| |
| |||||||
Log-Analyse und Auswertung: Win 10: unbekannte Ordner und Javascript Datei unter C:/ gefundenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
24.07.2016, 15:19
| #1 |
 |  Win 10: unbekannte Ordner und Javascript Datei unter C:/ gefunden Guten Tag lieber Supporter, ich habe eventuell ein Problem mit meinem Computer. Und zwar: Gestern habe ich unter C:\Program Files und C:\Program Files (x86) zwei mir unbekannte Ordner mit der Bezeichnung "CMAK" und einer JavaScript Datei mit der Bezeichnung "user" gefunden. Dann habe ich noch 2 mir unbekannte Powershell Autostarteinträge gefunden. Die Einträge führen zu folgenden Registry Einträgen: HKEY_CLASSES_ROOT\Directory\shell\Powershell HKEY_CLASSES_ROOT\Drive\shell\Powershell Durch`s googeln habe ich herausgefunden das CMAK wohl was mit einem Windows Verbindungsmanager zu tun hat. Aber sowas habe ich meines Wissens nach nicht installiert oder aktiviert. Kann sich ein Supporter bitte mal die FRST und Additional Datei anschauen? Mein Virenscanner (Sicherheitspaket by F-Secure) und Malwarebytes haben nichts finden können. Windows 10 Pro Vielen lieben Dank! Torsten Die FRST- Log Dateien musste ich auf 8 Teile verteilen. FRST 1: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-07-2016 durchgeführt von TS Admin (Administrator) auf ACER-DESKTOP (24-07-2016 15:02:51) Gestartet von C:\Users\TS Benutzer\Desktop\Trojanerboard Geladene Profile: TS Admin & TS Benutzer & (Verfügbare Profile: TS Admin & TS Benutzer) Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (F-Secure Corporation) C:\Program Files (x86)\UnityMedia\fshoster32.exe (F-Secure Corporation) C:\Program Files (x86)\UnityMedia\apps\CCF_Reputation\fsorsp.exe (F-Secure Corporation) C:\Program Files (x86)\UnityMedia\apps\ComputerSecurity\Anti-Virus\fsgk32.exe (F-Secure Corporation) C:\Program Files (x86)\UnityMedia\apps\ComputerSecurity\Common\FSMA32.EXE (F-Secure Corporation) C:\Program Files (x86)\UnityMedia\apps\ComputerSecurity\Common\FSHDLL64.EXE (F-Secure Corporation) C:\Program Files (x86)\UnityMedia\apps\ComputerSecurity\Anti-Virus\fssm32.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (F-Secure Corporation) C:\Program Files (x86)\UnityMedia\fshoster32.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe () C:\Users\TS Benutzer\Desktop\Programme\NPowerTray-1.6.1.0\NPowerTray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.6.205.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16681728 2016-07-16] (Realtek Semiconductor) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-07-16] (Microsoft Corporation) HKU\S-1-5-21-3474957750-2762291774-2956588697-1001\...\Run: [NPowerTray] => C:\Users\TS Admin\Desktop\Programme\NPowerTray-1.6.1.0\NPowerTray.exe [131584 2016-07-14] () HKU\S-1-5-21-3474957750-2762291774-2956588697-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd) HKU\S-1-5-21-3474957750-2762291774-2956588697-1001\...\Run: [GoogleChromeAutoLaunch_327FE76A141C3F1E2B80B9EF8598E162] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1135432 2016-07-19] (Google Inc.) HKU\S-1-5-21-3474957750-2762291774-2956588697-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [NPowerTray] => C:\Users\TS Admin\Desktop\Programme\NPowerTray-1.6.1.0\NPowerTray.exe [131584 2016-07-14] () HKU\S-1-5-21-3474957750-2762291774-2956588697-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd) HKU\S-1-5-21-3474957750-2762291774-2956588697-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_327FE76A141C3F1E2B80B9EF8598E162] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1135432 2016-07-19] (Google Inc.) HKU\S-1-5-21-3474957750-2762291774-2956588697-1002\...\Run: [NPowerTray] => C:\Users\TS Benutzer\Desktop\Programme\NPowerTray-1.6.1.0\NPowerTray.exe [131584 2016-07-14] () HKU\S-1-5-21-3474957750-2762291774-2956588697-1002\...\Run: [GoogleChromeAutoLaunch_16209B9115A90254167BFE87E0575E95] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1135432 2016-07-19] (Google Inc.) HKU\S-1-5-21-3474957750-2762291774-2956588697-1002\...\Run: [Zoom] => 0 HKU\S-1-5-21-3474957750-2762291774-2956588697-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [NPowerTray] => C:\Users\TS Benutzer\Desktop\Programme\NPowerTray-1.6.1.0\NPowerTray.exe [131584 2016-07-14] () HKU\S-1-5-21-3474957750-2762291774-2956588697-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_16209B9115A90254167BFE87E0575E95] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1135432 2016-07-19] (Google Inc.) HKU\S-1-5-21-3474957750-2762291774-2956588697-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Zoom] => 0 GroupPolicyScripts: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 80.69.96.12 81.210.129.4 Tcpip\..\Interfaces\{0da866ae-e8f9-4a8c-9643-e33bcfe112a6}: [DhcpNameServer] 80.69.96.12 81.210.129.4 Tcpip\..\Interfaces\{1b8b1fe4-9066-4892-849d-5f471dd0323d}: [DhcpNameServer] 80.69.96.12 81.210.129.4 Internet Explorer: ================== BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\UnityMedia\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2016-07-22] (F-Secure Corporation) BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\UnityMedia\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2016-07-22] (F-Secure Corporation) DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1468778571854 FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-07-14] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-07-14] (Google Inc.) FF Plugin HKU\S-1-5-21-3474957750-2762291774-2956588697-1002: @zoom.us/ZoomVideoPlugin -> C:\Users\TS Benutzer\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2016-07-13] (Zoom Video Communications, Inc.) FF Plugin HKU\S-1-5-21-3474957750-2762291774-2956588697-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @zoom.us/ZoomVideoPlugin -> C:\Users\TS Benutzer\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2016-07-13] (Zoom Video Communications, Inc.) FF HKLM\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\UnityMedia\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi FF Extension: Browsing Protection by F-Secure - C:\Program Files (x86)\UnityMedia\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi [2016-07-22] FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\UnityMedia\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi Chrome: ======= CHR dev: Chrome dev build erkannt! <======= ACHTUNG CHR Profile: C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-14] CHR Extension: (ChromeAccess) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeoigbhkilbllfomkmmilbfochhlgdmh [2016-07-14] CHR Extension: (Flash Video Downloader) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2016-07-24] CHR Extension: (Google Docs) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-14] CHR Extension: (Google Drive) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-14] CHR Extension: (Session Manager) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi [2016-07-14] CHR Extension: (YouTube) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-14] CHR Extension: (Archive Poster) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceakpicibkmdilicebgddflnfbpmcpgd [2016-07-14] CHR Extension: (Image Downloader) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2016-07-14] CHR Extension: (ZenMate - IP & Browser Check) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchhalahcjpkabdgonjhoogdcipienhf [2016-07-14] CHR Extension: (Video Downloader professional) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2016-07-24] CHR Extension: (ZenMate VPN - Top Internet Security & Unblock) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2016-07-17] CHR Extension: (Google Tabellen) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-14] CHR Extension: (HTTPS Everywhere) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2016-07-24] CHR Extension: (Google Docs Offline) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-14] CHR Extension: (ZenMate Web Firewall (Free, Plus Ad Blocker)) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hphffohcfcaeoekbkfibilcmmoakhmfc [2016-07-14] CHR Extension: (Training for Google Apps) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\idkloemkmldbemijiamdiolojbffnjlh [2016-07-24] CHR Extension: (Boxcryptor) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijmndaodmdjamfepoijpolhjddgfgmme [2016-07-14] CHR Extension: (Browsing Protection by F-Secure) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2016-07-24] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-14] CHR Extension: (Google Mail) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-14] CHR Extension: (Chrome Media Router) - C:\Users\TS Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-07-24] CHR HKU\S-1-5-21-3474957750-2762291774-2956588697-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gkmikccifolokanfakbeadbmgchomeli] - C:\Program Files (x86)\UnityMedia\apps\SafeSearch\Chrome\main.crx [2015-11-04] CHR HKU\S-1-5-21-3474957750-2762291774-2956588697-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gkmikccifolokanfakbeadbmgchomeli] - C:\Program Files (x86)\UnityMedia\apps\SafeSearch\Chrome\main.crx [2015-11-04] CHR HKU\S-1-5-21-3474957750-2762291774-2956588697-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gkmikccifolokanfakbeadbmgchomeli] - C:\Program Files (x86)\UnityMedia\apps\SafeSearch\Chrome\main.crx [2015-11-04] CHR HKU\S-1-5-21-3474957750-2762291774-2956588697-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gkmikccifolokanfakbeadbmgchomeli] - C:\Program Files (x86)\UnityMedia\apps\SafeSearch\Chrome\main.crx [2015-11-04] CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/UnityMedia/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2015-10-23] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S4 AppVClient; C:\Windows\system32\AppVClient.exe [823136 2016-07-17] (Microsoft Corporation) S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [337408 2016-07-16] (Microsoft Corporation) R2 CDPUserSvc_46eef; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation) R2 CDPUserSvc_46eef; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation) S3 FrameServer; C:\Windows\system32\FrameServer.dll [803840 2016-07-16] (Microsoft Corporation) R2 fshoster; C:\Program Files (x86)\UnityMedia\fshoster32.exe [186840 2016-03-11] (F-Secure Corporation) R3 FSMA; C:\Program Files (x86)\UnityMedia\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2015-11-24] (F-Secure Corporation) R2 FSORSPClient; C:\Program Files (x86)\UnityMedia\apps\CCF_Reputation\fsorsp.exe [60456 2016-07-22] (F-Secure Corporation) S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [374360 2016-07-14] (Intel Corporation) S3 RmSvc; C:\Windows\System32\RMapi.dll [141312 2016-07-16] (Microsoft Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-17] (Microsoft Corporation) S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation) R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation) S4 UevAgentService; C:\Windows\system32\AgentService.exe [1227264 2016-07-17] (Microsoft Corporation) S3 vmicrdv; C:\Windows\System32\icsvcext.dll [349696 2016-07-16] (Microsoft Corporation) S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2016-07-16] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) S3 wisvc; C:\Windows\system32\flightsettings.dll [614912 2016-07-16] (Microsoft Corporation) S3 WpnUserService; C:\Windows\System32\WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation) S3 WpnUserService_46eef; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation) S3 WpnUserService_46eef; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation) S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation) S3 AppvStrm; C:\Windows\system32\drivers\AppvStrm.sys [126304 2016-07-17] (Microsoft Corporation) S3 AppvVemgr; C:\Windows\system32\drivers\AppvVemgr.sys [157024 2016-07-17] (Microsoft Corporation) S3 AppvVfs; C:\Windows\system32\drivers\AppvVfs.sys [141152 2016-07-17] (Microsoft Corporation) S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533856 2016-07-16] (QLogic Corporation) S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [346976 2016-07-16] (Chelsio Communications) S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104160 2016-07-16] (Chelsio Communications) R2 clreg; C:\Windows\System32\drivers\registry.sys [70144 2016-07-16] (Microsoft Corporation) R3 F-Secure Gatekeeper; C:\Program Files (x86)\UnityMedia\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [226512 2016-07-22] (F-Secure Corporation) R1 F-Secure HIPS; C:\Program Files (x86)\UnityMedia\apps\ComputerSecurity\HIPS\drivers\fshs.sys [106696 2016-07-22] (F-Secure Corporation) R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [73928 2016-07-22] () R3 fsni; C:\Program Files (x86)\UnityMedia\apps\CCF_Scanning\bin\fsni64.sys [110272 2016-07-22] (F-Secure Corporation) S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [73568 2016-07-16] (Microsoft Corporation) S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2016-07-16] (Intel(R) Corporation) S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation) S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation) R0 iorate; C:\Windows\System32\drivers\iorate.sys [45920 2016-07-16] (Microsoft Corporation) R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-24] (Malwarebytes) R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [202032 2016-01-19] (Intel Corporation) S3 MsSecFlt; C:\Windows\System32\drivers\mssecflt.sys [179040 2016-07-17] (Microsoft Corporation) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58720 2016-07-16] (Avago Technologies) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [937728 2016-07-14] (Realtek ) S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [88416 2016-07-16] (Microsoft Corporation) S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [123904 2016-07-16] (Microsoft Corporation) S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation) S4 UevAgentDriver; C:\Windows\system32\drivers\UevAgentDriver.sys [40288 2016-07-17] (Microsoft Corporation) S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation) R0 volume; C:\Windows\System32\drivers\volume.sys [16224 2016-07-16] (Microsoft Corporation) R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [119648 2016-07-16] (Microsoft Corporation) R2 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [66560 2016-07-16] (Microsoft Corporation) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) U3 WMPNetworkSvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation) NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation) NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-07-24 15:02 - 2016-07-24 15:02 - 00000000 ____D C:\FRST 2016-07-24 15:00 - 2016-07-24 15:02 - 00000000 ____D C:\Users\TS Benutzer\Desktop\Trojanerboard 2016-07-24 14:10 - 2016-07-24 14:10 - 01882928 _____ C:\Users\TS Admin\Downloads\documents-export-2016-07-24.zip 2016-07-24 14:02 - 2016-07-24 14:02 - 00001610 _____ C:\Users\TS Admin\Desktop\startup2.txt 2016-07-24 14:02 - 2016-07-24 14:02 - 00001610 _____ C:\Users\TS Admin\Desktop\startup1.txt 2016-07-24 13:55 - 2016-07-24 13:55 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2016-07-24 13:33 - 2016-07-24 13:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-07-24 13:33 - 2016-07-24 13:33 - 00000000 ____D C:\Program Files\CCleaner 2016-07-24 12:05 - 2016-07-24 12:05 - 00000000 ____D C:\ProgramData\mquadr.at 2016-07-24 12:04 - 2016-07-24 12:04 - 00000000 ____D C:\Users\TS Admin\AppData\Local\UPC 2016-07-24 12:04 - 2012-12-03 15:58 - 00279040 ____N (Nicomsoft Ltd.) C:\WINDOWS\system32\WiFiMan.dll 2016-07-24 12:04 - 2012-12-03 15:57 - 00238592 ____N (Nicomsoft Ltd.) C:\WINDOWS\SysWOW64\WiFiMan.dll 2016-07-24 11:29 - 2016-07-24 11:33 - 00000000 ____D C:\ProgramData\TEMP 2016-07-24 11:25 - 2016-07-24 11:25 - 00987728 _____ (Google Inc.) C:\Users\TS Admin\Downloads\ChromeSetup (1).exe 2016-07-24 11:12 - 2016-07-24 11:12 - 00000000 ____D C:\Users\TS Admin\AppData\Local\F-Secure 2016-07-24 10:52 - 2016-07-24 10:52 - 00000000 ____D C:\Users\TS Benutzer\Documents\Simply Super Software 2016-07-23 23:57 - 2016-07-23 23:57 - 00000000 ____D C:\ProgramData\Simply Super Software 2016-07-23 15:34 - 2016-07-23 22:47 - 00000000 ____D C:\Users\TS Benutzer\AppData\Roaming\vlc 2016-07-23 15:34 - 2016-07-23 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2016-07-23 15:34 - 2016-07-23 15:34 - 00000000 ____D C:\Program Files\VideoLAN 2016-07-23 06:22 - 2016-07-23 06:22 - 00000000 ____D C:\Program Files\CMAK 2016-07-23 06:22 - 2016-07-23 06:22 - 00000000 ____D C:\Program Files (x86)\CMAK 2016-07-23 03:30 - 2016-07-20 07:42 - 00842592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-07-23 03:30 - 2016-07-20 07:33 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-07-23 03:30 - 2016-07-20 07:33 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-07-23 03:30 - 2016-07-20 02:50 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2016-07-23 03:30 - 2016-07-20 02:45 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-07-23 03:30 - 2016-07-20 02:45 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-07-23 03:30 - 2016-07-20 02:45 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-07-23 03:30 - 2016-07-20 02:44 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-07-23 03:30 - 2016-07-20 02:36 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-07-23 03:30 - 2016-07-20 02:36 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-07-23 03:30 - 2016-07-20 02:08 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-07-22 07:45 - 2016-07-22 07:45 - 00001098 _____ C:\Users\TS Admin\Desktop\SIW Pro.lnk 2016-07-22 07:45 - 2016-07-22 07:45 - 00000000 __SHD C:\Users\TS Admin\AppData\Local\icsxml 2016-07-22 07:45 - 2016-07-22 07:45 - 00000000 __SHD C:\ProgramData\ms-drivers 2016-07-22 07:45 - 2016-07-22 07:45 - 00000000 __SHD C:\ProgramData\icsxml 2016-07-22 07:45 - 2016-07-22 07:45 - 00000000 ____D C:\Users\TS Admin\AppData\Local\CrashRpt 2016-07-22 07:45 - 2016-07-22 07:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIW Pro 2016-07-22 07:45 - 2016-07-22 07:45 - 00000000 ____D C:\Program Files (x86)\SIW Pro Edition 2016-07-22 07:29 - 2016-07-22 07:38 - 00000000 ____D C:\Users\TS Benutzer\AppData\Local\FSDART 2016-07-22 07:28 - 2016-07-24 10:46 - 00000668 _____ C:\WINDOWS\Tasks\Scheduled scanning task.job 2016-07-22 07:28 - 2016-07-24 00:00 - 00003634 _____ C:\WINDOWS\System32\Tasks\Scheduled scanning task 2016-07-22 07:23 - 2016-07-22 07:27 - 00073928 _____ C:\WINDOWS\system32\Drivers\fsbts.sys 2016-07-22 07:20 - 2016-07-22 07:29 - 00000000 ____D C:\Users\TS Benutzer\AppData\Local\F-Secure 2016-07-22 07:20 - 2016-07-22 07:21 - 00000000 ____D C:\Program Files (x86)\UnityMedia 2016-07-22 07:20 - 2016-07-22 07:20 - 00000000 ____D C:\WINDOWS\System32\Tasks\F-Secure 2016-07-22 07:20 - 2016-07-22 07:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnityMedia 2016-07-22 07:19 - 2016-07-22 07:22 - 00000000 ____D C:\ProgramData\F-Secure 2016-07-21 20:28 - 2016-07-21 20:39 - 00000000 ____D C:\WINDOWS\Microsoft Antimalware 2016-07-21 20:10 - 2016-07-21 20:10 - 00000020 ___SH C:\Users\TS Benutzer\ntuser.ini 2016-07-21 19:22 - 2016-07-24 13:34 - 00000000 ___DC C:\WINDOWS\Panther 2016-07-21 19:20 - 2016-07-21 19:20 - 00000000 ____D C:\Windows.old 2016-07-21 19:18 - 2016-07-21 19:18 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2016-07-21 19:18 - 2016-07-21 18:23 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2016-07-21 18:40 - 2016-07-21 18:40 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2016-07-21 18:38 - 2016-07-21 18:38 - 00000020 ___SH C:\Users\TS Admin\ntuser.ini 2016-07-21 18:36 - 2016-07-24 14:21 - 01783496 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-07-21 18:36 - 2016-07-21 18:36 - 00000000 ____D C:\ProgramData\USOShared 2016-07-21 18:35 - 2016-07-21 18:35 - 00000000 _SHDL C:\Users\Default\Vorlagen 2016-07-21 18:35 - 2016-07-21 18:35 - 00000000 _SHDL C:\Users\Default\Startmenü 2016-07-21 18:35 - 2016-07-21 18:35 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2016-07-21 18:35 - 2016-07-21 18:35 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2016-07-21 18:35 - 2016-07-21 18:35 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2016-07-21 18:35 - 2016-07-21 18:35 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2016-07-21 18:35 - 2016-07-21 18:35 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos 2016-07-21 18:35 - 2016-07-21 18:35 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2016-07-21 18:35 - 2016-07-21 18:35 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2016-07-21 18:35 - 2016-07-21 18:35 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-07-21 18:35 - 2016-07-21 18:35 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2016-07-21 18:35 - 2016-07-21 18:35 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2016-07-21 18:35 - 2016-07-21 18:35 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2016-07-21 18:35 - 2016-07-21 18:35 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos 2016-07-21 18:35 - 2016-07-21 18:35 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2016-07-21 18:35 - 2016-07-21 18:35 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2016-07-21 18:35 - 2016-07-21 18:35 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-07-21 18:35 - 2016-07-21 18:35 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2016-07-21 18:35 - 2016-07-21 18:35 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2016-07-21 18:34 - 2016-07-21 18:35 - 00011433 _____ C:\WINDOWS\diagwrn.xml 2016-07-21 18:34 - 2016-07-21 18:35 - 00011433 _____ C:\WINDOWS\diagerr.xml 2016-07-21 18:33 - 2016-07-24 14:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-07-21 18:33 - 2016-07-21 18:33 - 00003662 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-07-21 18:33 - 2016-07-21 18:33 - 00003438 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-07-21 18:33 - 2016-07-21 18:33 - 00003320 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F3221778-9BF8-4750-A2B0-0F557D7D5103} 2016-07-21 18:28 - 2016-07-21 18:28 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2016-07-21 18:27 - 2016-07-24 00:23 - 00000000 ____D C:\Users\TS Benutzer 2016-07-21 18:27 - 2016-07-21 18:38 - 00000000 ____D C:\Users\TS Admin 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Benutzer\Vorlagen 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Benutzer\Startmenü 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Benutzer\Netzwerkumgebung 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Benutzer\Lokale Einstellungen 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Benutzer\Eigene Dateien 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Benutzer\Druckumgebung 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Benutzer\Documents\Eigene Videos 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Benutzer\Documents\Eigene Musik 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Benutzer\Documents\Eigene Bilder 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Benutzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Benutzer\AppData\Local\Verlauf 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Benutzer\AppData\Local\Anwendungsdaten 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Benutzer\Anwendungsdaten 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Admin\Vorlagen 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Admin\Startmenü 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Admin\Netzwerkumgebung 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Admin\Lokale Einstellungen 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Admin\Eigene Dateien 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Admin\Druckumgebung 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Admin\Documents\Eigene Videos 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Admin\Documents\Eigene Musik 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Admin\Documents\Eigene Bilder 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Admin\AppData\Local\Verlauf 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Admin\AppData\Local\Anwendungsdaten 2016-07-21 18:27 - 2016-07-21 18:27 - 00000000 _SHDL C:\Users\TS Admin\Anwendungsdaten 2016-07-21 18:24 - 2016-07-24 14:17 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-07-21 18:24 - 2016-07-21 18:24 - 00000568 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2016-07-21 18:24 - 2016-07-21 18:24 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2016-07-21 18:24 - 2016-07-21 18:24 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2016-07-21 18:24 - 2016-07-21 18:24 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2016-07-21 18:24 - 2016-07-21 18:24 - 00000000 ____D C:\WINDOWS\system32\DAX2 2016-07-21 18:24 - 2016-07-21 18:24 - 00000000 ____D C:\Program Files\Realtek 2016-07-21 18:24 - 2016-07-21 18:24 - 00000000 ____D C:\Program Files\Intel 2016-07-21 18:24 - 2016-07-21 18:24 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin 2016-07-21 18:24 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2016-07-21 18:24 - 2016-07-14 04:07 - 00100488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2016-07-21 18:23 - 2016-07-23 06:23 - 00194296 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-07-21 18:23 - 2016-07-21 18:23 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2016-07-21 18:23 - 2016-07-21 18:23 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-07-21 18:23 - 2016-07-21 18:23 - 00000000 ____D C:\Program Files\Common Files\Atheros 2016-07-17 19:29 - 2016-07-17 19:29 - 00000000 ___DL C:\Users\TS Benutzer\AppData\LocalLow\PlayReady 2016-07-17 18:49 - 2016-07-21 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-07-17 18:49 - 2016-07-17 18:49 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-07-17 18:49 - 2016-07-17 18:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2016-07-17 17:36 - 2016-07-17 17:36 - 00000000 ____D C:\Users\TS Admin\AppData\Local\ManyCam 2016-07-17 17:35 - 2016-07-21 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam 2016-07-17 17:35 - 2016-07-17 17:36 - 00000000 ____D C:\ProgramData\ManyCam 2016-07-17 17:35 - 2016-07-17 17:35 - 00000000 ____D C:\Users\TS Admin\AppData\Roaming\ManyCam 2016-07-17 17:35 - 2016-07-17 17:35 - 00000000 ____D C:\Program Files (x86)\ManyCam 2016-07-17 17:32 - 2016-07-21 18:29 - 00000000 ____D C:\Users\TS Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2016-07-17 17:32 - 2016-07-17 17:32 - 00001341 _____ C:\Users\TS Admin\Desktop\Revo Uninstaller.lnk 2016-07-17 17:32 - 2016-07-17 17:32 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2016-07-17 17:24 - 2016-07-17 17:24 - 00000000 _SHDL C:\Users\Default.migrated\Vorlagen 2016-07-17 17:24 - 2016-07-17 17:24 - 00000000 _SHDL C:\Users\Default.migrated\Startmenü 2016-07-17 17:24 - 2016-07-17 17:24 - 00000000 _SHDL C:\Users\Default.migrated\Netzwerkumgebung 2016-07-17 17:24 - 2016-07-17 17:24 - 00000000 _SHDL C:\Users\Default.migrated\Lokale Einstellungen 2016-07-17 17:24 - 2016-07-17 17:24 - 00000000 _SHDL C:\Users\Default.migrated\Eigene Dateien 2016-07-17 17:24 - 2016-07-17 17:24 - 00000000 _SHDL C:\Users\Default.migrated\Druckumgebung 2016-07-17 17:24 - 2016-07-17 17:24 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Videos 2016-07-17 17:24 - 2016-07-17 17:24 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Musik 2016-07-17 17:24 - 2016-07-17 17:24 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Bilder 2016-07-17 17:24 - 2016-07-17 17:24 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-07-17 17:24 - 2016-07-17 17:24 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Verlauf 2016-07-17 17:24 - 2016-07-17 17:24 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Anwendungsdaten 2016-07-17 17:24 - 2016-07-17 17:24 - 00000000 _SHDL C:\Users\Default.migrated\Anwendungsdaten 2016-07-17 12:03 - 2016-07-17 12:03 - 00000000 ____D C:\Users\TS Admin\Desktop\abfahrtsmonitor 2016-07-17 11:45 - 2016-07-21 18:38 - 00000000 ____D C:\Users\TS Admin\AppData\Local\ConnectedDevicesPlatform 2016-07-17 01:35 - 2016-07-21 07:46 - 00000000 ___HD C:\$WINDOWS.~BT 2016-07-17 00:58 - 2016-07-17 00:58 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\quickassist.exe 2016-07-17 00:58 - 2016-07-16 13:43 - 00033882 _____ C:\WINDOWS\Professional.xml 2016-07-17 00:57 - 2016-07-14 04:07 - 00104576 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll 2016-07-17 00:56 - 2016-07-17 00:57 - 00000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents 2016-07-17 00:56 - 2016-07-17 00:57 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2016-07-17 00:56 - 2016-07-17 00:56 - 00000000 ____D C:\WINDOWS\RemotePackages 2016-07-17 00:52 - 2016-07-17 00:52 - 00000000 ____D C:\WINDOWS\OCR 2016-07-17 00:51 - 2016-07-24 14:21 - 00677836 _____ C:\WINDOWS\system32\perfh007.dat 2016-07-17 00:51 - 2016-07-24 14:21 - 00143290 _____ C:\WINDOWS\system32\perfc007.dat 2016-07-17 00:51 - 2016-07-17 00:51 - 00000000 ____D C:\WINDOWS\SKB 2016-07-17 00:51 - 2016-07-17 00:50 - 00305594 _____ C:\WINDOWS\system32\perfi007.dat 2016-07-17 00:51 - 2016-07-17 00:50 - 00040390 _____ C:\WINDOWS\system32\perfd007.dat 2016-07-17 00:50 - 2016-07-17 00:57 - 00000000 ____D C:\WINDOWS\system32\de 2016-07-17 00:50 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm 2016-07-17 00:50 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2016-07-17 00:50 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep 2016-07-17 00:50 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2016-07-17 00:50 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2016-07-17 00:50 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\de 2016-07-17 00:50 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\0409 2016-07-17 00:50 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\winrm 2016-07-17 00:50 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\WCN 2016-07-17 00:50 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\slmgr 2016-07-17 00:50 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2016-07-17 00:50 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\0409 2016-07-17 00:50 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\DigitalLocker 2016-07-16 23:06 - 2016-07-16 23:06 - 00000000 ____D C:\Users\TS Benutzer\Documents\Zoom 2016-07-16 14:40 - 2016-07-16 14:40 - 00000000 _SHDL C:\Users\Default User 2016-07-16 14:40 - 2016-07-16 14:40 - 00000000 _SHDL C:\Users\All Users 2016-07-16 13:49 - 2016-07-16 13:49 - 00000000 ____D C:\WINDOWS\Setup 2016-07-16 13:49 - 2016-07-16 13:44 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-07-16 13:49 - 2016-07-16 13:44 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-07-16 13:47 - 2016-07-24 14:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-07-16 13:47 - 2016-07-24 14:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-07-16 13:47 - 2016-07-22 07:19 - 00000000 ____D C:\WINDOWS\appcompat 2016-07-16 13:47 - 2016-07-21 19:22 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2016-07-16 13:47 - 2016-07-21 19:17 - 00000000 ____D C:\WINDOWS\system32\setup 2016-07-16 13:47 - 2016-07-21 19:17 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2016-07-16 13:47 - 2016-07-21 18:36 - 00000000 ____D C:\WINDOWS\rescache 2016-07-16 13:47 - 2016-07-21 18:36 - 00000000 ____D C:\ProgramData\USOPrivate 2016-07-16 13:47 - 2016-07-21 18:35 - 00000000 ____D C:\Program Files\Windows NT 2016-07-16 13:47 - 2016-07-21 18:34 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2016-07-16 13:47 - 2016-07-21 18:34 - 00000000 ____D C:\WINDOWS\Registration 2016-07-16 13:47 - 2016-07-21 18:32 - 00000000 __RHD C:\Users\Public\Libraries 2016-07-16 13:47 - 2016-07-21 18:31 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-07-16 13:47 - 2016-07-21 18:29 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files 2016-07-16 13:47 - 2016-07-21 18:29 - 00000000 ____D C:\WINDOWS\system32\spool 2016-07-16 13:47 - 2016-07-21 18:25 - 00000000 ___RD C:\WINDOWS\PrintDialog 2016-07-16 13:47 - 2016-07-21 18:25 - 00000000 ___RD C:\WINDOWS\MiracastView 2016-07-16 13:47 - 2016-07-21 18:25 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-07-16 13:47 - 2016-07-17 00:58 - 00000000 ____D C:\WINDOWS\SystemApps 2016-07-16 13:47 - 2016-07-17 00:56 - 00000000 ____D C:\WINDOWS\security 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ___SD C:\WINDOWS\system32\dsc 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\setup 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\Com 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\MUI 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\migwiz 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\Com 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\IME 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\Help 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ____D C:\Program Files\Windows Defender 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ____D C:\Program Files\Common Files\System 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2016-07-16 13:47 - 2016-07-17 00:50 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files\Windows Sidebar 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\Nui 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\Configuration 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\Offline Web Pages 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Web 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Vss 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\tracing 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\TAPI 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\ras 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SystemResources 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinMetadata 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\winevt 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\ras 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\ProximityToast 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\PointOfService 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MsDtc 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Ipmi 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\InputMethod 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\IME 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\icsxml 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\ias 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\DDFs 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\config\Journal 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Bthprops 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\AppLocker 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\System 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\schemas 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SchCache 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Resources 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PLA 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Performance 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ModemLogs 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\L2Schemas 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\InputMethod 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\InfusedApps 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Globalization 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\GameBarPresenceWriter 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Cursors 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Branding 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\Comms 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Portable Devices 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\Services 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows NT 2016-07-16 13:47 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2016-07-16 13:47 - 2016-07-16 13:45 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2016-07-16 13:47 - 2016-07-16 13:45 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat 2016-07-16 13:47 - 2016-07-16 13:45 - 00215943 _____ C:\WINDOWS\system32\dssec.dat 2016-07-16 13:47 - 2016-07-16 13:45 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2016-07-16 13:47 - 2016-07-16 13:45 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2016-07-16 13:47 - 2016-07-16 13:45 - 00004096 _____ C:\WINDOWS\system32\config\VSMIDK 2016-07-16 13:47 - 2016-07-16 13:45 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam 2016-07-16 13:47 - 2016-07-16 13:45 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json 2016-07-16 13:47 - 2016-07-16 13:45 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT 2016-07-16 13:47 - 2016-07-16 13:45 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT 2016-07-16 13:45 - 2016-07-24 13:34 - 00000000 ____D C:\WINDOWS\INF 2016-07-16 13:44 - 2016-07-17 00:56 - 02549760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkAnalysisLegacyCom.dll 2016-07-16 13:44 - 2016-07-17 00:56 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2016-07-16 13:44 - 2016-07-17 00:56 - 00565760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll 2016-07-16 13:44 - 2016-07-17 00:56 - 00360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe 2016-07-16 13:44 - 2016-07-17 00:56 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDistSh.dll 2016-07-16 13:44 - 2016-07-17 00:56 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll 2016-07-16 13:44 - 2016-07-17 00:56 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll 2016-07-16 13:44 - 2016-07-17 00:56 - 00268552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpendp.dll 2016-07-16 13:44 - 2016-07-17 00:56 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll 2016-07-16 13:44 - 2016-07-17 00:56 - 00177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys 2016-07-16 13:44 - 2016-07-17 00:56 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgmts.dll 2016-07-16 13:44 - 2016-07-17 00:56 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveprompt.exe 2016-07-16 13:44 - 2016-07-17 00:56 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfg.exe 2016-07-16 13:44 - 2016-07-17 00:56 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\baaupdate.exe 2016-07-16 13:44 - 2016-07-17 00:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll 2016-07-16 13:44 - 2016-07-17 00:56 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerWizardElev.exe 2016-07-16 13:44 - 2016-07-17 00:56 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerWizard.exe 2016-07-16 13:44 - 2016-07-17 00:56 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfdts.dll 2016-07-16 13:44 - 2016-07-17 00:56 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll 2016-07-16 13:44 - 2016-07-17 00:56 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.exe 2016-07-16 13:44 - 2016-07-17 00:56 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll 2016-07-16 13:44 - 2016-07-17 00:56 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeSysprep.dll 2016-07-16 13:44 - 2016-07-17 00:51 - 12039168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0007.dll 2016-07-16 13:44 - 2016-07-17 00:51 - 12039168 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0007.dll 2016-07-16 13:44 - 2016-07-17 00:51 - 02083328 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0007.dll 2016-07-16 13:44 - 2016-07-17 00:51 - 01997312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0007.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 32693432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 31664048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 19422208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 11854848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 04827280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2016-07-16 13:44 - 2016-07-16 13:44 - 02231288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL 2016-07-16 13:44 - 2016-07-16 13:44 - 02065408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 02002944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 01197712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 01195008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 01025680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00987848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00707216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00645472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2016-07-16 13:44 - 2016-07-16 13:44 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceApi.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr 2016-07-16 13:44 - 2016-07-16 13:44 - 00522752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceApi.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr 2016-07-16 13:44 - 2016-07-16 13:44 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpunits.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00484552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceStatus.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceStatus.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provsvc.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDSp.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00360960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2PGraph.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2016-07-16 13:44 - 2016-07-16 13:44 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srchadmin.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDSp.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcl.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00279960 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00273232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL 2016-07-16 13:44 - 2016-07-16 13:44 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cewmdm.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\elshyph.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\audiodev.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cewmdm.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpeval.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drt.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\elshyph.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceTypes.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\p2pnetsh.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmidx.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceWiaCompat.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceTypes.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceWiaCompat.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wclPowrProf.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\repair-bde.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceClassExtension.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wclUnicode.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\racpldlg.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceClassExtension.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raserver.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msra.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\whealogr.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Cache.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdmps.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00089560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys 2016-07-16 13:44 - 2016-07-16 13:44 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logagent.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\srhelper.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\BlbEvents.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pnrpnsp.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceConnectApi.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00067216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\blb_ps.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wclEtw.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceConnectApi.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drtprov.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmler.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bderepair.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drttransport.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdchange.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsepno.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdmlog.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdmps.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdmlog.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShextAutoplay.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00030560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WpdUpFltr.sys 2016-07-16 13:44 - 2016-07-16 13:44 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofTasks.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00029408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraSettingsUIHost.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShextAutoplay.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\srwmi.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecerts.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscTimer.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dscproxy.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\srdelayed.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00018600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Management.Infrastructure.Native.Unmanaged.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srdelayed.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wclSqm.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Management.Infrastructure.Native.Unmanaged.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe 2016-07-16 13:44 - 2016-07-16 13:44 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LAPRXY.DLL 2016-07-16 13:44 - 2016-07-16 13:44 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wclWdi.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb 2016-07-16 13:44 - 2016-07-16 13:44 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb 2016-07-16 13:44 - 2016-07-16 13:44 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrEvents.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asferror.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\blbres.dll 2016-07-16 13:44 - 2016-07-16 13:44 - 00001649 _____ C:\WINDOWS\SysWOW64\WindowsCodecsRaw.txt 2016-07-16 13:44 - 2016-07-16 13:44 - 00001649 _____ C:\WINDOWS\system32\WindowsCodecsRaw.txt 2016-07-16 13:44 - 2016-07-16 13:44 - 00000874 _____ C:\WINDOWS\system32\manage-bde.wsf 2016-07-16 13:43 - 2016-07-17 00:56 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 03584000 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkAnalysisLegacyCom.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 02414432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 02232832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 02155872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 01949696 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 01651552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 01461088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 01381728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 01344512 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsCpl.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsCpl.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 01222144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 01165824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00935936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00823136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mblctr.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00751968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCacheProvider.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00699232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00679936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvgogl32.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00562528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys 2016-07-16 13:43 - 2016-07-17 00:56 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrptadm.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00512864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SnippingTool.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrptadm.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00454144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AdmTmpl.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSh.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppIdPolicyEngineApi.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrpUxNativeSnapIn.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SrpUxNativeSnapIn.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00298536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpendp.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00291680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ManagedEventLogging.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppIdPolicyEngineApi.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmstormod.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\srm.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srm.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddputils.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00268128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ppcsnap.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00236384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddpchunk.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuditNativeSnapIn.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\tspubwmi.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuditNativeSnapIn.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwsharedperformance.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppvClientEventLog.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationSettings.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CmUtil.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscobj.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00202592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgmts.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmstormod.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00190816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00190304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mavinject.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvgocl32.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistWSDDiscoProv.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hwrreg.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinput.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00179040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys 2016-07-16 13:43 - 2016-07-17 00:56 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmshell.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvgu1132.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00157024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys 2016-07-16 13:43 - 2016-07-17 00:56 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mavinject.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00147439 _____ C:\WINDOWS\SysWOW64\gpedit.msc 2016-07-16 13:43 - 2016-07-17 00:56 - 00147439 _____ C:\WINDOWS\system32\gpedit.msc 2016-07-16 13:43 - 2016-07-17 00:56 - 00146389 _____ C:\WINDOWS\system32\printmanagement.msc 2016-07-16 13:43 - 2016-07-17 00:56 - 00145760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CscMig.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00141152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVfs.sys 2016-07-16 13:43 - 2016-07-17 00:56 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.SecureAssessment.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddptrace.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\adrclient.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsClassExtension.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwclientres.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmshell.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppManagementConfiguration.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00126304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys 2016-07-16 13:43 - 2016-07-17 00:56 - 00120458 _____ C:\WINDOWS\system32\secpol.msc 2016-07-16 13:43 - 2016-07-17 00:56 - 00119808 ____R (Microsoft Corporation) C:\WINDOWS\system32\SecureAssessmentHandlers.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppManagementConfiguration.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00108544 _____ C:\WINDOWS\system32\RDVGHelper.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adrclient.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvgumd32.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessCsp.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00096768 ____R (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.SecureAssessment.CfgProvider.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\auditpolmsg.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\auditpolmsg.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmlib.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmlib.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\IoTAssignedAccessLockFramework.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsign.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageInspector.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmtrace.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncController.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dggpext.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00075104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuditPolicyGPInterop.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintBrmUi.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeSubscription.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmtrace.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuditPolicyGPInterop.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppCore.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAppMonitor.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistHttpTrans.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddp_ps.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CabUtil.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DFDWiz.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00051040 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedapplauncher.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RotMgr.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hwrcomp.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.EventLogMessages.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00043566 _____ C:\WINDOWS\SysWOW64\rsop.msc 2016-07-16 13:43 - 2016-07-17 00:56 - 00043566 _____ C:\WINDOWS\system32\rsop.msc 2016-07-16 13:43 - 2016-07-17 00:56 - 00042848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmbeddedAppLauncherConfig.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistAD.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAgentPolicyGenerator.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00040800 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmbeddedAppLauncherConfig.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00040288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UevAgentDriver.sys 2016-07-16 13:43 - 2016-07-17 00:56 - 00039776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClientPS.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CIWmi.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\srm_ps.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00029536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys 2016-07-16 13:43 - 2016-07-17 00:56 - 00029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\qwinsta.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\qprocess.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorPerformanceEvents.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVClientPS.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msg.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32_DeviceGuard.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\quser.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\chgport.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\qappsrv.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tskill.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsdiscon.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscon.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Management.WmiAccess.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoff.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rwinsta.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\chglogon.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorCustomAdbAlgorithm.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\chgusr.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00021856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScriptRunner.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Management.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppData.WinRT.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVTerminator.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncCommon.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.WinRT.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00018272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVTerminator.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.LocalSyncProvider.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\reset.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\change.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srm_ps.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\query.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00015200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVSentinel.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernSync.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevTemplateBaselineGenerator.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AgentDriverEvents.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwstreamingux.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVSentinel.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSErrRedir.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevTemplateConfigItemGenerator.exe 2016-07-16 13:43 - 2016-07-17 00:56 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SmbSyncProvider.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.MonitorSyncProvider.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncConditions.dll 2016-07-16 13:43 - 2016-07-17 00:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.SecureAssessment.Diagnostics.dll 2016-07-16 13:43 - 2016-07-17 00:51 - 11602432 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0007.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 26217472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imageres.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 22571520 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 12760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 09569280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmres.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSetup.exe 2016-07-16 13:43 - 2016-07-16 13:43 - 08124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 07623168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 07217664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe 2016-07-16 13:43 - 2016-07-16 13:43 - 05726864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 05682688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 05110272 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 05088768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthFWSnapin.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 04748288 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-07-16 13:43 - 2016-07-16 13:43 - 04238336 _____ (Microsoft) C:\WINDOWS\SysWOW64\GameUXLegacyGDFs.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 04238336 _____ (Microsoft) C:\WINDOWS\system32\GameUXLegacyGDFs.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 04184576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 04060672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 03309056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 03194368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 02813440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2016-07-16 13:43 - 2016-07-16 13:43 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 02398616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL 2016-07-16 13:43 - 2016-07-16 13:43 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 02251440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 02217472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 02148864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-07-16 13:43 - 2016-07-16 13:43 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-07-16 13:43 - 2016-07-16 13:43 - 01910496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplaySwitch.exe 2016-07-16 13:43 - 2016-07-16 13:43 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 01660928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0000.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 01560064 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfshim.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2016-07-16 13:43 - 2016-07-16 13:43 - 01535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 01516032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0000.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll 2016-07-16 13:43 - 2016-07-16 13:43 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll Geändert von nick99cgn (24.07.2016 um 15:34 Uhr) |
| Themen zu Win 10: unbekannte Ordner und Javascript Datei unter C:/ gefunden |
| administrator, adobe, dateien, defender, download, downloader, explorer, firewall, google, malwarebytes, microsoft, msascuil.exe, ordner, problem, programme, prozesse, realtek, registry, router, rundll, scan, software, super, svchost.exe, system, windows, windowsapps, wmp |
Baum-Darstellung