21:10 - 2016-01-05 02:51 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-12 21:10 - 2016-01-05 02:51 - 01009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-12 21:10 - 2016-01-05 02:51 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-12 21:10 - 2016-01-05 02:51 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-12 21:10 - 2016-01-05 02:51 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-12 21:10 - 2016-01-05 02:44 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-12 21:10 - 2016-01-05 02:44 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-12 21:10 - 2016-01-05 02:43 - 19324928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-12 21:10 - 2016-01-05 02:42 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-01-12 21:10 - 2016-01-05 02:38 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2016-01-12 21:10 - 2016-01-05 02:32 - 01541632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-12 21:10 - 2016-01-05 02:32 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-12 21:10 - 2016-01-05 02:31 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-12 21:10 - 2016-01-05 02:31 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-12 21:10 - 2016-01-05 02:30 - 18802176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-12 21:10 - 2016-01-05 02:29 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-12 21:10 - 2016-01-05 02:29 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-12 21:10 - 2016-01-05 02:26 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-12 21:10 - 2016-01-05 02:24 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-12 21:10 - 2016-01-05 02:20 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-12 21:10 - 2016-01-05 02:19 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-12 21:10 - 2016-01-05 02:19 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-12 21:10 - 2016-01-05 02:19 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-12 21:10 - 2016-01-05 02:19 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-10 20:57 - 2016-01-24 16:11 - 00000000 ____D C:\Users\Yannick\AppData\Roaming\VMware
2016-01-10 20:24 - 2016-01-10 20:24 - 00001465 _____ C:\Users\Public\Desktop\Start Andy.lnk
2016-01-10 20:24 - 2016-01-10 20:24 - 00000000 ____D C:\Users\Yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Andy
2016-01-10 20:24 - 2016-01-10 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2016-01-10 20:24 - 2016-01-10 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy
2016-01-10 20:24 - 2016-01-10 20:24 - 00000000 ____D C:\Program Files\Common Files\VMware
2016-01-10 20:24 - 2015-11-25 18:10 - 00934080 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll
2016-01-10 20:24 - 2015-11-25 18:10 - 00392896 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
2016-01-10 20:24 - 2015-11-25 18:10 - 00358080 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
2016-01-10 20:24 - 2015-11-25 18:10 - 00066752 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys
2016-01-10 20:24 - 2015-11-25 18:10 - 00033472 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\VMkbd.sys
2016-01-10 20:24 - 2015-11-25 17:52 - 00026816 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys
2016-01-10 20:24 - 2015-11-06 11:57 - 00057536 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys
2016-01-10 20:24 - 2015-11-05 19:25 - 00075512 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys
2016-01-10 20:24 - 2015-11-05 19:25 - 00068288 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll
2016-01-10 20:24 - 2015-11-05 19:25 - 00064192 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll
2016-01-10 20:23 - 2016-01-29 16:35 - 00000000 ____D C:\ProgramData\VMware
2016-01-10 20:23 - 2016-01-12 21:13 - 00000000 ____D C:\Users\Yannick\Andy
2016-01-10 20:23 - 2016-01-10 20:23 - 00000000 ____D C:\Program Files\Andy
2016-01-10 20:23 - 2016-01-10 20:23 - 00000000 ____D C:\Program Files (x86)\VMware
2016-01-10 20:22 - 2016-01-24 21:07 - 00000000 ____D C:\Users\Yannick\AppData\Roaming\Andy
2016-01-10 20:22 - 2016-01-10 20:23 - 00000000 ____D C:\Program Files\AndyOfflineInstaller46.2
2016-01-07 16:03 - 2016-01-28 20:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-02 15:30 - 2015-12-01 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2016-01-02 15:30 - 2015-12-01 06:49 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-02 15:30 - 2015-12-01 06:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-02 15:30 - 2015-11-25 06:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-01-02 15:30 - 2015-11-25 06:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-01-02 15:30 - 2015-11-25 05:49 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-01-02 15:30 - 2015-11-25 05:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-01-02 15:30 - 2015-11-25 05:49 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-01-02 15:30 - 2015-11-25 05:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2016-01-02 15:30 - 2015-11-25 05:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll
2016-01-02 15:30 - 2015-11-25 05:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll
2016-01-02 15:30 - 2015-11-25 05:34 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-01-02 15:30 - 2015-11-25 05:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-01-02 15:30 - 2015-11-25 05:30 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2016-01-02 15:30 - 2015-11-25 05:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-01-02 15:30 - 2015-11-25 05:25 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-01-02 15:30 - 2015-11-25 05:23 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-01-02 15:30 - 2015-11-25 05:22 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-01-02 15:30 - 2015-11-25 05:19 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-01-02 15:30 - 2015-11-25 05:18 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-01-02 15:30 - 2015-11-25 05:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-01-02 15:30 - 2015-11-25 05:05 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-02 15:30 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2016-01-02 15:30 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2016-01-02 15:30 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-01-02 15:30 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-01-02 15:30 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-01-02 15:30 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-01-02 15:30 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-01-02 15:30 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-01-02 15:30 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-02 15:30 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-02 15:30 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-01-02 15:30 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-01-02 15:30 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-01-02 15:30 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2016-01-02 15:30 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-01-02 15:30 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-01-02 15:30 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-02 15:30 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-02 15:30 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-01-02 15:30 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2016-01-02 15:30 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-01-02 15:30 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-01-02 15:30 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-02 15:30 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-01-02 15:30 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-01-02 15:30 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-02 15:30 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-01-02 15:30 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-01-02 15:30 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-01-02 15:30 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-01-02 15:30 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-01-02 15:30 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-02 15:30 - 2015-09-17 07:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-01-02 15:30 - 2015-09-17 07:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-01-02 15:30 - 2015-09-17 07:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2016-01-02 15:30 - 2015-09-17 07:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-01-02 15:30 - 2015-09-17 07:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-01-02 15:30 - 2015-09-17 07:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-01-02 15:30 - 2015-09-17 07:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-01-02 15:30 - 2015-09-17 07:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-01-02 15:30 - 2015-09-17 07:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-01-02 15:30 - 2015-09-17 07:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-01-02 15:30 - 2015-09-17 07:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-01-02 15:30 - 2015-09-17 07:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-01-02 15:30 - 2015-09-17 07:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-01-02 15:30 - 2015-09-17 07:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-01-02 15:30 - 2015-09-17 07:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-01-02 15:30 - 2015-09-17 07:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2016-01-02 15:30 - 2015-09-17 07:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-01-02 15:30 - 2015-09-17 07:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-01-02 15:30 - 2015-09-17 07:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-01-02 15:30 - 2015-09-17 07:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-01-02 15:30 - 2015-09-17 07:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-01-02 15:30 - 2015-09-17 07:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-01-02 15:30 - 2015-09-17 07:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-01-02 15:30 - 2015-09-17 06:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-01-02 15:30 - 2015-09-17 06:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-01-02 15:30 - 2015-09-17 06:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2016-01-02 15:30 - 2015-09-17 06:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-02 15:30 - 2015-09-17 06:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2016-01-02 15:30 - 2015-09-17 06:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-01-02 15:30 - 2015-09-17 06:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-01-02 15:30 - 2015-09-17 06:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-01-02 15:30 - 2015-09-17 06:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-02 15:30 - 2015-09-17 06:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-01-02 15:30 - 2015-09-17 06:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-01-02 15:30 - 2015-09-17 06:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-01-02 15:30 - 2015-09-17 06:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-01-02 15:30 - 2015-09-17 06:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-01-02 15:30 - 2015-09-17 06:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-01-02 15:30 - 2015-09-17 06:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2016-01-02 15:30 - 2015-09-17 06:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-01-02 15:30 - 2015-09-17 06:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-01-02 15:30 - 2015-09-17 06:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2016-01-02 15:30 - 2015-09-17 06:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2016-01-02 15:30 - 2015-09-17 06:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-01-02 15:30 - 2015-09-17 06:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2016-01-02 15:30 - 2015-09-17 06:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-02 15:30 - 2015-09-17 06:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2016-01-02 15:30 - 2015-09-17 06:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-01-02 15:30 - 2015-09-17 06:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-01-02 15:30 - 2015-09-17 06:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2016-01-02 15:30 - 2015-09-17 06:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-02 15:30 - 2015-09-17 06:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-01-02 15:30 - 2015-09-17 06:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2016-01-02 15:30 - 2015-09-17 06:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-01-02 15:30 - 2015-09-17 06:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-01-02 15:30 - 2015-09-17 06:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-01-02 15:30 - 2015-09-17 06:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2016-01-02 15:30 - 2015-09-17 06:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2016-01-02 15:30 - 2015-09-17 06:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-01-02 15:30 - 2015-09-17 06:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-02 15:30 - 2015-09-17 06:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-01-02 15:30 - 2015-09-17 06:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2016-01-02 15:30 - 2015-09-17 06:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-01-02 15:30 - 2015-08-27 06:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-01-02 15:30 - 2015-08-27 06:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-01-02 15:30 - 2015-08-27 06:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-01-02 15:30 - 2015-08-27 06:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-01-02 15:30 - 2015-08-18 08:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-01-02 15:30 - 2015-08-18 07:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-01-02 15:30 - 2015-08-18 07:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-01-02 15:30 - 2015-08-11 11:04 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-01-02 15:30 - 2015-08-11 11:03 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-01-02 15:30 - 2015-08-11 11:02 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-01-02 15:30 - 2015-08-11 10:40 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-01-02 15:30 - 2015-08-11 10:37 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-01-02 15:30 - 2015-08-11 10:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2016-01-02 15:30 - 2015-08-11 10:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2016-01-02 15:30 - 2015-08-11 10:11 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2016-01-02 15:30 - 2015-08-11 10:09 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-01-02 15:30 - 2015-08-11 10:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2016-01-02 15:30 - 2015-08-11 10:05 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
2016-01-02 15:30 - 2015-08-11 09:59 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2016-01-02 15:30 - 2015-08-11 09:59 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2016-01-02 15:30 - 2015-08-11 09:51 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2016-01-02 15:30 - 2015-08-06 04:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2016-01-02 15:30 - 2015-08-06 03:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-01-02 15:30 - 2015-08-04 05:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2016-01-02 15:30 - 2015-08-04 04:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-01-02 15:30 - 2015-08-03 03:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-02 15:30 - 2015-08-03 03:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-01-02 15:30 - 2015-08-03 02:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-02 15:30 - 2015-08-03 02:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2016-01-02 15:30 - 2015-08-03 02:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2016-01-02 15:30 - 2015-08-03 02:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-01-02 15:30 - 2015-07-30 07:17 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-01-02 15:30 - 2015-07-30 07:14 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-01-02 15:30 - 2015-07-30 06:24 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-01-02 15:30 - 2015-07-30 05:29 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-01-02 15:30 - 2015-07-30 05:24 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-01-02 15:30 - 2015-07-30 05:08 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-02 15:30 - 2015-07-30 04:45 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-01-02 15:30 - 2015-07-30 04:45 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2016-01-02 15:30 - 2015-07-30 04:44 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-02 15:30 - 2015-07-30 04:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2016-01-02 15:30 - 2015-07-30 04:07 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-01-02 15:30 - 2015-07-26 04:40 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-01-02 15:30 - 2015-07-26 04:30 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-01-02 15:30 - 2015-07-24 03:44 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-01-02 15:30 - 2015-07-24 03:34 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-01-02 15:30 - 2015-07-24 03:29 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-02 15:30 - 2015-07-22 06:15 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-01-02 15:30 - 2015-07-22 05:02 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2016-01-02 15:30 - 2015-07-22 05:00 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-02 15:30 - 2015-07-22 04:54 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-01-02 15:30 - 2015-07-22 04:11 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-01-02 15:30 - 2015-07-22 04:09 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-01-02 15:30 - 2015-07-22 04:07 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2016-01-02 15:30 - 2015-07-18 08:43 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2016-01-02 15:30 - 2015-07-17 05:23 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2016-01-02 15:30 - 2015-07-17 05:12 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-01-02 15:30 - 2015-07-17 05:07 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-01-02 15:30 - 2015-07-17 03:31 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-01-02 15:30 - 2015-07-17 03:26 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-01-02 15:30 - 2015-07-17 03:24 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2016-01-02 15:30 - 2015-07-17 02:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-01-02 15:30 - 2015-07-17 02:50 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2016-01-02 15:30 - 2015-07-16 06:39 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-01-02 15:30 - 2015-07-16 05:09 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-02 15:30 - 2015-07-16 04:36 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2016-01-02 15:30 - 2015-07-16 04:35 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-01-02 15:30 - 2015-07-15 03:49 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-01-02 15:30 - 2015-07-15 03:04 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2016-01-02 15:30 - 2015-07-14 03:04 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2016-01-02 15:30 - 2015-07-13 00:30 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-01-02 15:30 - 2015-07-12 01:38 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-01-02 15:30 - 2015-07-11 02:05 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-02 15:30 - 2015-07-11 02:03 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-01-02 15:30 - 2015-07-11 01:57 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-01-02 15:30 - 2015-07-11 01:42 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-02 15:30 - 2015-07-11 01:40 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-01-02 15:30 - 2015-07-10 16:51 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-01-02 15:30 - 2015-07-10 16:00 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-01-02 15:30 - 2015-07-10 11:10 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-01-02 15:30 - 2015-07-10 11:05 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-01-02 15:29 - 2015-11-25 06:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-01-02 15:29 - 2015-11-25 06:41 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-01-02 15:29 - 2015-11-25 06:33 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-01-02 15:29 - 2015-11-25 06:27 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-01-02 15:29 - 2015-11-25 06:12 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-01-02 15:29 - 2015-11-25 06:11 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-01-02 15:29 - 2015-11-25 06:09 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-01-02 15:29 - 2015-11-25 06:01 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-01-02 15:29 - 2015-11-25 05:37 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-01-02 15:29 - 2015-11-25 05:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-01-02 15:29 - 2015-11-25 05:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2016-01-02 15:29 - 2015-11-25 05:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2016-01-02 15:29 - 2015-11-25 05:29 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-01-02 15:29 - 2015-11-25 05:27 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-01-02 15:29 - 2015-11-25 05:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-01-02 15:29 - 2015-11-25 05:19 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-01-02 15:29 - 2015-11-25 05:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-01-02 15:29 - 2015-11-25 05:13 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-01-02 15:29 - 2015-11-25 05:10 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-01-02 15:29 - 2015-11-25 05:04 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-01-02 15:29 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-01-02 15:29 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-01-02 15:29 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-02 15:29 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-01-02 15:29 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-01-02 15:29 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-01-02 15:29 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-01-02 15:29 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-02 15:29 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-01-02 15:29 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-01-02 15:29 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-02 15:29 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-02 15:29 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-01-02 15:29 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-01-02 15:29 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-02 15:29 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-01-02 15:29 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-02 15:29 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-01-02 15:29 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-01-02 15:29 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-01-02 15:29 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-01-02 15:29 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-01-02 15:29 - 2015-09-17 07:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-01-02 15:29 - 2015-09-17 07:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-01-02 15:29 - 2015-09-17 07:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-01-02 15:29 - 2015-09-17 07:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-01-02 15:29 - 2015-09-17 07:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-01-02 15:29 - 2015-09-17 07:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-02 15:29 - 2015-09-17 07:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-01-02 15:29 - 2015-09-17 07:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-01-02 15:29 - 2015-09-17 07:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-01-02 15:29 - 2015-09-17 07:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-01-02 15:29 - 2015-09-17 07:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-01-02 15:29 - 2015-09-17 07:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-02 15:29 - 2015-09-17 07:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-01-02 15:29 - 2015-09-17 07:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-02 15:29 - 2015-09-17 07:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-01-02 15:29 - 2015-09-17 07:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-01-02 15:29 - 2015-09-17 07:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-01-02 15:29 - 2015-09-17 07:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2016-01-02 15:29 - 2015-09-17 06:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-01-02 15:29 - 2015-09-17 06:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-01-02 15:29 - 2015-09-17 06:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-01-02 15:29 - 2015-09-17 06:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-01-02 15:29 - 2015-09-17 06:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-01-02 15:29 - 2015-09-17 06:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-01-02 15:29 - 2015-09-17 06:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-02 15:29 - 2015-09-17 06:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2016-01-02 15:29 - 2015-09-17 06:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-01-02 15:29 - 2015-09-17 06:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-01-02 15:29 - 2015-09-17 06:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-01-02 15:29 - 2015-09-17 06:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-02 15:29 - 2015-09-17 06:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-01-02 15:29 - 2015-09-17 06:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-01-02 15:29 - 2015-09-17 06:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-02 15:29 - 2015-09-17 06:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-01-02 15:29 - 2015-09-17 06:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-01-02 15:29 - 2015-09-17 06:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-01-02 15:29 - 2015-09-17 06:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-01-02 15:29 - 2015-09-17 06:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-01-02 15:29 - 2015-09-17 06:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-01-02 15:29 - 2015-09-17 06:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-02 15:29 - 2015-09-17 06:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-01-02 15:29 - 2015-09-17 06:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-01-02 15:29 - 2015-09-17 06:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-01-02 15:29 - 2015-09-17 06:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-01-02 15:29 - 2015-09-17 06:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-02 15:29 - 2015-09-17 06:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-01-02 15:29 - 2015-09-17 06:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2016-01-02 15:29 - 2015-09-17 06:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-02 15:29 - 2015-09-17 06:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-01-02 15:29 - 2015-09-17 06:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-01-02 15:29 - 2015-09-17 06:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-02 15:29 - 2015-09-17 06:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-01-02 15:29 - 2015-09-17 06:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-01-02 15:29 - 2015-09-17 06:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-01-02 15:29 - 2015-09-17 06:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-01-02 15:29 - 2015-08-27 06:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-01-02 15:29 - 2015-08-27 06:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-01-02 15:29 - 2015-08-27 06:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2016-01-02 15:29 - 2015-08-27 06:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-01-02 15:29 - 2015-08-27 06:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-01-02 15:29 - 2015-08-20 06:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-01-02 15:29 - 2015-08-18 07:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-01-02 15:29 - 2015-08-18 07:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-02 15:29 - 2015-08-18 07:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-01-02 15:29 - 2015-08-18 07:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-01-02 15:29 - 2015-08-18 07:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-02 15:29 - 2015-08-18 07:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-01-02 15:29 - 2015-08-11 11:02 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-01-02 15:29 - 2015-08-11 10:50 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-01-02 15:29 - 2015-08-11 10:14 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2016-01-02 15:29 - 2015-08-11 10:11 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-01-02 15:29 - 2015-08-11 10:08 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-01-02 15:29 - 2015-08-11 10:05 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-01-02 15:29 - 2015-08-11 10:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2016-01-02 15:29 - 2015-08-11 10:03 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-01-02 15:29 - 2015-08-11 09:59 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-01-02 15:29 - 2015-08-11 09:50 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-01-02 15:29 - 2015-08-11 09:48 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-01-02 15:29 - 2015-08-11 09:40 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-01-02 15:29 - 2015-08-08 07:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-01-02 15:29 - 2015-08-08 07:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-01-02 15:29 - 2015-08-08 07:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-01-02 15:29 - 2015-08-06 04:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-01-02 15:29 - 2015-08-03 03:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2016-01-02 15:29 - 2015-08-03 02:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2016-01-02 15:29 - 2015-08-03 02:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-01-02 15:29 - 2015-08-03 02:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-01-02 15:29 - 2015-07-30 07:16 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-01-02 15:29 - 2015-07-30 05:26 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-01-02 15:29 - 2015-07-30 05:24 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-01-02 15:29 - 2015-07-30 05:12 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-01-02 15:29 - 2015-07-30 04:52 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-01-02 15:29 - 2015-07-30 04:49 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-01-02 15:29 - 2015-07-30 04:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-01-02 15:29 - 2015-07-30 04:44 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-01-02 15:29 - 2015-07-30 04:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2016-01-02 15:29 - 2015-07-30 04:40 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-01-02 15:29 - 2015-07-30 04:38 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-01-02 15:29 - 2015-07-30 04:29 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-01-02 15:29 - 2015-07-30 04:15 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-01-02 15:29 - 2015-07-30 04:04 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-01-02 15:29 - 2015-07-30 03:58 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-01-02 15:29 - 2015-07-26 04:49 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-01-02 15:29 - 2015-07-26 04:38 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-01-02 15:29 - 2015-07-24 03:55 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-01-02 15:29 - 2015-07-24 03:52 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-01-02 15:29 - 2015-07-24 03:30 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2016-01-02 15:29 - 2015-07-24 03:24 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-02 15:29 - 2015-07-18 08:29 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2016-01-02 15:29 - 2015-07-18 06:17 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2016-01-02 15:29 - 2015-07-18 05:06 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2016-01-02 15:29 - 2015-07-18 04:52 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2016-01-02 15:29 - 2015-07-18 04:48 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2016-01-02 15:29 - 2015-07-17 05:13 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-01-02 15:29 - 2015-07-16 05:04 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-01-02 15:29 - 2015-07-16 04:47 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-01-02 15:29 - 2015-07-16 04:32 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-02 15:29 - 2015-07-15 03:41 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-01-02 15:29 - 2015-07-15 02:57 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2016-01-02 15:29 - 2015-07-15 02:47 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-01-02 15:29 - 2015-07-15 02:37 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2016-01-02 15:29 - 2015-07-15 02:35 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2016-01-02 15:29 - 2015-07-15 02:27 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2016-01-02 15:29 - 2015-07-14 02:51 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2016-01-02 15:29 - 2015-07-13 01:01 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-01-02 15:29 - 2015-07-12 01:25 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-01-02 15:29 - 2015-07-12 01:18 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-01-02 15:29 - 2015-07-12 00:46 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-01-02 15:29 - 2015-07-11 02:28 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-01-02 15:29 - 2015-07-11 02:17 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-01-02 15:29 - 2015-07-11 02:07 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-01-02 15:29 - 2015-07-11 02:04 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-01-02 15:29 - 2015-07-11 02:03 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2016-01-02 15:29 - 2015-07-11 02:02 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-01-02 15:29 - 2015-07-11 01:51 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-01-02 15:29 - 2015-07-11 01:43 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-01-02 15:29 - 2015-07-11 01:41 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-01-02 15:29 - 2015-07-11 01:40 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2016-01-02 15:29 - 2015-07-10 10:53 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-01-02 15:29 - 2015-07-10 10:29 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-01-02 15:28 - 2015-11-25 06:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2016-01-02 15:28 - 2015-11-25 05:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2016-01-02 15:28 - 2015-11-25 05:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2016-01-02 15:28 - 2015-11-25 05:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-01-02 15:28 - 2015-11-25 05:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2016-01-02 15:28 - 2015-11-25 05:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2016-01-02 15:28 - 2015-11-25 05:26 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-01-02 15:28 - 2015-11-25 05:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-01-02 15:28 - 2015-11-25 05:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-01-02 15:28 - 2015-11-25 05:22 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2016-01-02 15:28 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2016-01-02 15:28 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2016-01-02 15:28 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2016-01-02 15:28 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2016-01-02 15:28 - 2015-11-25 05:17 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-01-02 15:28 - 2015-11-25 05:16 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2016-01-02 15:28 - 2015-11-25 05:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2016-01-02 15:28 - 2015-11-25 05:08 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-01-02 15:28 - 2015-11-25 05:04 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2016-01-02 15:28 - 2015-11-25 05:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2016-01-02 15:28 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2016-01-02 15:28 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2016-01-02 15:28 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2016-01-02 15:28 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2016-01-02 15:28 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-01-02 15:28 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\system32\locale.nls
2016-01-02 15:28 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-01-02 15:28 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-01-02 15:28 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-01-02 15:28 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-01-02 15:28 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-01-02 15:28 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-01-02 15:28 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-01-02 15:28 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-01-02 15:28 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-01-02 15:28 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-01-02 15:28 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-01-02 15:28 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-01-02 15:28 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-01-02 15:28 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-01-02 15:28 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-01-02 15:28 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-01-02 15:28 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-01-02 15:28 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-01-02 15:28 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-01-02 15:28 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-01-02 15:28 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-01-02 15:28 - 2015-09-19 06:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-01-02 15:28 - 2015-09-17 07:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-02 15:28 - 2015-09-17 07:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-01-02 15:28 - 2015-09-17 07:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-01-02 15:28 - 2015-09-17 07:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-01-02 15:28 - 2015-09-17 07:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-01-02 15:28 - 2015-09-17 07:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-01-02 15:28 - 2015-09-17 07:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-02 15:28 - 2015-09-17 07:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-01-02 15:28 - 2015-09-17 07:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-02 15:28 - 2015-09-17 07:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-01-02 15:28 - 2015-09-17 07:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-01-02 15:28 - 2015-09-17 07:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-01-02 15:28 - 2015-09-17 07:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-01-02 15:28 - 2015-09-17 07:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-01-02 15:28 - 2015-09-17 07:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-01-02 15:28 - 2015-09-17 07:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-01-02 15:28 - 2015-09-17 06:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-01-02 15:28 - 2015-09-17 06:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-01-02 15:28 - 2015-09-17 06:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2016-01-02 15:28 - 2015-09-17 06:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-01-02 15:28 - 2015-09-17 06:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-01-02 15:28 - 2015-09-17 06:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2016-01-02 15:28 - 2015-09-17 06:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-01-02 15:28 - 2015-09-17 06:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-01-02 15:28 - 2015-09-17 06:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2016-01-02 15:28 - 2015-09-17 06:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2016-01-02 15:28 - 2015-09-17 06:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2016-01-02 15:28 - 2015-09-17 06:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2016-01-02 15:28 - 2015-09-17 06:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-01-02 15:28 - 2015-09-17 06:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-01-02 15:28 - 2015-09-17 06:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-01-02 15:28 - 2015-09-17 06:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-01-02 15:28 - 2015-09-17 06:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-01-02 15:28 - 2015-09-17 06:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-01-02 15:28 - 2015-09-17 06:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-01-02 15:28 - 2015-09-17 06:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-01-02 15:28 - 2015-09-17 06:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-01-02 15:28 - 2015-09-17 06:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2016-01-02 15:28 - 2015-08-27 06:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-01-02 15:28 - 2015-08-27 06:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-01-02 15:28 - 2015-08-27 06:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-01-02 15:28 - 2015-08-20 07:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-01-02 15:28 - 2015-08-20 06:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-01-02 15:28 - 2015-08-18 08:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-01-02 15:28 - 2015-08-18 07:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2016-01-02 15:28 - 2015-08-18 07:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2016-01-02 15:28 - 2015-08-18 07:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-01-02 15:28 - 2015-08-18 07:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2016-01-02 15:28 - 2015-08-18 07:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2016-01-02 15:28 - 2015-08-18 07:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2016-01-02 15:28 - 2015-08-18 07:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-02 15:28 - 2015-08-18 07:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-01-02 15:28 - 2015-08-18 07:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2016-01-02 15:28 - 2015-08-18 07:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2016-01-02 15:28 - 2015-08-18 07:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2016-01-02 15:28 - 2015-08-18 07:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-01-02 15:28 - 2015-08-18 05:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2016-01-02 15:28 - 2015-08-11 10:52 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2016-01-02 15:28 - 2015-08-11 10:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2016-01-02 15:28 - 2015-08-11 10:13 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
2016-01-02 15:28 - 2015-08-11 10:10 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2016-01-02 15:28 - 2015-08-11 10:00 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-01-02 15:28 - 2015-08-11 09:59 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2016-01-02 15:28 - 2015-08-11 09:50 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-02 15:28 - 2015-08-11 09:43 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-01-02 15:28 - 2015-08-11 09:39 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-01-02 15:28 - 2015-08-11 09:38 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2016-01-02 15:28 - 2015-08-05 05:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-01-02 15:28 - 2015-08-05 04:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2016-01-02 15:28 - 2015-08-03 03:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-01-02 15:28 - 2015-08-03 03:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-01-02 15:28 - 2015-08-03 03:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2016-01-02 15:28 - 2015-08-03 03:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-02 15:28 - 2015-08-03 02:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-02 15:28 - 2015-08-03 02:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2016-01-02 15:28 - 2015-08-03 02:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-01-02 15:28 - 2015-08-03 02:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2016-01-02 15:28 - 2015-08-03 02:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2016-01-02 15:28 - 2015-08-03 02:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-01-02 15:28 - 2015-08-03 02:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-01-02 15:28 - 2015-08-03 02:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2016-01-02 15:28 - 2015-08-03 02:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2016-01-02 15:28 - 2015-08-03 01:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2016-01-02 15:28 - 2015-07-30 07:23 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-02 15:28 - 2015-07-30 07:21 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-01-02 15:28 - 2015-07-30 07:17 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-01-02 15:28 - 2015-07-30 07:15 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-01-02 15:28 - 2015-07-30 07:06 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-01-02 15:28 - 2015-07-30 05:26 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-01-02 15:28 - 2015-07-30 05:25 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-01-02 15:28 - 2015-07-30 05:22 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-01-02 15:28 - 2015-07-30 05:22 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-01-02 15:28 - 2015-07-30 04:46 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-01-02 15:28 - 2015-07-30 04:44 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-01-02 15:28 - 2015-07-30 04:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2016-01-02 15:28 - 2015-07-30 04:06 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-01-02 15:28 - 2015-07-30 04:06 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-01-02 15:28 - 2015-07-30 04:06 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2016-01-02 15:28 - 2015-07-26 04:49 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-01-02 15:28 - 2015-07-26 04:47 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-01-02 15:28 - 2015-07-26 04:39 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-01-02 15:28 - 2015-07-26 04:35 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-01-02 15:28 - 2015-07-26 04:34 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-01-02 15:28 - 2015-07-26 04:29 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-01-02 15:28 - 2015-07-24 04:17 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-01-02 15:28 - 2015-07-24 04:17 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-01-02 15:28 - 2015-07-24 04:12 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-01-02 15:28 - 2015-07-24 03:24 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2016-01-02 15:28 - 2015-07-22 05:13 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2016-01-02 15:28 - 2015-07-22 05:00 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-01-02 15:28 - 2015-07-22 04:21 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2016-01-02 15:28 - 2015-07-22 04:13 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-01-02 15:28 - 2015-07-19 05:04 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-01-02 15:28 - 2015-07-19 04:23 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-01-02 15:28 - 2015-07-19 04:18 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2016-01-02 15:28 - 2015-07-18 09:47 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2016-01-02 15:28 - 2015-07-18 08:37 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-01-02 15:28 - 2015-07-18 08:28 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-01-02 15:28 - 2015-07-18 08:26 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2016-01-02 15:28 - 2015-07-18 06:02 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-01-02 15:28 - 2015-07-18 04:59 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-01-02 15:28 - 2015-07-18 04:59 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2016-01-02 15:28 - 2015-07-18 04:50 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-01-02 15:28 - 2015-07-18 04:49 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-01-02 15:28 - 2015-07-18 04:49 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-01-02 15:28 - 2015-07-18 04:49 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2016-01-02 15:28 - 2015-07-18 04:47 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2016-01-02 15:28 - 2015-07-17 03:39 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2016-01-02 15:28 - 2015-07-17 03:33 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2016-01-02 15:28 - 2015-07-17 03:18 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-01-02 15:28 - 2015-07-17 03:05 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2016-01-02 15:28 - 2015-07-17 02:44 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-01-02 15:28 - 2015-07-16 05:03 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2016-01-02 15:28 - 2015-07-16 04:45 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-02 15:28 - 2015-07-16 04:41 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-01-02 15:28 - 2015-07-16 04:33 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2016-01-02 15:28 - 2015-07-16 04:19 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2016-01-02 15:28 - 2015-07-15 03:22 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-01-02 15:28 - 2015-07-14 04:00 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-01-02 15:28 - 2015-07-14 03:37 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-01-02 15:28 - 2015-07-14 02:38 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2016-01-02 15:28 - 2015-07-14 02:20 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2016-01-02 15:28 - 2015-07-11 01:34 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-01-02 15:28 - 2015-07-10 16:47 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-01-02 15:28 - 2015-07-10 15:52 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-01-02 15:28 - 2015-07-10 11:59 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2016-01-02 15:28 - 2015-07-10 11:42 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-01-02 15:27 - 2015-11-25 05:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-01-02 15:27 - 2015-11-25 05:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-01-02 15:27 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-01-02 15:27 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-01-02 15:27 - 2015-09-17 07:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-01-02 15:27 - 2015-09-17 06:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-01-02 15:27 - 2015-09-17 06:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2016-01-02 15:27 - 2015-09-17 06:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2016-01-02 15:27 - 2015-09-17 06:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2016-01-02 15:27 - 2015-08-11 09:50 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-01 23:56 - 2016-01-02 23:57 - 00002433 _____ C:\Users\Yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-01-01 23:56 - 2016-01-01 23:56 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-01-01 23:54 - 2016-01-01 23:56 - 00000000 ___RD C:\Users\Yannick\OneDrive
2016-01-01 23:54 - 2016-01-01 23:56 - 00000000 ____D C:\Users\Yannick\AppData\Local\Comms
2016-01-01 23:54 - 2016-01-01 23:54 - 00000020 ___SH C:\Users\Yannick\ntuser.ini
2016-01-01 23:54 - 2016-01-01 23:54 - 00000000 ____D C:\Users\Yannick\AppData\Local\TileDataLayer
2016-01-01 23:54 - 2016-01-01 23:54 - 00000000 ____D C:\Users\Yannick\AppData\Local\Publishers
2016-01-01 23:44 - 2015-12-01 08:01 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-01-01 23:43 - 2016-01-01 23:43 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-01-01 23:43 - 2016-01-01 23:43 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-01-01 23:43 - 2016-01-01 23:43 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-01-01 23:43 - 2016-01-01 23:43 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-01-01 23:43 - 2016-01-01 23:43 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-01-01 23:43 - 2016-01-01 23:43 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-01-01 23:43 - 2016-01-01 23:43 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-01-01 23:43 - 2016-01-01 23:43 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-01-01 23:43 - 2016-01-01 23:43 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-01-01 23:43 - 2016-01-01 23:43 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-01-01 23:43 - 2016-01-01 23:43 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-01-01 23:43 - 2016-01-01 23:43 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-01-01 23:43 - 2016-01-01 23:43 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-01-01 23:43 - 2016-01-01 23:43 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-01-01 23:43 - 2016-01-01 23:43 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-01-01 23:43 - 2016-01-01 23:43 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-01-01 23:43 - 2016-01-01 23:43 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-01-01 23:43 - 2016-01-01 23:43 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-01-01 23:43 - 2016-01-01 23:43 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-01-01 23:41 - 2016-01-29 16:41 - 01801664 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-01 23:38 - 2016-01-01 23:38 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-01 23:38 - 2016-01-01 23:38 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-01-01 23:38 - 2016-01-01 23:38 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-01-01 23:38 - 2016-01-01 23:38 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-01-01 23:38 - 2016-01-01 23:38 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-01-01 23:36 - 2016-01-01 23:36 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-01-01 23:35 - 2016-01-28 21:26 - 00000000 ____D C:\Users\Yannick
2016-01-01 23:35 - 2016-01-01 23:35 - 00000000 _SHDL C:\Users\Yannick\Vorlagen
2016-01-01 23:35 - 2016-01-01 23:35 - 00000000 _SHDL C:\Users\Yannick\Startmenü
2016-01-01 23:35 - 2016-01-01 23:35 - 00000000 _SHDL C:\Users\Yannick\Netzwerkumgebung
2016-01-01 23:35 - 2016-01-01 23:35 - 00000000 _SHDL C:\Users\Yannick\Lokale Einstellungen
2016-01-01 23:35 - 2016-01-01 23:35 - 00000000 _SHDL C:\Users\Yannick\Eigene Dateien
2016-01-01 23:35 - 2016-01-01 23:35 - 00000000 _SHDL C:\Users\Yannick\Druckumgebung
2016-01-01 23:35 - 2016-01-01 23:35 - 00000000 _SHDL C:\Users\Yannick\Documents\Eigene Videos
2016-01-01 23:35 - 2016-01-01 23:35 - 00000000 _SHDL C:\Users\Yannick\Documents\Eigene Musik
2016-01-01 23:35 - 2016-01-01 23:35 - 00000000 _SHDL C:\Users\Yannick\Documents\Eigene Bilder
2016-01-01 23:35 - 2016-01-01 23:35 - 00000000 _SHDL C:\Users\Yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-01-01 23:35 - 2016-01-01 23:35 - 00000000 _SHDL C:\Users\Yannick\AppData\Local\Verlauf
2016-01-01 23:35 - 2016-01-01 23:35 - 00000000 _SHDL C:\Users\Yannick\AppData\Local\Anwendungsdaten
2016-01-01 23:35 - 2016-01-01 23:35 - 00000000 _SHDL C:\Users\Yannick\Anwendungsdaten
2016-01-01 23:34 - 2015-07-10 11:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-01-01 23:33 - 2016-01-29 16:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-01 23:33 - 2016-01-01 23:33 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-01-01 23:32 - 2016-01-01 23:36 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-01-01 23:32 - 2016-01-01 23:36 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-01-01 23:32 - 2016-01-01 23:36 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-01-01 23:32 - 2016-01-01 23:32 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-01-01 23:32 - 2016-01-01 23:32 - 00000000 ____D C:\Program Files\Realtek
2016-01-01 23:32 - 2015-08-07 01:24 - 06873904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-01-01 23:32 - 2015-08-07 01:24 - 03492984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-01-01 23:32 - 2015-08-07 01:24 - 02558768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-01-01 23:32 - 2015-08-07 01:24 - 00937592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-01-01 23:32 - 2015-08-07 01:24 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-01-01 23:32 - 2015-08-07 01:24 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-01-01 23:32 - 2015-08-03 11:04 - 05133709 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-01-01 23:30 - 2016-01-02 00:00 - 00000000 ___DC C:\WINDOWS\Panther
2016-01-01 23:29 - 2016-01-01 23:29 - 00000000 ____D C:\Windows.old
2016-01-01 23:28 - 2016-01-01 23:28 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-01-01 23:24 - 2016-01-01 23:38 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-01-01 23:24 - 2016-01-01 23:24 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-01-01 23:24 - 2016-01-01 23:24 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-01-01 23:24 - 2016-01-01 23:24 - 00000000 ____D C:\Program Files\MSBuild
2016-01-01 23:24 - 2016-01-01 23:24 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-01-01 23:24 - 2015-05-29 21:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-01-01 23:24 - 2015-05-29 21:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-01-01 23:24 - 2015-05-29 21:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-01-01 23:23 - 2015-06-17 18:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-01-01 23:23 - 2015-06-17 18:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-01-01 23:23 - 2015-06-17 18:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-30 13:27 - 2015-12-30 13:27 - 00000025 _____ C:\Users\Yannick\Desktop\Googlemail.txt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-29 16:55 - 2013-02-12 11:16 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-29 16:49 - 2012-11-05 18:51 - 00000000 ____D C:\Program Files (x86)\Mediathek
2016-01-29 16:41 - 2015-07-10 17:34 - 00774822 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-29 16:41 - 2015-07-10 17:34 - 00155710 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-29 16:41 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-29 16:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-29 16:41 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2016-01-29 16:35 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-29 16:35 - 2013-10-20 20:26 - 00000000 __RDO C:\Users\Yannick\SkyDrive
2016-01-29 00:39 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-28 23:33 - 2012-12-12 12:27 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-01-28 21:48 - 2014-12-06 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2016-01-28 21:48 - 2014-12-06 16:38 - 00000000 ____D C:\ProgramData\Panda Security
2016-01-28 21:42 - 2013-03-10 13:53 - 00000000 ____D C:\Users\Yannick\AppData\Roaming\Skype
2016-01-28 21:37 - 2013-02-13 21:36 - 00000000 ____D C:\Users\Yannick\AppData\Roaming\TS3Client
2016-01-28 21:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-01-28 21:00 - 2013-05-30 00:50 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-01-28 20:58 - 2014-03-13 17:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-28 20:58 - 2014-03-13 17:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-28 20:58 - 2013-02-12 10:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-19 20:55 - 2013-02-12 11:16 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-01-16 17:25 - 2013-03-19 14:33 - 00000000 ____D C:\Users\Yannick\Documents\Outlook-Dateien
2016-01-14 20:54 - 2015-05-14 18:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-14 20:52 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-14 20:52 - 2013-08-18 14:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-14 20:49 - 2012-11-05 18:14 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-14 20:49 - 2012-07-26 06:26 - 00000167 _____ C:\WINDOWS\win.ini
2016-01-10 20:24 - 2012-11-27 11:50 - 01821100 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-01-06 15:16 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2016-01-06 14:17 - 2013-02-12 10:09 - 00000000 ____D C:\Users\Yannick\AppData\Local\Packages
2016-01-05 20:16 - 2015-07-10 13:20 - 00394344 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-05 20:15 - 2015-07-10 17:46 - 00000000 ____D C:\Program Files\Windows Journal
2016-01-05 20:15 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-01-05 20:15 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-05 20:15 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-05 20:15 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-05 20:15 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-01-05 20:15 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-01-05 20:15 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-05 20:15 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-01-05 20:15 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-05 20:15 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-05 20:15 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2016-01-05 20:15 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-01-05 20:15 - 2015-07-10 10:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-01-05 20:15 - 2015-07-10 10:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-01-03 02:40 - 2015-07-10 12:06 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 02:40 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-02 14:30 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\appcompat
2016-01-01 23:54 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-01-01 23:54 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-01-01 23:43 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Registration
2016-01-01 23:43 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Windows NT
2016-01-01 23:43 - 2013-10-20 20:21 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-01-01 23:43 - 2013-10-20 20:16 - 00041913 _____ C:\WINDOWS\diagwrn.xml
2016-01-01 23:43 - 2013-10-20 20:16 - 00041913 _____ C:\WINDOWS\diagerr.xml
2016-01-01 23:43 - 2013-06-09 11:22 - 00002886 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-01-01 23:43 - 2013-02-12 10:15 - 00003708 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3391011429-186193620-3244763449-1002
2016-01-01 23:42 - 2015-07-10 12:04 - 00000000 __RHD C:\Users\Public\Libraries
2016-01-01 23:38 - 2015-09-17 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossfire Europe
2016-01-01 23:38 - 2015-07-10 17:46 - 00000000 ____D C:\WINDOWS\ShellNew
2016-01-01 23:38 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-01-01 23:38 - 2015-07-10 12:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-01 23:38 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-01 23:38 - 2015-07-09 17:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSD Tweaker
2016-01-01 23:38 - 2015-05-23 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoLSkinView
2016-01-01 23:38 - 2015-04-12 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aftermath
2016-01-01 23:38 - 2015-04-01 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2016-01-01 23:38 - 2015-03-15 14:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-01 23:38 - 2015-01-15 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2016-01-01 23:38 - 2015-01-04 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-01-01 23:38 - 2014-12-17 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-01-01 23:38 - 2014-12-15 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-01-01 23:38 - 2014-11-22 23:36 - 00000000 ____D C:\Users\Yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music
2016-01-01 23:38 - 2014-06-07 23:28 - 00000000 ____D C:\Users\Yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-01-01 23:38 - 2014-04-26 11:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Space
2016-01-01 23:38 - 2014-04-14 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-01-01 23:38 - 2014-04-07 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2016-01-01 23:38 - 2014-03-30 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-01-01 23:38 - 2013-11-16 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2016-01-01 23:38 - 2013-10-14 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedSim
2016-01-01 23:38 - 2013-09-19 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-01-01 23:38 - 2013-08-22 14:36 - 00000000 ____D C:\Users\Default.migrated
2016-01-01 23:38 - 2013-06-09 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-01-01 23:38 - 2013-05-07 14:47 - 00000000 ____D C:\Users\Yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-01 23:38 - 2013-05-07 13:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-01 23:38 - 2013-04-05 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2016-01-01 23:38 - 2013-03-18 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2016-01-01 23:38 - 2013-03-18 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-01-01 23:38 - 2013-02-13 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-01-01 23:38 - 2013-02-12 12:07 - 00000000 ____D C:\Users\Yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2016-01-01 23:38 - 2013-02-12 11:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TERA
2016-01-01 23:38 - 2012-11-27 11:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-01-01 23:38 - 2012-11-05 18:37 - 00000000 ____D C:\WINDOWS\tr
2016-01-01 23:38 - 2012-11-05 18:37 - 00000000 ____D C:\WINDOWS\sv
2016-01-01 23:38 - 2012-11-05 18:37 - 00000000 ____D C:\WINDOWS\sl
2016-01-01 23:38 - 2012-11-05 18:37 - 00000000 ____D C:\WINDOWS\pl
2016-01-01 23:38 - 2012-11-05 18:37 - 00000000 ____D C:\WINDOWS\nl
2016-01-01 23:38 - 2012-11-05 18:37 - 00000000 ____D C:\WINDOWS\it
2016-01-01 23:38 - 2012-11-05 18:37 - 00000000 ____D C:\WINDOWS\hu
2016-01-01 23:38 - 2012-11-05 18:37 - 00000000 ____D C:\WINDOWS\da
2016-01-01 23:38 - 2012-11-05 18:36 - 00000000 ____D C:\WINDOWS\fr
2016-01-01 23:38 - 2012-11-05 18:36 - 00000000 ____D C:\WINDOWS\es
2016-01-01 23:38 - 2012-11-05 18:36 - 00000000 ____D C:\WINDOWS\el
2016-01-01 23:38 - 2012-11-05 18:36 - 00000000 ____D C:\WINDOWS\de
2016-01-01 23:38 - 2012-07-26 10:43 - 00000000 ____D C:\WINDOWS\en-GB
2016-01-01 23:36 - 2015-07-10 17:34 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-01-01 23:36 - 2015-07-10 14:19 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-01-01 23:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-01-01 23:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-01-01 23:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-01-01 23:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\spool
2016-01-01 23:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-01 23:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-01-01 23:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-01-01 23:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\IME
2016-01-01 23:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\System
2016-01-01 23:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-01-01 23:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\InputMethod
2016-01-01 23:36 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\IME
2016-01-01 23:36 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\System
2016-01-01 23:36 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-01-01 23:36 - 2014-10-06 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-01-01 23:36 - 2014-08-04 17:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
2016-01-01 23:36 - 2013-11-23 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xerox-Bürodruck
2016-01-01 23:36 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-01-01 23:36 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-01-01 23:36 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\ADFS
2016-01-01 23:36 - 2013-05-26 13:58 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2016-01-01 23:36 - 2013-02-12 18:31 - 00000000 ____D C:\Users\Yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-01-01 23:36 - 2012-11-27 11:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeCinema
2016-01-01 23:36 - 2012-11-05 17:00 - 00000000 ____D C:\ProgramData\PRICache
2016-01-01 23:33 - 2015-07-10 10:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-01-01 23:32 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Help
2016-01-01 23:30 - 2015-07-10 12:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-01-01 23:24 - 2015-07-10 11:59 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-01-01 23:24 - 2015-07-10 11:59 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-01-01 23:24 - 2015-07-10 11:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-01-01 23:24 - 2015-07-10 11:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-01-01 23:24 - 2015-07-10 11:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-01-01 23:24 - 2015-07-10 11:59 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-01-01 23:24 - 2015-07-10 11:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-01-01 23:24 - 2015-07-10 11:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-01-01 23:24 - 2015-07-10 11:59 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-01-01 23:24 - 2015-07-10 11:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-01-01 23:24 - 2015-07-10 11:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-01-01 23:24 - 2015-07-10 11:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-01-01 23:24 - 2015-07-10 11:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-01-01 23:24 - 2015-07-10 11:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-01-01 23:24 - 2015-07-10 11:59 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-01-01 23:24 - 2015-07-10 11:59 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-01-01 23:24 - 2015-07-10 11:59 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-01-01 23:24 - 2015-07-10 11:59 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-01-01 23:09 - 2015-07-10 18:28 - 00000000 ___HD C:\$Windows.~BT
2015-12-30 13:33 - 2013-06-26 17:45 - 00000000 ____D C:\Users\Yannick\AppData\Local\CrashDumps

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-05-25 17:11 - 2014-05-25 17:11 - 0000845 _____ () C:\Users\Yannick\AppData\Local\recently-used.xbel
2013-02-13 16:58 - 2015-08-08 15:11 - 0007634 _____ () C:\Users\Yannick\AppData\Local\Resmon.ResmonCfg
2015-03-20 23:05 - 2015-03-20 23:05 - 0000032 _____ () C:\ProgramData\Temp.log
2012-11-27 11:34 - 2012-11-27 11:35 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2012-11-27 11:33 - 2012-11-27 11:33 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2012-11-27 11:32 - 2012-11-27 11:32 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2012-11-27 11:33 - 2012-11-27 11:34 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
2012-11-27 11:32 - 2012-11-27 11:33 - 0000110 _____ () C:\ProgramData\{E3739848-5329-48E3-8D28-5BBD6E8BE384}.log
2012-11-27 11:33 - 2012-11-27 11:33 - 0000110 _____ () C:\ProgramData\{E3D04529-6EDB-11D8-A372-0050BAE317E1}.log

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Windows\Tasks\{D6D7D7CB-A8DB-4F05-831F-DDF3BA57513B}.job


Einige Dateien in TEMP:
====================
C:\Users\Yannick\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Yannick\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Yannick\AppData\Local\Temp\{53B9E982-ED23-491F-8161-4567C97F8F22}.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-21 20:06

==================== Ende von FRST.txt ============================
         

Alt 31.01.2016, 20:56   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Streaming Dienst Account gehackt. PC befallen? - Standard

Streaming Dienst Account gehackt. PC befallen?



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    BrowserProtect

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 


__________________
Logs bitte immer in CODE-Tags posten

Antwort

Themen zu Streaming Dienst Account gehackt. PC befallen?
account, account gehackt, adminkonto, anhang, befallen, code, datei, dienst, einzeln, frage, fragen, funktionier, funktioniert, genutzt, hoffe, konto, löschen, pc safty, punkt, sache, sachen, scan, scanne, versuch, versucht, würde, zu lang



Ähnliche Themen: Streaming Dienst Account gehackt. PC befallen?


  1. FB Account gehackt.
    Smartphone, Tablet & Handy Security - 20.10.2015 (8)
  2. Spam Mail vom eigenen Yahoo Account erhalten - Account gehackt?
    Log-Analyse und Auswertung - 28.08.2015 (8)
  3. WoW Account gehackt
    Log-Analyse und Auswertung - 08.10.2014 (5)
  4. E-Mail Account gehackt - unauthorisierte Mails von meinem Account werden verschickt
    Log-Analyse und Auswertung - 19.04.2014 (5)
  5. BSI Email Account gehackt. PC mit Trojaner befallen?
    Log-Analyse und Auswertung - 08.04.2014 (1)
  6. Ubisofts Download-Dienst uPlay gehackt
    Nachrichten - 10.04.2013 (0)
  7. Notiz-Dienst Evernote wurde gehackt
    Nachrichten - 04.03.2013 (1)
  8. GMX Account gehackt!
    Log-Analyse und Auswertung - 08.08.2012 (0)
  9. GMX-Account gehackt ?
    Plagegeister aller Art und deren Bekämpfung - 08.06.2012 (1)
  10. Account gehackt!
    Log-Analyse und Auswertung - 08.08.2011 (19)
  11. Account gehackt
    Log-Analyse und Auswertung - 30.03.2010 (13)
  12. WoW Account 2 mal gehackt
    Log-Analyse und Auswertung - 05.02.2010 (0)
  13. wow-account gehackt
    Log-Analyse und Auswertung - 14.12.2009 (5)
  14. WoW - Account gehackt und nun
    Log-Analyse und Auswertung - 01.09.2009 (27)
  15. MSN account gehackt
    Plagegeister aller Art und deren Bekämpfung - 01.02.2009 (4)
  16. Account gehackt
    Log-Analyse und Auswertung - 24.06.2008 (1)
  17. Amazon Account gehackt + E-mail gehackt !
    Plagegeister aller Art und deren Bekämpfung - 05.05.2008 (16)

Zum Thema Streaming Dienst Account gehackt. PC befallen? - Hallo mir wurde vorgestern mein Account bei einem Streamingdienst gehackt. Und von daher wollte ich euch Fragen ob ihr mir helfen könnt mein PC zu scannen. Obwohl ich hauptsächlich die - Streaming Dienst Account gehackt. PC befallen?...
Archiv
Du betrachtest: Streaming Dienst Account gehackt. PC befallen? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.