Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

cablemodem hacked?


  • This topic is locked This topic is locked
5 replies to this topic

#1 Umbrella12

Umbrella12

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 15 May 2016 - 11:45 AM

Hello i have a big problem since wednesday ...  I am playing active Online Games how counter strike - all was fine.  But since Wednesday i got permanent DDOS attacks from different Ip Adresses, so i tried to change my Ip (Netgear N300 Router)  but it dont helps,. then i rebooted my Modem and Router - nothing helps,

Then 12 hours shutdown my Router and Modem  (I am from Germany, Kabel Deutschland)  nothing helps, then i reinstalled WIndows 7 64 Bit new -

Nothing works ,  so then i tried only with my cablemodem - but nothing works,  my speed is 100 000 kbit/s  now i have 100 kb/s for Download and my Upload dont work.

My connection permanent breaking down, sometimes only google work, all other sites Offline..

And i checked other Programs for check virus, nothing found, so i installed combofix and i hope anyone can help me ...

Here is the LOG

ComboFix 16-04-29.01 - Umbrella Hunter 15.05.2016  18:10:01.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8076.6067 [GMT 2:00]
ausgeführt von:: F:\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\UMBREL~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Umbrella Hunter\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2016-04-15 bis 2016-05-15  ))))))))))))))))))))))))))))))
.
.
2016-05-15 16:20 . 2016-05-15 16:20 118 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-15 16:15 . 2016-05-15 16:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-05-15 15:56 . 2016-05-15 16:01 -------- d-----w- C:\AdwCleaner
2016-05-15 15:54 . 2016-05-15 15:54 -------- d-----w- c:\program files\CCleaner
2016-05-15 15:52 . 2016-05-15 15:52 -------- d-----w- c:\program files (x86)\Trojancheck 6
2016-05-15 09:30 . 2016-05-15 16:18 -------- d-----w- c:\program files (x86)\Steam
2016-05-15 07:57 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2016-05-15 07:57 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2016-05-15 07:57 . 2012-08-23 13:24 15360 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2016-05-15 07:57 . 2012-08-23 14:13 243200 ----a-w- c:\windows\system32\rdpudd.dll
2016-05-15 07:57 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2016-05-15 07:57 . 2012-08-23 09:51 3174912 ----a-w- c:\windows\system32\rdpcorets.dll
2016-05-15 07:24 . 2016-05-15 07:37 -------- d-----w- c:\windows\system32\MRT
2016-05-15 07:06 . 2016-05-15 07:06 -------- d-s---w- c:\windows\SysWow64\GWX
2016-05-15 07:06 . 2016-05-15 07:12 -------- d-s---w- c:\windows\system32\GWX
2016-05-15 07:06 . 2016-05-15 07:06 -------- d-s---w- c:\windows\system32\CompatTel
2016-05-15 07:06 . 2016-05-15 07:06 -------- d-----w- c:\windows\system32\appraiser
2016-05-14 21:19 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-05-14 21:04 . 2012-07-26 07:46 2560 ----a-w- c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2016-05-14 20:58 . 2015-08-05 17:56 22528 ----a-w- c:\windows\system32\icaapi.dll
2016-05-14 20:58 . 2015-08-05 17:06 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2016-05-14 20:57 . 2015-12-16 18:55 69120 ----a-w- c:\windows\system32\nlsbres.dll
2016-05-14 20:57 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\kbdgeoqw.dll
2016-05-14 20:57 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\KBDAZEL.DLL
2016-05-14 20:57 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\KBDAZE.DLL
2016-05-14 20:57 . 2015-12-16 18:48 6656 ----a-w- c:\windows\SysWow64\kbdgeoqw.dll
2016-05-14 20:57 . 2015-12-16 18:48 6656 ----a-w- c:\windows\SysWow64\KBDAZEL.DLL
2016-05-14 20:55 . 2016-03-09 19:00 444416 ----a-w- c:\windows\system32\winhttp.dll
2016-05-14 20:55 . 2016-03-09 19:00 396800 ----a-w- c:\windows\system32\webio.dll
2016-05-14 20:52 . 2016-05-14 20:52 -------- d-----w- c:\program files (x86)\Microsoft.NET
2016-05-14 20:52 . 2016-05-14 20:52 -------- d-----w- c:\windows\Migration
2016-05-14 20:41 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2016-05-14 20:41 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2016-05-14 20:41 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2016-05-14 20:41 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2016-05-14 20:41 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2016-05-14 20:41 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2016-05-14 20:41 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2016-05-14 17:46 . 2015-01-09 03:14 91136 ----a-w- c:\windows\system32\wdi.dll
2016-05-14 17:46 . 2015-01-09 03:14 950272 ----a-w- c:\windows\system32\perftrack.dll
2016-05-14 17:46 . 2015-01-09 03:14 29696 ----a-w- c:\windows\system32\powertracker.dll
2016-05-14 17:42 . 2015-12-08 19:07 978944 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2016-05-14 17:41 . 2015-11-19 14:07 994760 ----a-w- c:\windows\system32\ucrtbase.dll
2016-05-14 17:40 . 2016-04-09 06:57 405504 ----a-w- c:\windows\system32\gdi32.dll
2016-05-14 17:39 . 2016-04-23 04:48 615936 ----a-w- c:\windows\system32\ieui.dll
2016-05-14 17:38 . 2015-11-13 23:09 91648 ----a-w- c:\windows\system32\mapistub.dll
2016-05-14 17:37 . 2015-05-25 18:19 113664 ----a-w- c:\windows\system32\sechost.dll
2016-05-14 17:36 . 2016-01-21 00:51 73664 ----a-w- c:\windows\system32\drivers\disk.sys
2016-05-14 17:33 . 2014-08-01 11:53 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2016-05-14 17:32 . 2014-01-29 02:32 484864 ----a-w- c:\windows\system32\wer.dll
2016-05-14 17:32 . 2015-07-09 17:58 82944 ----a-w- c:\windows\system32\dwmapi.dll
2016-05-14 17:32 . 2015-07-09 17:58 1632256 ----a-w- c:\windows\system32\dwmcore.dll
2016-05-14 17:32 . 2015-07-09 17:42 67584 ----a-w- c:\windows\SysWow64\dwmapi.dll
2016-05-14 17:32 . 2015-07-09 17:42 1372160 ----a-w- c:\windows\SysWow64\dwmcore.dll
2016-05-14 17:32 . 2016-04-09 06:58 2048 ----a-w- c:\windows\system32\tzres.dll
2016-05-14 17:32 . 2015-07-15 03:19 52736 ----a-w- c:\windows\system32\basesrv.dll
2016-05-14 17:30 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl
2016-05-14 17:26 . 2015-07-01 20:49 260096 ----a-w- c:\windows\system32\WebClnt.dll
2016-05-14 17:26 . 2015-07-01 20:48 102912 ----a-w- c:\windows\system32\davclnt.dll
2016-05-14 17:26 . 2015-07-01 20:30 82432 ----a-w- c:\windows\SysWow64\davclnt.dll
2016-05-14 17:26 . 2013-12-04 02:16 658432 ----a-w- c:\windows\system32\RMActivate_isv.exe
2016-05-14 17:26 . 2013-12-04 02:16 626176 ----a-w- c:\windows\system32\RMActivate.exe
2016-05-14 17:26 . 2013-12-04 02:27 485888 ----a-w- c:\windows\system32\secproc_isv.dll
2016-05-14 17:26 . 2013-12-04 02:27 123392 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2016-05-14 17:26 . 2013-12-04 02:27 123392 ----a-w- c:\windows\system32\secproc_ssp.dll
2016-05-14 17:26 . 2013-12-04 02:27 488448 ----a-w- c:\windows\system32\secproc.dll
2016-05-14 17:26 . 2013-12-04 02:26 528384 ----a-w- c:\windows\system32\msdrm.dll
2016-05-14 17:26 . 2013-12-04 02:16 552960 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2016-05-14 17:26 . 2013-12-04 02:16 553984 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2016-05-14 17:21 . 2015-11-11 18:53 1735680 ----a-w- c:\windows\system32\comsvcs.dll
2016-05-14 17:19 . 2015-10-29 17:50 6656 ----a-w- c:\windows\system32\shimeng.dll
2016-05-14 17:18 . 2015-12-08 19:07 624640 ----a-w- c:\windows\system32\qedit.dll
2016-05-14 17:18 . 2015-06-25 10:06 115136 ----a-w- c:\windows\system32\consent.exe
2016-05-14 17:18 . 2015-06-25 10:01 70656 ----a-w- c:\windows\system32\appinfo.dll
2016-05-14 17:18 . 2016-04-14 13:49 603648 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2016-05-14 17:18 . 2016-04-14 13:21 647680 ----a-w- c:\windows\system32\d3d10level9.dll
2016-05-14 17:18 . 2015-02-18 07:04 142336 ----a-w- c:\windows\system32\poqexec.exe
2016-05-14 17:15 . 2016-02-09 09:57 14634496 ----a-w- c:\windows\system32\wmp.dll
2016-05-14 17:14 . 2016-04-09 03:52 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2016-05-14 16:45 . 2016-05-14 16:45 -------- d-----w- c:\windows\Sun
2016-05-14 16:42 . 2013-08-28 01:12 461312 ----a-w- c:\windows\system32\scavengeui.dll
2016-05-14 16:41 . 2016-05-14 16:41 -------- d-----w- c:\program files (x86)\Java
2016-05-14 16:38 . 2016-05-14 16:38 -------- d-----w- c:\program files (x86)\Common Files\Java
2016-05-14 16:37 . 2016-05-14 16:37 110144 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2016-05-14 16:37 . 2016-05-14 16:42 -------- d-----w- c:\programdata\Oracle
2016-05-14 16:37 . 2016-05-14 16:37 -------- d-----w- c:\program files\Java
2016-05-14 16:20 . 2016-05-14 16:20 -------- d-----w- C:\L4D
2016-05-14 16:12 . 2016-05-14 16:12 -------- d-----w- c:\program files (x86)\Common Files\Skype
2016-05-14 16:12 . 2016-05-14 16:12 -------- d-----r- c:\program files (x86)\Skype
2016-05-14 16:12 . 2016-05-14 16:12 -------- d-----w- c:\programdata\Skype
2016-05-14 12:03 . 2016-05-14 12:03 -------- d-----w- C:\c99eb5eda2aa9164f1de
2016-05-14 11:51 . 2015-06-15 21:45 504320 ----a-w- c:\windows\system32\msihnd.dll
2016-05-14 11:51 . 2015-06-15 21:45 3242496 ----a-w- c:\windows\system32\msi.dll
2016-05-14 11:51 . 2015-06-15 21:44 128000 ----a-w- c:\windows\system32\msiexec.exe
2016-05-14 11:51 . 2015-06-15 21:42 25088 ----a-w- c:\windows\system32\msimsg.dll
2016-05-14 11:47 . 2015-06-02 00:07 254976 ----a-w- c:\windows\system32\cewmdm.dll
2016-05-14 11:47 . 2015-06-01 23:47 210432 ----a-w- c:\windows\SysWow64\cewmdm.dll
2016-05-14 11:26 . 2015-04-24 18:17 633856 ----a-w- c:\windows\system32\comctl32.dll
2016-05-14 11:26 . 2015-04-24 17:56 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2016-05-14 11:18 . 2015-04-13 03:28 328704 ----a-w- c:\windows\system32\services.exe
2016-05-14 11:16 . 2016-05-14 11:16 -------- d-----w- C:\c0aff12bac7f93aab0
2016-05-14 11:09 . 2016-05-14 11:09 -------- d-----w- C:\15508e8d13e3a24545af21f1c632
2016-05-14 10:59 . 2015-03-04 04:55 367552 ----a-w- c:\windows\system32\clfs.sys
2016-05-14 10:59 . 2015-03-04 04:41 79360 ----a-w- c:\windows\system32\clfsw32.dll
2016-05-14 10:59 . 2015-03-04 04:10 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2016-05-14 10:53 . 2015-02-25 03:18 754688 ----a-w- c:\windows\system32\drivers\http.sys
2016-05-14 10:48 . 2015-02-03 03:12 988160 ----a-w- c:\windows\SysWow64\drmv2clt.dll
2016-05-14 10:48 . 2015-02-03 03:12 744960 ----a-w- c:\windows\SysWow64\blackbox.dll
2016-05-14 10:48 . 2015-02-03 03:30 680960 ----a-w- c:\windows\system32\audiosrv.dll
2016-05-14 10:48 . 2015-02-03 03:30 296448 ----a-w- c:\windows\system32\AudioSes.dll
2016-05-14 10:45 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2016-05-14 10:42 . 2015-02-03 03:31 215552 ----a-w- c:\windows\system32\ubpm.dll
2016-05-14 10:33 . 2015-01-17 02:48 1067520 ----a-w- c:\windows\system32\msctf.dll
2016-05-14 10:23 . 2014-12-08 03:09 406528 ----a-w- c:\windows\system32\scesrv.dll
2016-05-14 10:20 . 2015-01-07 03:10 782848 ----a-w- c:\windows\system32\gpsvc.dll
2016-05-14 10:20 . 2015-01-07 02:44 79872 ----a-w- c:\windows\SysWow64\gpapi.dll
2016-05-14 10:20 . 2015-01-07 01:48 105984 ----a-w- c:\windows\system32\drivers\dfsc.sys
2016-05-14 10:20 . 2015-01-07 04:12 15360 ----a-w- c:\windows\system32\drivers\de-DE\mup.sys.mui
2016-05-14 10:20 . 2015-01-07 03:15 104896 ----a-w- c:\windows\system32\drivers\mup.sys
2016-05-14 10:20 . 2015-01-07 01:49 310272 ----a-w- c:\windows\system32\drivers\rdbss.sys
2016-05-14 10:20 . 2014-06-28 00:21 457400 ----a-w- c:\windows\system32\ci.dll
2016-05-14 10:11 . 2012-10-03 17:44 70656 ----a-w- c:\windows\system32\nlaapi.dll
2016-05-14 10:11 . 2014-12-06 04:17 303616 ----a-w- c:\windows\system32\nlasvc.dll
2016-05-14 10:11 . 2012-10-03 17:44 216576 ----a-w- c:\windows\system32\ncsi.dll
2016-05-14 10:06 . 2014-12-19 03:06 210432 ----a-w- c:\windows\system32\profsvc.dll
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-05-14 16:42 . 2016-05-14 16:42 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2016-05-14 16:37 . 2016-05-14 16:42 110144 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-64.dll
2016-05-14 07:20 . 2016-05-14 07:20 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2016-05-14 07:20 . 2016-05-14 07:20 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2016-05-14 07:20 . 2016-05-14 07:20 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2016-05-14 07:20 . 2016-05-14 07:20 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2016-05-14 07:20 . 2016-05-14 07:20 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2016-05-14 07:20 . 2016-05-14 07:20 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2016-05-14 07:20 . 2016-05-14 07:20 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2016-05-14 07:19 . 2016-05-14 07:19 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2016-05-14 07:17 . 2016-05-14 07:17 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2016-05-14 07:17 . 2016-05-14 07:17 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2016-05-14 07:17 . 2016-05-14 07:17 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2016-05-14 07:17 . 2016-05-14 07:17 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2016-05-13 18:40 . 2010-11-21 03:24 14848 ----a-w- c:\windows\system32\slwga.dll
2016-05-13 18:40 . 2010-11-21 03:24 419840 ----a-w- c:\windows\system32\systemcpl.dll
2016-05-13 18:40 . 2010-11-21 03:23 13824 ----a-w- c:\windows\SysWow64\slwga.dll
2016-04-23 04:20 . 2016-05-14 17:40 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2016-04-23 04:08 . 2016-05-14 17:40 497152 ----a-w- c:\windows\SysWow64\vbscript.dll
2016-04-23 04:07 . 2016-05-14 17:40 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2016-04-23 03:30 . 2016-05-14 17:40 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2016-04-23 03:12 . 2016-05-14 17:40 2121216 ----a-w- c:\windows\SysWow64\wininet.dll
2016-04-09 06:59 . 2016-05-14 17:15 3998952 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2016-04-09 06:59 . 2016-05-14 17:15 3943144 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2016-04-09 06:57 . 2016-05-14 17:15 1314112 ----a-w- c:\windows\SysWow64\ntdll.dll
2016-04-09 06:54 . 2016-05-14 17:15 666112 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2016-04-09 06:54 . 2016-05-14 17:15 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2016-04-09 06:54 . 2016-05-14 17:15 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2016-04-09 06:54 . 2016-05-14 17:15 171520 ----a-w- c:\windows\SysWow64\wdigest.dll
2016-04-09 06:54 . 2016-05-14 17:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2016-04-09 06:54 . 2016-05-14 17:15 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2016-04-09 06:54 . 2016-05-14 17:15 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2016-04-09 06:54 . 2016-05-14 17:15 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-04-09 06:54 . 2016-05-14 17:15 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2016-04-09 06:54 . 2016-05-14 17:15 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-04-09 06:54 . 2016-05-14 17:15 223232 ----a-w- c:\windows\SysWow64\ncrypt.dll
2016-04-09 06:54 . 2016-05-14 17:15 260608 ----a-w- c:\windows\SysWow64\msv1_0.dll
2016-04-09 06:54 . 2016-05-14 17:15 60416 ----a-w- c:\windows\SysWow64\msobjs.dll
2016-04-09 06:54 . 2016-05-14 17:15 146432 ----a-w- c:\windows\SysWow64\msaudite.dll
2016-04-09 06:54 . 2016-05-14 17:15 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-04-09 05:38 . 2016-05-14 17:15 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2016-04-09 05:38 . 2016-05-14 17:15 2048 ----a-w- c:\windows\SysWow64\user.exe
2016-04-09 05:38 . 2016-05-14 17:15 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2016-04-09 04:20 . 2016-05-14 17:14 1230848 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2016-03-29 21:48 . 2016-03-29 21:48 49384 ----a-w- c:\windows\system32\drivers\WirelessKeyboardFilter.sys
2016-03-17 22:28 . 2016-05-14 17:38 1414144 ----a-w- c:\windows\SysWow64\ole32.dll
2016-03-16 18:28 . 2016-05-14 17:38 111616 ----a-w- c:\windows\SysWow64\mtxoci.dll
2016-03-16 18:28 . 2016-05-14 17:38 176128 ----a-w- c:\windows\SysWow64\msorcl32.dll
2016-03-15 23:53 . 2016-05-14 17:21 60416 ----a-w- c:\windows\SysWow64\samlib.dll
2016-03-09 18:40 . 2016-05-14 20:55 351744 ----a-w- c:\windows\SysWow64\winhttp.dll
2016-03-09 18:40 . 2016-05-14 20:55 316416 ----a-w- c:\windows\SysWow64\webio.dll
2016-03-06 18:38 . 2016-05-14 17:38 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2016-03-06 18:38 . 2016-05-14 17:38 1240576 ----a-w- c:\windows\SysWow64\msxml3.dll
2014-04-30 02:03 . 2014-04-30 02:03 2174976 ----a-w- c:\program files (x86)\Common Files\atimpenc.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2016-04-29 52142720]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2016-04-30 3077712]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2016-04-15 8698584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2012-02-02 2321072]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-02-16 322176]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2011-10-24 174720]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Avira SystrayStartTrigger"="c:\program files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2016-05-04 67840]
"avgnt"="c:\program files (x86)\Avira\Antivirus\avgnt.exe" [2016-04-04 814608]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-03-31 596504]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Scrybe.lnk - c:\windows\Installer\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe [2016-5-13 45056]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\Antivirus\avmailc7.exe;c:\program files (x86)\Avira\Antivirus\avmailc7.exe [x]
R2 AntiVirWebService;Avira Webschutz;c:\program files (x86)\Avira\Antivirus\avwebg7.exe;c:\program files (x86)\Avira\Antivirus\avwebg7.exe [x]
R2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AWiCSrvc;AWiCSrvc;c:\program files (x86)\Atheros\AWiCSrvc.exe;c:\program files (x86)\Atheros\AWiCSrvc.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel® Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;WatAdminSvc;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\Antivirus\sched.exe;c:\program files (x86)\Avira\Antivirus\sched.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 ScrybeUpdater;Scrybe-Updateprogramm;c:\program files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe;c:\program files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 WirelessKeyboardFilter;Wireless Keyboard Filter Device Service;c:\windows\system32\DRIVERS\WirelessKeyboardFilter.sys;c:\windows\SYSNATIVE\DRIVERS\WirelessKeyboardFilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ    SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Inhalt des "geplante Tasks" Ordners
.
2016-05-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-14 08:30]
.
2016-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-05-14 08:54]
.
2016-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-05-14 08:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-11-29 13653720]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-11-29 1353944]
"AWiC"="c:\program files (x86)\Atheros\AWiCMgr.exe" [2010-12-20 171168]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 83.169.184.33 83.169.184.97
FF - ProfilePath - c:\users\Umbrella Hunter\AppData\Roaming\Mozilla\Firefox\Profiles\HqCbREBg.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_242_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_242_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_21_0_0_242_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_21_0_0_242_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_242.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.21"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_242.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_242.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_242.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\Avira\Antivirus\avguard.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\Avira\Launcher\Avira.Systray.exe
c:\program files (x86)\Synaptics\Scrybe\scrybe.exe
c:\program files (x86)\Steam\bin\steamwebhelper.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2016-05-15  18:25:31 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2016-05-15 16:25
.
Vor Suchlauf: 17 Verzeichnis(se), 886.073.536.512 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 885.744.599.040 Bytes frei
.
- - End Of File - - 96A4BC67F42E7D47913AABCFFD650320
A36C5E4F47E84449FF07ED3517B43A31
 



BC AdBot (Login to Remove)

 


#2 Umbrella12

Umbrella12
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 15 May 2016 - 12:10 PM

this is from FRST Recovery Scan

 

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:14-05-2016
durchgeführt von Umbrella Hunter (Administrator) auf UMBRELLAHUNTER (15-05-2016 19:01:19)
Gestartet von C:\Users\Umbrella Hunter\Downloads
Geladene Profile: Umbrella Hunter (Verfügbare Profile: Umbrella Hunter)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics, Inc.) C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Atheros) C:\Program Files (x86)\Atheros\AWiCMgr.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Synaptics Incorporated) C:\Program Files (x86)\Synaptics\Scrybe\scrybe.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2735400 2011-03-31] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13653720 2013-11-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353944 2013-11-29] (Realtek Semiconductor)
HKLM\...\Run: [AWiC] => C:\Program Files (x86)\Atheros\AWiCMgr.exe [171168 2010-12-20] (Atheros)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-02] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176 2012-02-16] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-04-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-21-2493591646-330650112-2029302966-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [52142720 2016-04-29] (Skype Technologies S.A.)
HKU\S-1-5-21-2493591646-330650112-2029302966-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-2493591646-330650112-2029302966-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8698584 2016-04-15] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Scrybe.lnk [2016-05-13]
ShortcutTarget: Scrybe.lnk -> C:\Windows\Installer\{147DFAD8-34C3-4DE1-9FCA-ACEFDE9EF810}\NewShortcut11_8ACB210B42E44145A8C31F8E3DD765A3.exe (Acresso Software Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 83.169.184.33 83.169.184.97
Tcpip\..\Interfaces\{095C511F-B3AF-43AF-ACE6-54EBD85FECDB}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0A3D9C7C-CE7C-4F49-AD61-D248A230DAD4}: [DhcpNameServer] 83.169.184.33 83.169.184.97

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-2493591646-330650112-2029302966-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2493591646-330650112-2029302966-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-14] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-14] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-14] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-14] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Umbrella Hunter\AppData\Roaming\Mozilla\Firefox\Profiles\HqCbREBg.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-15] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-14] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
FF Extension: Password Exporter - C:\Users\Umbrella Hunter\AppData\Roaming\Mozilla\Firefox\Profiles\HqCbREBg.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2016-05-14]
FF Extension: QuickJava - C:\Users\Umbrella Hunter\AppData\Roaming\Mozilla\Firefox\Profiles\HqCbREBg.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-05-14]
FF Extension: Avira Browser Safety - C:\Users\Umbrella Hunter\AppData\Roaming\Mozilla\Firefox\Profiles\HqCbREBg.default\Extensions\abs@avira.com [2016-05-14]
FF Extension: Flagfox - C:\Users\Umbrella Hunter\AppData\Roaming\Mozilla\Firefox\Profiles\HqCbREBg.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-05-14]
FF Extension: Adblock Plus - C:\Users\Umbrella Hunter\AppData\Roaming\Mozilla\Firefox\Profiles\HqCbREBg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-14]

Chrome:
=======
CHR Profile: C:\Users\Umbrella Hunter\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Umbrella Hunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-14]
CHR Extension: (Google Drive) - C:\Users\Umbrella Hunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-14]
CHR Extension: (YouTube) - C:\Users\Umbrella Hunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-14]
CHR Extension: (Google Docs Offline) - C:\Users\Umbrella Hunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Umbrella Hunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-14]
CHR Extension: (Google Mail) - C:\Users\Umbrella Hunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-14]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-04-04] (Avira Operations GmbH & Co. KG)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [276424 2016-05-04] (Avira Operations GmbH & Co. KG)
S3 AWiCSrvc; C:\Program Files (x86)\Atheros\AWiCSrvc.exe [50336 2010-12-20] (Atheros Communications) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 ScrybeUpdater; C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [1300264 2011-05-27] (Synaptics, Inc.)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2016-05-13] () [Datei ist nicht signiert]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-04-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141920 2016-04-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-04-04] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2473616 2014-12-10] (MediaTek Inc.)
R3 WirelessKeyboardFilter; C:\Windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49384 2016-03-29] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

========================== MD5 Treiber =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\ACPI.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\adpahci.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\adpu320.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\afd.sys 9A4A1EEE802BF2F878EE8EAB407B21B7
C:\Windows\system32\drivers\agp440.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\aliide.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\amdide.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\amdk8.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\amdppm.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys 6474F8823C7188D2DA579F01FB6CED6B
C:\Windows\system32\drivers\arc.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\arcsas.sys ==> MD5 ist legitim
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 4C016FD76ED5C05E84CA8CAB77993961
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\atapi.sys ==> MD5 ist legitim
C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys 41CEAFFCF3550785E59E3EC9BEE8D97A
C:\Windows\System32\DRIVERS\avgntflt.sys 742D578C28F6F58B8B576F91A1D8EB4E
C:\Windows\System32\DRIVERS\avipbb.sys C9BED3BDC39FBCAA77A88308355B237E
C:\Windows\System32\DRIVERS\avkmgr.sys 390184FAD8FCC1B6DA25AEBAE928C3B6
C:\Windows\System32\DRIVERS\avnetflt.sys 138A53D17B040F5A3A307D44A89D0905
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 ist legitim
C:\Windows\System32\Drivers\Beep.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 ist legitim
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 ist legitim
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 ist legitim
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\circlass.sys ==> MD5 ist legitim
C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\cmdide.sys ==> MD5 ist legitim
C:\Windows\System32\Drivers\cng.sys CA3FB5A6B626D8A00A89E049CF95954E
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\dc3d.sys A4700D1F78539C0ED32FA50E64F9C692
C:\Windows\System32\Drivers\dfsc.sys CF1F6326AC44C42F4615D4BD53188AC5
C:\Windows\System32\drivers\discache.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\disk.sys 616387BBD83372220B09DE95F4E67BBC
C:\Windows\system32\drivers\drmkaud.sys 26FE888505E5A945B0536AF9A2A27A6F
C:\Windows\System32\drivers\dxgkrnl.sys 3A9D7D464BDB3B70D7ECF689ADABBD4D
C:\Windows\system32\drivers\evbda.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\elxstor.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\errdev.sys ==> MD5 ist legitim
C:\Windows\System32\Drivers\exfat.sys ==> MD5 ist legitim
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\fdc.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\filetrace.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 ist legitim
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\hidbth.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\hidir.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 5863E2DD2E5C2D1B1F70C3826C162A7B
C:\Windows\system32\drivers\iirsp.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\RTKVHD64.sys 4EE9F785FEB23D6F02C515879E59713A
C:\Windows\System32\DRIVERS\IntcDAud.sys EA26AE512C63026756D2ACA0711BA7E5
C:\Windows\system32\drivers\intelide.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\ipnat.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\irenum.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\isapnp.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 ist legitim
C:\Windows\System32\Drivers\ksecdd.sys 0878723427BA190E5ABA5AA0112FA4D4
C:\Windows\System32\Drivers\ksecpkg.sys C08CCCE2BE68D04E6C142614736959DA
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\luafv.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\megasas.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\TeeDriverx64.sys E0EF6C1399A9B1AAA0B28590411BED04
C:\Windows\System32\drivers\modem.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\mountmgr.sys 67050452C0118BAF2883928E6FCCFE47
C:\Windows\system32\drivers\mpio.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\mrxdav.sys D7ADC2B83CA0B0381F75A98351F72CEE
C:\Windows\System32\DRIVERS\mrxsmb.sys 035C0A9A63DF3F3A52B90D8F6BF0F166
C:\Windows\System32\DRIVERS\mrxsmb10.sys 8308FC2E9147D7632221E3279BB14660
C:\Windows\System32\DRIVERS\mrxsmb20.sys 1F8DA4ECAEA7E2BCD97E738795817431
C:\Windows\System32\drivers\msahci.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\msdsm.sys ==> MD5 ist legitim
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 ist legitim
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 ist legitim
C:\Windows\System32\Drivers\mup.sys AA0C2BA3782E92BD85E2264BE418E67C
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\ndis.sys F7309F42555F8AAB7144A51A1F2585B0
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 ist legitim
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\netr28x.sys 8B5CCD0323FFD5E6A472A5FF30A14799
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 ist legitim
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 ist legitim
C:\Windows\System32\Drivers\Ntfs.sys 47B2D0B31BDC3EBE6090228E2BA3764D
C:\Windows\System32\Drivers\Null.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\parport.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\pciide.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\pcw.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\processr.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\ql2300.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\rdbss.sys 71B6F78D6444CCE6F77BC42917A4E8F7
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\Rt64win7.sys 46C200885F182C04DAFDA6FB5B3CE058
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 ist legitim
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\serenum.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\serial.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\sermouse.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 ist legitim
C:\Windows\System32\Drivers\spldr.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\SynTP.sys 8DF6C536ECE3B538978B53C223AB905D
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys AA77EB517D2F07A947294F260E3ACA83
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\tssecsrv.sys 19BEDA57F3E0A06B8D5EB6D619BD5624
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\uagp35.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\umpass.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\usbprint.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\USBSTOR.SYS D029DD09E22EB24318A8FC3D8138BA43
C:\Windows\system32\drivers\usbuhci.sys ==> MD5 ist legitim
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\vga.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\viaide.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\volmgr.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\volsnap.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\wacompen.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\wd.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\wimmount.sys ==> MD5 ist legitim
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 ist legitim
C:\Windows\System32\DRIVERS\WirelessKeyboardFilter.sys 0CE1584F302C28FC38565B3822A94513
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 ist legitim
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 ist legitim
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-15 19:01 - 2016-05-15 19:02 - 00030680 _____ C:\Users\Umbrella Hunter\Downloads\FRST.txt
2016-05-15 19:01 - 2016-05-15 19:01 - 00000000 ____D C:\FRST
2016-05-15 19:00 - 2016-05-15 19:00 - 02382336 _____ (Farbar) C:\Users\Umbrella Hunter\Downloads\FRST64.exe
2016-05-15 18:40 - 2016-05-15 18:40 - 00029733 _____ C:\Users\Umbrella Hunter\Desktop\gdf.txt
2016-05-15 18:27 - 2016-05-15 18:27 - 00028859 _____ C:\Users\Umbrella Hunter\Desktop\combofix.txt
2016-05-15 18:25 - 2016-05-15 18:25 - 00028859 _____ C:\ComboFix.txt
2016-05-15 18:20 - 2016-05-15 18:20 - 00000118 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-15 18:08 - 2016-05-15 18:25 - 00000000 ____D C:\Qoobox
2016-05-15 18:08 - 2016-05-15 18:25 - 00000000 ____D C:\ComboFix
2016-05-15 18:08 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2016-05-15 18:08 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2016-05-15 18:08 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-05-15 18:08 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-05-15 18:08 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-05-15 18:08 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2016-05-15 18:08 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2016-05-15 18:08 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2016-05-15 18:06 - 2016-05-15 18:06 - 00058016 _____ C:\Users\Umbrella Hunter\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-15 18:02 - 2016-05-15 18:03 - 00267816 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-15 17:56 - 2016-05-15 18:01 - 00000000 ____D C:\AdwCleaner
2016-05-15 17:56 - 2016-05-15 17:57 - 03640384 _____ C:\Users\Umbrella Hunter\Downloads\adwcleaner_5.116.exe
2016-05-15 17:55 - 2016-05-15 17:55 - 05658358 _____ (Swearware) C:\Users\Umbrella Hunter\Downloads\ComboFix.exe
2016-05-15 17:54 - 2016-05-15 17:54 - 00002822 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-05-15 17:54 - 2016-05-15 17:54 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-05-15 17:54 - 2016-05-15 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-05-15 17:54 - 2016-05-15 17:54 - 00000000 ____D C:\Program Files\CCleaner
2016-05-15 17:52 - 2016-05-15 17:52 - 00001011 _____ C:\Users\Umbrella Hunter\Desktop\Trojancheck.lnk
2016-05-15 17:52 - 2016-05-15 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojancheck 6
2016-05-15 17:52 - 2016-05-15 17:52 - 00000000 ____D C:\Program Files (x86)\Trojancheck 6
2016-05-15 17:51 - 2016-05-15 17:53 - 00002562 _____ C:\Windows\diagwrn.xml
2016-05-15 17:51 - 2016-05-15 17:53 - 00001908 _____ C:\Windows\diagerr.xml
2016-05-15 17:49 - 2016-05-15 18:24 - 00000000 ____D C:\Windows\erdnt
2016-05-15 17:49 - 2016-05-15 18:08 - 00000000 ____D C:\Users\Umbrella Hunter\Desktop\Neuer Ordner
2016-05-15 11:47 - 2016-05-15 11:47 - 00000218 _____ C:\Users\Umbrella Hunter\Desktop\Counter-Strike.url
2016-05-15 11:30 - 2016-05-15 18:18 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-15 11:30 - 2016-05-15 11:30 - 01380712 _____ C:\Users\Umbrella Hunter\Downloads\SteamSetup.exe
2016-05-15 11:30 - 2016-05-15 11:30 - 00000963 _____ C:\Users\Public\Desktop\Steam.lnk
2016-05-15 11:30 - 2016-05-15 11:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-05-15 10:55 - 2016-05-15 10:55 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Local\Macromedia
2016-05-15 10:52 - 2016-05-15 10:52 - 00000231 _____ C:\Users\Umbrella Hunter\Desktop\kabel D.txt
2016-05-15 10:27 - 2016-05-15 10:27 - 01193680 _____ (Adobe Systems Incorporated) C:\Users\Umbrella Hunter\Downloads\flashplayer21pp_xa_install.exe
2016-05-15 09:59 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2016-05-15 09:59 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-05-15 09:59 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-05-15 09:59 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2016-05-15 09:59 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2016-05-15 09:59 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2016-05-15 09:59 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2016-05-15 09:59 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2016-05-15 09:59 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2016-05-15 09:59 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2016-05-15 09:59 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2016-05-15 09:59 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2016-05-15 09:59 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-05-15 09:59 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2016-05-15 09:59 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2016-05-15 09:59 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-05-15 09:59 - 2013-10-01 22:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-05-15 09:59 - 2013-10-01 22:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-05-15 09:57 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-05-15 09:57 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2016-05-15 09:57 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2016-05-15 09:57 - 2012-08-23 15:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-05-15 09:57 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2016-05-15 09:57 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2016-05-15 09:57 - 2012-08-23 11:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-05-15 09:54 - 2016-05-15 09:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2016-05-15 09:54 - 2016-05-15 09:54 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01009.Wdf
2016-05-15 09:50 - 2016-05-15 09:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-05-15 09:24 - 2016-05-15 09:37 - 00000000 ____D C:\Windows\system32\MRT
2016-05-15 09:24 - 2016-05-15 09:24 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-15 09:06 - 2016-05-15 09:12 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-15 09:06 - 2016-05-15 09:06 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-15 09:06 - 2016-05-15 09:06 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-05-15 09:06 - 2016-05-15 09:06 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-14 23:19 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2016-05-14 23:19 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-05-14 22:58 - 2015-08-05 19:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2016-05-14 22:58 - 2015-08-05 19:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-05-14 22:57 - 2015-12-16 20:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-05-14 22:57 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-05-14 22:57 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-05-14 22:57 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-05-14 22:57 - 2015-12-16 20:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-05-14 22:57 - 2015-12-16 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-05-14 22:57 - 2015-12-16 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-05-14 22:57 - 2015-12-16 20:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-05-14 22:57 - 2015-12-16 16:38 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2016-05-14 22:57 - 2015-12-16 16:37 - 00419928 _____ C:\Windows\system32\locale.nls
2016-05-14 22:55 - 2016-03-09 21:00 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-05-14 22:55 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-05-14 22:55 - 2016-03-09 20:40 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-05-14 22:55 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-05-14 22:54 - 2016-05-14 22:54 - 01559112 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-05-14 22:41 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2016-05-14 22:41 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2016-05-14 22:41 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2016-05-14 22:41 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2016-05-14 22:41 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2016-05-14 22:41 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2016-05-14 22:41 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2016-05-14 22:41 - 2012-06-02 16:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2016-05-14 21:04 - 2016-05-14 21:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-14 20:45 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2016-05-14 20:45 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2016-05-14 20:45 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2016-05-14 20:45 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2016-05-14 20:45 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2016-05-14 20:45 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2016-05-14 20:45 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2016-05-14 20:45 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2016-05-14 20:45 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2016-05-14 20:45 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2016-05-14 20:45 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2016-05-14 20:45 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2016-05-14 20:45 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2016-05-14 20:45 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2016-05-14 20:45 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2016-05-14 20:45 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-05-14 20:45 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2016-05-14 20:45 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-05-14 20:45 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2016-05-14 19:46 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2016-05-14 19:46 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2016-05-14 19:46 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2016-05-14 19:46 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2016-05-14 19:43 - 2016-02-12 20:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-05-14 19:43 - 2016-02-12 20:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-05-14 19:43 - 2016-02-12 20:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-05-14 19:43 - 2016-02-12 20:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-05-14 19:43 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-05-14 19:43 - 2016-02-12 20:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-05-14 19:43 - 2016-02-12 20:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-05-14 19:43 - 2016-02-12 20:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-05-14 19:43 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-05-14 19:43 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-05-14 19:43 - 2016-02-12 20:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-05-14 19:43 - 2016-02-12 20:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-05-14 19:43 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-05-14 19:43 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-05-14 19:43 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-05-14 19:43 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-05-14 19:43 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-05-14 19:43 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-05-14 19:43 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2016-05-14 19:43 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-05-14 19:42 - 2016-01-22 08:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-05-14 19:42 - 2016-01-22 08:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-05-14 19:42 - 2016-01-22 08:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-05-14 19:42 - 2016-01-22 08:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-05-14 19:42 - 2015-12-08 23:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-05-14 19:42 - 2015-12-08 23:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-05-14 19:42 - 2015-12-08 23:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-05-14 19:42 - 2015-12-08 23:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-05-14 19:42 - 2015-12-08 23:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-05-14 19:42 - 2015-12-08 23:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-05-14 19:42 - 2015-12-08 23:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-05-14 19:42 - 2015-12-08 23:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-05-14 19:42 - 2015-12-08 23:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-05-14 19:42 - 2015-12-08 23:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-05-14 19:42 - 2015-12-08 23:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-05-14 19:42 - 2015-12-08 23:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-05-14 19:42 - 2015-12-08 23:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-05-14 19:42 - 2015-12-08 23:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-05-14 19:42 - 2015-12-08 23:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-05-14 19:42 - 2015-12-08 23:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-05-14 19:42 - 2015-12-08 23:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-05-14 19:42 - 2015-12-08 23:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-05-14 19:42 - 2015-12-08 23:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-05-14 19:42 - 2015-12-08 23:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-05-14 19:42 - 2015-12-08 23:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-05-14 19:42 - 2015-12-08 23:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-05-14 19:42 - 2015-12-08 23:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-05-14 19:42 - 2015-12-08 23:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-05-14 19:42 - 2015-12-08 23:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-05-14 19:42 - 2015-12-08 23:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-05-14 19:42 - 2015-12-08 23:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-05-14 19:42 - 2015-12-08 23:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-05-14 19:42 - 2015-12-08 23:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-05-14 19:42 - 2015-12-08 23:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-05-14 19:42 - 2015-12-08 23:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-05-14 19:42 - 2015-12-08 23:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-05-14 19:42 - 2015-12-08 23:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-05-14 19:42 - 2015-12-08 23:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-05-14 19:42 - 2015-12-08 23:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-05-14 19:42 - 2015-12-08 21:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-05-14 19:42 - 2015-12-08 21:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-05-14 19:42 - 2015-12-08 21:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-05-14 19:42 - 2015-12-08 21:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-05-14 19:42 - 2015-12-08 21:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-05-14 19:42 - 2015-12-08 21:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-05-14 19:42 - 2015-12-08 21:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-05-14 19:42 - 2015-12-08 21:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-05-14 19:42 - 2015-12-08 21:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-05-14 19:42 - 2015-12-08 21:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-05-14 19:42 - 2015-12-08 21:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-05-14 19:42 - 2015-12-08 21:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-05-14 19:42 - 2015-12-08 21:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-05-14 19:42 - 2015-12-08 21:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-05-14 19:42 - 2015-12-08 21:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-05-14 19:42 - 2015-12-08 21:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-05-14 19:42 - 2015-12-08 21:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-05-14 19:42 - 2015-12-08 21:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-05-14 19:42 - 2015-12-08 21:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-05-14 19:42 - 2015-12-08 21:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-05-14 19:42 - 2015-12-08 21:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-05-14 19:42 - 2015-12-08 21:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-05-14 19:42 - 2015-12-08 21:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-05-14 19:42 - 2015-12-08 21:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-05-14 19:42 - 2015-12-08 21:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-05-14 19:42 - 2015-12-08 21:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-05-14 19:42 - 2015-12-08 21:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-05-14 19:42 - 2015-12-08 21:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-05-14 19:42 - 2015-12-08 21:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-05-14 19:42 - 2015-12-08 21:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-05-14 19:42 - 2015-12-08 21:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-05-14 19:42 - 2015-12-08 21:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-05-14 19:42 - 2015-12-08 21:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-05-14 19:42 - 2015-12-08 21:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-05-14 19:42 - 2015-12-08 21:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-05-14 19:42 - 2015-12-08 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-05-14 19:42 - 2015-12-08 21:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-05-14 19:42 - 2015-12-08 20:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-05-14 19:42 - 2015-12-08 20:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-05-14 19:42 - 2015-12-08 20:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-05-14 19:41 - 2015-11-19 16:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-05-14 19:41 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-05-14 19:40 - 2016-04-23 19:08 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-05-14 19:40 - 2016-04-23 18:24 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-05-14 19:40 - 2016-04-23 07:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-05-14 19:40 - 2016-04-23 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-05-14 19:40 - 2016-04-23 07:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-05-14 19:40 - 2016-04-23 07:00 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-14 19:40 - 2016-04-23 07:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-14 19:40 - 2016-04-23 07:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-05-14 19:40 - 2016-04-23 06:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-05-14 19:40 - 2016-04-23 06:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-05-14 19:40 - 2016-04-23 06:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-05-14 19:40 - 2016-04-23 06:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-05-14 19:40 - 2016-04-23 06:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-05-14 19:40 - 2016-04-23 06:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-05-14 19:40 - 2016-04-23 06:21 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-05-14 19:40 - 2016-04-23 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-05-14 19:40 - 2016-04-23 06:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-05-14 19:40 - 2016-04-23 06:11 - 20350464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-14 19:40 - 2016-04-23 06:08 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-14 19:40 - 2016-04-23 06:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-05-14 19:40 - 2016-04-23 06:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-05-14 19:40 - 2016-04-23 06:07 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-05-14 19:40 - 2016-04-23 06:07 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-05-14 19:40 - 2016-04-23 06:07 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-05-14 19:40 - 2016-04-23 06:06 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-05-14 19:40 - 2016-04-23 06:05 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-05-14 19:40 - 2016-04-23 06:04 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-14 19:40 - 2016-04-23 06:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-05-14 19:40 - 2016-04-23 06:01 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-05-14 19:40 - 2016-04-23 05:59 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-05-14 19:40 - 2016-04-23 05:58 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-14 19:40 - 2016-04-23 05:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-05-14 19:40 - 2016-04-23 05:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-05-14 19:40 - 2016-04-23 05:50 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-05-14 19:40 - 2016-04-23 05:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-14 19:40 - 2016-04-23 05:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-05-14 19:40 - 2016-04-23 05:43 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-05-14 19:40 - 2016-04-23 05:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-05-14 19:40 - 2016-04-23 05:40 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-05-14 19:40 - 2016-04-23 05:39 - 01547776 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-14 19:40 - 2016-04-23 05:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-05-14 19:40 - 2016-04-23 05:36 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-14 19:40 - 2016-04-23 05:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-05-14 19:40 - 2016-04-23 05:31 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-05-14 19:40 - 2016-04-23 05:30 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-05-14 19:40 - 2016-04-23 05:30 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-05-14 19:40 - 2016-04-23 05:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-05-14 19:40 - 2016-04-23 05:26 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-14 19:40 - 2016-04-23 05:12 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-05-14 19:40 - 2016-04-23 05:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-14 19:40 - 2016-04-23 05:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-05-14 19:40 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-14 19:40 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-14 19:40 - 2016-01-22 08:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-05-14 19:40 - 2016-01-22 08:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-05-14 19:40 - 2016-01-22 08:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-05-14 19:40 - 2016-01-22 08:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-05-14 19:40 - 2016-01-22 08:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-05-14 19:40 - 2016-01-22 07:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-05-14 19:40 - 2016-01-22 07:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-05-14 19:40 - 2016-01-22 07:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-05-14 19:40 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2016-05-14 19:40 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2016-05-14 19:40 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-05-14 19:39 - 2016-04-23 07:25 - 25816064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-14 19:39 - 2016-04-23 07:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-05-14 19:39 - 2016-04-23 07:00 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-05-14 19:39 - 2016-04-23 06:48 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-05-14 19:39 - 2016-04-23 06:47 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-14 19:39 - 2016-04-23 06:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-05-14 19:39 - 2016-04-23 06:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-05-14 19:39 - 2016-04-23 06:46 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-14 19:39 - 2016-04-23 06:36 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-05-14 19:39 - 2016-04-23 06:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-05-14 19:39 - 2016-04-23 06:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-05-14 19:39 - 2016-04-23 06:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-05-14 19:39 - 2016-04-23 06:06 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-05-14 19:39 - 2016-04-23 06:00 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-14 19:39 - 2016-04-23 05:51 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-05-14 19:38 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-14 19:38 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-05-14 19:38 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-05-14 19:38 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-05-14 19:38 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-05-14 19:38 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-05-14 19:38 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-05-14 19:38 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-05-14 19:38 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-05-14 19:38 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-05-14 19:38 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-05-14 19:38 - 2015-11-14 01:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-05-14 19:38 - 2015-11-14 01:09 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-05-14 19:38 - 2015-11-14 01:08 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-05-14 19:38 - 2015-11-14 00:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-05-14 19:38 - 2015-11-14 00:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-05-14 19:38 - 2015-11-14 00:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-05-14 19:38 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-05-14 19:38 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-05-14 19:38 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2016-05-14 19:38 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-05-14 19:38 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-05-14 19:38 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2016-05-14 19:38 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2016-05-14 19:38 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2016-05-14 19:38 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2016-05-14 19:38 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2016-05-14 19:38 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2016-05-14 19:38 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2016-05-14 19:38 - 2011-06-16 07:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2016-05-14 19:38 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2016-05-14 19:37 - 2015-11-03 21:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-05-14 19:37 - 2015-11-03 20:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-05-14 19:37 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2016-05-14 19:37 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2016-05-14 19:37 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2016-05-14 19:37 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2016-05-14 19:37 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2016-05-14 19:37 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2016-05-14 19:37 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2016-05-14 19:37 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2016-05-14 19:37 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2016-05-14 19:37 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2016-05-14 19:37 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2016-05-14 19:37 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2016-05-14 19:37 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-05-14 19:37 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-05-14 19:37 - 2011-05-04 07:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2016-05-14 19:37 - 2011-05-04 07:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2016-05-14 19:37 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2016-05-14 19:37 - 2011-05-04 07:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2016-05-14 19:37 - 2011-05-04 07:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2016-05-14 19:37 - 2011-05-04 07:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2016-05-14 19:37 - 2011-05-04 07:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2016-05-14 19:37 - 2011-05-04 07:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2016-05-14 19:37 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2016-05-14 19:37 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2016-05-14 19:37 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2016-05-14 19:37 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2016-05-14 19:37 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2016-05-14 19:37 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2016-05-14 19:37 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2016-05-14 19:37 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2016-05-14 19:37 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2016-05-14 19:37 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2016-05-14 19:36 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-05-14 19:33 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2016-05-14 19:33 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2016-05-14 19:32 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-14 19:32 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-14 19:32 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-05-14 19:32 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-05-14 19:32 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2016-05-14 19:32 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-05-14 19:32 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2016-05-14 19:32 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-05-14 19:32 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-05-14 19:30 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2016-05-14 19:30 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2016-05-14 19:27 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-14 19:27 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-14 19:27 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-14 19:27 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-05-14 19:27 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-05-14 19:27 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-05-14 19:27 - 2016-01-11 21:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-05-14 19:27 - 2015-11-10 20:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-05-14 19:27 - 2015-11-10 20:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-05-14 19:27 - 2015-11-10 20:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-05-14 19:27 - 2015-11-10 20:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-05-14 19:27 - 2015-11-10 20:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-05-14 19:27 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-05-14 19:27 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2016-05-14 19:27 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2016-05-14 19:27 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2016-05-14 19:27 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2016-05-14 19:27 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2016-05-14 19:27 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2016-05-14 19:27 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2016-05-14 19:26 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-05-14 19:26 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-05-14 19:26 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-05-14 19:26 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-05-14 19:26 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2016-05-14 19:26 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2016-05-14 19:26 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2016-05-14 19:26 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2016-05-14 19:26 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2016-05-14 19:26 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2016-05-14 19:26 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2016-05-14 19:26 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2016-05-14 19:26 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2016-05-14 19:26 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2016-05-14 19:26 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2016-05-14 19:26 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2016-05-14 19:26 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2016-05-14 19:26 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2016-05-14 19:26 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2016-05-14 19:26 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2016-05-14 19:26 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2016-05-14 19:26 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2016-05-14 19:25 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-05-14 19:25 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-05-14 19:25 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-05-14 19:25 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-05-14 19:25 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-05-14 19:25 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-05-14 19:25 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-05-14 19:25 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-05-14 19:25 - 2016-02-03 20:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-05-14 19:25 - 2016-02-03 20:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-05-14 19:25 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-05-14 19:25 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-05-14 19:25 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-05-14 19:25 - 2016-02-03 16:07 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2016-05-14 19:25 - 2016-01-07 19:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-05-14 19:25 - 2015-11-05 21:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2016-05-14 19:25 - 2015-11-05 21:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2016-05-14 19:25 - 2015-11-05 11:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-05-14 19:25 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-05-14 19:25 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-05-14 19:25 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-05-14 19:25 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-05-14 19:25 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-05-14 19:25 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-05-14 19:25 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-05-14 19:25 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-05-14 19:25 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2016-05-14 19:21 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-05-14 19:21 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-05-14 19:21 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-05-14 19:21 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-05-14 19:21 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-05-14 19:21 - 2015-11-11 20:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-05-14 19:21 - 2015-11-11 20:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-05-14 19:21 - 2015-11-11 20:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-05-14 19:21 - 2015-11-11 20:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-05-14 19:21 - 2015-10-13 18:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-05-14 19:21 - 2015-10-13 18:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-05-14 19:21 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-05-14 19:21 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-05-14 19:21 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2016-05-14 19:21 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2016-05-14 19:21 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-05-14 19:21 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2016-05-14 19:21 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2016-05-14 19:21 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2016-05-14 19:19 - 2016-02-05 20:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-05-14 19:19 - 2016-02-05 20:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-05-14 19:19 - 2016-02-05 20:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-05-14 19:19 - 2016-02-05 20:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-05-14 19:19 - 2016-02-05 20:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-05-14 19:19 - 2016-02-05 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-05-14 19:19 - 2016-02-05 20:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-05-14 19:19 - 2016-02-05 19:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-05-14 19:19 - 2016-02-05 19:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-05-14 19:19 - 2016-02-05 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-05-14 19:19 - 2015-10-29 19:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2016-05-14 19:19 - 2015-10-29 19:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2016-05-14 19:19 - 2015-10-29 19:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2016-05-14 19:19 - 2015-10-29 19:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2016-05-14 19:19 - 2015-10-29 19:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2016-05-14 19:19 - 2015-10-29 19:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2016-05-14 19:19 - 2015-10-29 19:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2016-05-14 19:19 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2016-05-14 19:19 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2016-05-14 19:19 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2016-05-14 19:19 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2016-05-14 19:19 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2016-05-14 19:19 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2016-05-14 19:19 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2016-05-14 19:19 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2016-05-14 19:19 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2016-05-14 19:19 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2016-05-14 19:19 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2016-05-14 19:19 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2016-05-14 19:19 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2016-05-14 19:19 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2016-05-14 19:19 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2016-05-14 19:19 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2016-05-14 19:19 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2016-05-14 19:19 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2016-05-14 19:19 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2016-05-14 19:19 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2016-05-14 19:19 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2016-05-14 19:19 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2016-05-14 19:19 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2016-05-14 19:19 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2016-05-14 19:19 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2016-05-14 19:19 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2016-05-14 19:19 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2016-05-14 19:19 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2016-05-14 19:19 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2016-05-14 19:19 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2016-05-14 19:19 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2016-05-14 19:19 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2016-05-14 19:19 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2016-05-14 19:19 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2016-05-14 19:19 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2016-05-14 19:19 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2016-05-14 19:18 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-14 19:18 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-14 19:18 - 2015-12-08 23:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-05-14 19:18 - 2015-12-08 21:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-05-14 19:18 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-05-14 19:18 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-05-14 19:18 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-05-14 19:18 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-05-14 19:16 - 2016-05-14 19:25 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Roaming\UseNeXT
2016-05-14 19:16 - 2016-05-14 19:19 - 00000000 ____D C:\Users\Umbrella Hunter\Documents\UseNeXT
2016-05-14 19:16 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-05-14 19:16 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-05-14 19:16 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2016-05-14 19:16 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-05-14 19:16 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2016-05-14 19:16 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2016-05-14 19:16 - 2014-10-30 04:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2016-05-14 19:16 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2016-05-14 19:16 - 2014-10-03 04:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-05-14 19:16 - 2014-10-03 04:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-05-14 19:16 - 2014-10-03 04:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-05-14 19:16 - 2014-10-03 04:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-05-14 19:16 - 2014-10-03 04:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-05-14 19:16 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-05-14 19:16 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-05-14 19:16 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-05-14 19:16 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-05-14 19:16 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-05-14 19:16 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2016-05-14 19:16 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-05-14 19:16 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2016-05-14 19:16 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2016-05-14 19:16 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2016-05-14 19:16 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2016-05-14 19:16 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2016-05-14 19:16 - 2011-02-05 19:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2016-05-14 19:16 - 2011-02-05 19:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2016-05-14 19:16 - 2011-02-05 19:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2016-05-14 19:15 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-14 19:15 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-14 19:15 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-14 19:15 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-14 19:15 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-14 19:15 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-14 19:15 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-14 19:15 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-14 19:15 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-14 19:15 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-14 19:15 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-14 19:15 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-14 19:15 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-14 19:15 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-14 19:15 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-14 19:15 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-14 19:15 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-14 19:15 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-14 19:15 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-14 19:15 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-14 19:15 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-14 19:15 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-14 19:15 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-14 19:15 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-14 19:15 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-14 19:15 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-14 19:15 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-14 19:15 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-14 19:15 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-14 19:15 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-14 19:15 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-14 19:15 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-14 19:15 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-14 19:15 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-14 19:15 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-14 19:15 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-14 19:15 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-14 19:15 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-14 19:15 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-14 19:15 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-14 19:15 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-14 19:15 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-05-14 19:15 - 2016-03-24 00:40 - 00634432 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-05-14 19:15 - 2016-03-24 00:40 - 00546656 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-05-14 19:15 - 2016-03-24 00:40 - 00459344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-05-14 19:15 - 2016-03-24 00:40 - 00298192 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-05-14 19:15 - 2016-03-24 00:39 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-05-14 19:15 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-05-14 19:15 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-05-14 19:15 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-05-14 19:15 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-05-14 19:15 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-05-14 19:15 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-05-14 19:15 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-05-14 19:15 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-05-14 19:15 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-05-14 19:15 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-05-14 19:15 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-05-14 19:15 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-05-14 19:15 - 2015-11-03 21:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2016-05-14 19:15 - 2015-11-03 20:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2016-05-14 19:15 - 2015-10-13 06:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-05-14 19:15 - 2011-02-18 12:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2016-05-14 19:15 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2016-05-14 19:14 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-14 19:14 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-14 18:45 - 2016-05-14 18:45 - 00000000 ____D C:\Windows\Sun
2016-05-14 18:42 - 2016-05-14 18:42 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-05-14 18:42 - 2016-05-14 18:37 - 00110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2016-05-14 18:42 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-05-14 18:41 - 2016-05-14 18:41 - 00000000 ____D C:\Program Files (x86)\Java
2016-05-14 18:39 - 2016-05-14 18:39 - 00738880 _____ (Oracle Corporation) C:\Users\Umbrella Hunter\Downloads\jxpiinstall.exe
2016-05-14 18:38 - 2016-05-14 18:42 - 00000000 ____D C:\Users\Umbrella Hunter\.oracle_jre_usage
2016-05-14 18:38 - 2016-05-14 18:38 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Roaming\Sun
2016-05-14 18:38 - 2016-05-14 18:38 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\LocalLow\Sun
2016-05-14 18:37 - 2016-05-14 18:42 - 00000000 ____D C:\ProgramData\Oracle
2016-05-14 18:37 - 2016-05-14 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-14 18:37 - 2016-05-14 18:37 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-05-14 18:37 - 2016-05-14 18:37 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\LocalLow\Oracle
2016-05-14 18:37 - 2016-05-14 18:37 - 00000000 ____D C:\Program Files\Java
2016-05-14 18:35 - 2016-05-14 18:37 - 57666112 _____ (Oracle Corporation) C:\Users\Umbrella Hunter\Downloads\jre-8u91-windows-x64.exe
2016-05-14 18:20 - 2016-05-14 18:20 - 00000000 ____D C:\L4D
2016-05-14 18:14 - 2016-05-15 17:56 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-05-14 18:13 - 2016-05-14 18:13 - 00000000 ____D C:\Users\Umbrella Hunter\Tracing
2016-05-14 18:12 - 2016-05-15 18:09 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Roaming\Skype
2016-05-14 18:12 - 2016-05-14 18:12 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2016-05-14 18:12 - 2016-05-14 18:12 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-14 18:12 - 2016-05-14 18:12 - 00000000 ____D C:\ProgramData\Skype
2016-05-14 18:12 - 2016-05-14 18:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-05-14 18:09 - 2016-05-14 18:09 - 01463424 _____ (Skype Technologies S.A.) C:\Users\Umbrella Hunter\Downloads\SkypeSetup.exe
2016-05-14 18:08 - 2016-05-14 18:08 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Local\Steam
2016-05-14 18:08 - 2016-05-14 18:08 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Local\CEF
2016-05-14 16:55 - 2016-05-14 16:56 - 02737255 _____ (NETGEAR Inc.) C:\Users\Umbrella Hunter\Downloads\NETGEARGenie-install.exe.part
2016-05-14 16:49 - 2016-05-14 16:49 - 00985600 _____ C:\Users\Umbrella Hunter\Downloads\MicrosoftFixit50123.msi
2016-05-14 16:45 - 2016-05-14 16:45 - 11489280 _____ C:\Users\Umbrella Hunter\Downloads\TAPICall-10000.msi
2016-05-14 14:46 - 2016-05-14 14:46 - 00000000 ____D C:\Users\Umbrella Hunter\Desktop\pics
2016-05-14 14:36 - 2016-05-14 14:36 - 00000000 ____D C:\Users\Umbrella Hunter\Desktop\Alcatech.BPM.Studio.Professional.v4.9.Cracked
2016-05-14 14:03 - 2016-05-14 14:03 - 00000000 ____D C:\c99eb5eda2aa9164f1de
2016-05-14 13:51 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-05-14 13:51 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-05-14 13:51 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-05-14 13:51 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-05-14 13:51 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-05-14 13:51 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-05-14 13:51 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-05-14 13:51 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-05-14 13:47 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2016-05-14 13:47 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2016-05-14 13:26 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2016-05-14 13:26 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2016-05-14 13:18 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2016-05-14 13:16 - 2016-05-14 13:16 - 00000000 ____D C:\c0aff12bac7f93aab0
2016-05-14 13:09 - 2016-05-14 13:09 - 00000000 ____D C:\15508e8d13e3a24545af21f1c632
2016-05-14 12:59 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-05-14 12:59 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2016-05-14 12:59 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2016-05-14 12:53 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-05-14 12:49 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-05-14 12:49 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-05-14 12:49 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-05-14 12:49 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-05-14 12:49 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-05-14 12:49 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-05-14 12:49 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-05-14 12:49 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-05-14 12:49 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-05-14 12:49 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-05-14 12:49 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-05-14 12:49 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-05-14 12:49 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-05-14 12:49 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-05-14 12:49 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-05-14 12:49 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-05-14 12:49 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-05-14 12:49 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-05-14 12:49 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-05-14 12:49 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-05-14 12:49 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-05-14 12:49 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-05-14 12:49 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-05-14 12:49 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-05-14 12:49 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-05-14 12:49 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-05-14 12:48 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-05-14 12:48 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-05-14 12:48 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-05-14 12:48 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-05-14 12:48 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-05-14 12:45 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-05-14 12:45 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-05-14 12:42 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2016-05-14 12:42 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2016-05-14 12:33 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-05-14 12:33 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-05-14 12:23 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2016-05-14 12:23 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2016-05-14 12:20 - 2015-01-07 05:15 - 00104896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2016-05-14 12:20 - 2015-01-07 05:10 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-05-14 12:20 - 2015-01-07 04:44 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-05-14 12:20 - 2015-01-07 03:49 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2016-05-14 12:20 - 2015-01-07 03:48 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-05-14 12:20 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2016-05-14 12:11 - 2014-12-06 06:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2016-05-14 12:11 - 2014-12-06 05:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2016-05-14 12:11 - 2014-12-06 05:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2016-05-14 12:11 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2016-05-14 12:11 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2016-05-14 12:06 - 2014-12-19 05:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-05-14 12:03 - 2014-11-11 05:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2016-05-14 12:03 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2016-05-14 12:00 - 2014-08-12 04:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-05-14 12:00 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-05-14 11:57 - 2014-10-14 04:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2016-05-14 11:56 - 2016-05-14 11:56 - 00000000 ____D C:\77e069fe5d9a2b47ebdc6d1bb2de4e5a
2016-05-14 11:47 - 2014-10-25 03:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2016-05-14 11:47 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2016-05-14 11:44 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-05-14 11:44 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2016-05-14 11:44 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2016-05-14 11:44 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2016-05-14 11:44 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2016-05-14 11:42 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-05-14 11:42 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-05-14 11:37 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-05-14 11:37 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2016-05-14 11:37 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2016-05-14 11:37 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2016-05-14 11:37 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2016-05-14 11:37 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2016-05-14 11:32 - 2016-05-14 11:32 - 00000000 ____D C:\6d455fc4066cfcbd7712c07d4093
2016-05-14 11:23 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2016-05-14 11:23 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2016-05-14 11:23 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-05-14 11:23 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-05-14 11:23 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2016-05-14 11:23 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2016-05-14 11:23 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2016-05-14 11:23 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2016-05-14 11:11 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2016-05-14 11:11 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2016-05-14 11:08 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-05-14 11:08 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-05-14 11:08 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-05-14 11:07 - 2015-08-18 22:06 - 424425476 _____ C:\Users\Umbrella Hunter\Desktop\Dominant Mom has sex with Boy.mpg
2016-05-14 11:05 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2016-05-14 11:05 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2016-05-14 11:05 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2016-05-14 11:05 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2016-05-14 11:05 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2016-05-14 11:05 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2016-05-14 11:05 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2016-05-14 11:05 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2016-05-14 11:05 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2016-05-14 11:05 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2016-05-14 11:05 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2016-05-14 11:05 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2016-05-14 11:05 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2016-05-14 11:05 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2016-05-14 11:04 - 2016-05-14 11:04 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Roaming\Xilisoft
2016-05-14 11:04 - 2016-05-14 11:04 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Local\Mozilla
2016-05-14 11:03 - 2016-05-14 11:03 - 00000000 ____D C:\ProgramData\Xilisoft
2016-05-14 11:03 - 2016-05-14 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
2016-05-14 11:03 - 2016-05-14 11:03 - 00000000 ____D C:\Program Files (x86)\Xilisoft
2016-05-14 11:01 - 2016-05-14 11:01 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Roaming\WinRAR
2016-05-14 11:00 - 2016-05-14 11:00 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-05-14 11:00 - 2016-05-14 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-05-14 10:59 - 2016-05-14 10:59 - 00000000 ____D C:\23de46e8b0d268614a7fac99
2016-05-14 10:57 - 2016-05-14 11:01 - 00000000 ____D C:\ProgramData\Adobe
2016-05-14 10:57 - 2016-05-14 10:57 - 00000778 _____ C:\Users\Umbrella Hunter\Desktop\UseNeXT.lnk
2016-05-14 10:57 - 2016-05-14 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2016-05-14 10:56 - 2016-05-14 10:56 - 00002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-14 10:56 - 2016-05-14 10:56 - 00002247 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-14 10:55 - 2016-05-15 09:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-14 10:55 - 2016-05-14 10:55 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-14 10:55 - 2016-05-14 10:55 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-05-14 10:55 - 2016-05-14 10:55 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2016-05-14 10:55 - 2016-05-14 10:55 - 00000000 ____D C:\ProgramData\Mozilla
2016-05-14 10:55 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-05-14 10:55 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-05-14 10:54 - 2016-05-15 18:18 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-14 10:54 - 2016-05-15 18:08 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-14 10:54 - 2016-05-14 20:16 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Local\Google
2016-05-14 10:54 - 2016-05-14 11:01 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-14 10:54 - 2016-05-14 11:01 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-14 10:54 - 2016-05-14 10:56 - 00000000 ____D C:\Program Files (x86)\Google
2016-05-14 10:53 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-05-14 10:53 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-05-14 10:53 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-05-14 10:53 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-05-14 10:53 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-05-14 10:52 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2016-05-14 10:52 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2016-05-14 10:52 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2016-05-14 10:52 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2016-05-14 10:52 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2016-05-14 10:52 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2016-05-14 10:52 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2016-05-14 10:52 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2016-05-14 10:51 - 2016-05-14 10:52 - 00000000 ___RD C:\Users\Umbrella Hunter\Desktop\Programme
2016-05-14 10:50 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2016-05-14 10:50 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2016-05-14 10:46 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-05-14 10:46 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-05-14 10:46 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-05-14 10:46 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-05-14 10:46 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-05-14 10:34 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2016-05-14 10:34 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2016-05-14 10:33 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2016-05-14 10:33 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2016-05-14 10:33 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2016-05-14 10:33 - 2012-11-29 00:56 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2016-05-14 10:32 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-05-14 10:32 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2016-05-14 10:21 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2016-05-14 10:21 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2016-05-14 10:21 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2016-05-14 10:21 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2016-05-14 10:20 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-05-14 10:20 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-05-14 10:16 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2016-05-14 10:10 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2016-05-14 10:10 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2016-05-14 10:05 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2016-05-14 10:05 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2016-05-14 10:02 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2016-05-14 10:02 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2016-05-14 10:02 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2016-05-14 10:02 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2016-05-14 10:02 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2016-05-14 10:01 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-05-14 09:59 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2016-05-14 09:59 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2016-05-14 09:57 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2016-05-14 09:57 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2016-05-14 09:55 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2016-05-14 09:51 - 2012-03-01 08:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2016-05-14 09:51 - 2012-03-01 08:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2016-05-14 09:51 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2016-05-14 09:50 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-05-14 09:50 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-05-14 09:50 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2016-05-14 09:49 - 2011-12-16 10:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2016-05-14 09:49 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2016-05-14 09:43 - 2011-08-17 07:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2016-05-14 09:43 - 2011-08-17 07:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2016-05-14 09:43 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2016-05-14 09:43 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2016-05-14 09:42 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2016-05-14 09:42 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2016-05-14 09:41 - 2011-06-15 12:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2016-05-14 09:41 - 2011-06-15 12:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2016-05-14 09:41 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2016-05-14 09:41 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2016-05-14 09:41 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2016-05-14 09:41 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2016-05-14 09:41 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2016-05-14 09:41 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2016-05-14 09:41 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2016-05-14 09:39 - 2011-05-24 13:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2016-05-14 09:39 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2016-05-14 09:39 - 2011-05-24 12:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2016-05-14 09:39 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2016-05-14 09:39 - 2011-05-24 12:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2016-05-14 09:39 - 2011-04-29 05:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-05-14 09:39 - 2011-04-29 05:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-05-14 09:39 - 2011-04-29 05:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-05-14 09:37 - 2011-05-03 07:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-05-14 09:37 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-05-14 09:36 - 2011-03-03 08:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-05-14 09:36 - 2011-03-03 08:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2016-05-14 09:36 - 2011-03-03 08:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2016-05-14 09:36 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-05-14 09:36 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2016-05-14 09:35 - 2011-03-11 08:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2016-05-14 09:35 - 2011-03-11 08:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2016-05-14 09:35 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2016-05-14 09:35 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2016-05-14 09:34 - 2011-02-12 13:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2016-05-14 09:33 - 2011-02-23 06:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-05-14 09:32 - 2010-12-23 12:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2016-05-14 09:32 - 2010-12-23 12:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2016-05-14 09:32 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2016-05-14 09:32 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2016-05-14 09:24 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2016-05-14 09:20 - 2016-05-14 09:20 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2016-05-14 09:20 - 2016-05-14 09:20 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2016-05-14 09:20 - 2016-05-14 09:20 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2016-05-14 09:20 - 2016-05-14 09:20 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2016-05-14 09:20 - 2016-05-14 09:20 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2016-05-14 09:20 - 2016-05-14 09:20 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2016-05-14 09:20 - 2016-05-14 09:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2016-05-14 09:20 - 2016-05-14 09:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2016-05-14 09:20 - 2016-05-14 09:20 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2016-05-14 09:20 - 2016-05-14 09:20 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2016-05-14 09:20 - 2016-05-14 09:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2016-05-14 09:20 - 2016-05-14 09:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2016-05-14 09:20 - 2016-05-14 09:20 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2016-05-14 09:20 - 2016-05-14 09:20 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-05-14 09:20 - 2016-05-14 09:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-05-14 09:20 - 2016-05-14 09:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-05-14 09:20 - 2016-05-14 09:20 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-05-14 09:19 - 2016-05-14 09:19 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-05-14 09:19 - 2016-05-14 09:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-05-14 09:19 - 2016-05-14 09:19 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2016-05-14 09:17 - 2016-05-14 09:17 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-05-14 09:17 - 2016-05-14 09:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-05-14 09:16 - 2016-05-14 09:16 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-05-14 09:16 - 2016-05-14 09:16 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-05-14 09:13 - 2016-05-14 09:13 - 1784728766 _____ (Igor Pavlov) C:\Users\Umbrella Hunter\Desktop\WinFuture_7SP1_x64_UpdatePack_2.64_Mai_2016-Vollversion.exe
2016-05-14 09:06 - 2016-05-14 09:06 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Roaming\Avira
2016-05-14 09:05 - 2016-05-14 09:05 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Roaming\Macromedia
2016-05-14 09:02 - 2016-05-15 19:00 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-14 09:02 - 2016-05-15 10:30 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-14 09:02 - 2016-05-15 10:30 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-14 09:02 - 2016-05-15 10:30 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-14 09:02 - 2016-05-14 09:02 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-05-14 09:02 - 2016-05-14 09:02 - 00000000 ____D C:\Windows\system32\Macromed
2016-05-14 09:02 - 2016-05-14 09:02 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Roaming\Adobe
2016-05-14 09:01 - 2016-05-15 10:31 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Local\Adobe
2016-05-14 09:01 - 2016-05-14 11:04 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Roaming\Mozilla
2016-05-14 09:00 - 2016-04-04 17:07 - 00154816 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-05-14 09:00 - 2016-04-04 17:07 - 00141920 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-05-14 09:00 - 2016-04-04 17:07 - 00079696 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-05-14 09:00 - 2016-04-04 17:07 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2016-05-14 08:59 - 2016-05-14 09:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-05-14 08:59 - 2016-05-14 09:00 - 00000000 ____D C:\ProgramData\Avira
2016-05-14 08:59 - 2016-05-14 09:00 - 00000000 ____D C:\Program Files (x86)\Avira
2016-05-14 08:59 - 2016-05-14 08:59 - 00001210 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-05-14 08:59 - 2016-05-14 08:59 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-14 08:05 - 2016-05-14 08:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2016-05-14 08:05 - 2016-05-14 08:05 - 00000000 ____D C:\Program Files (x86)\FinalWire
2016-05-13 21:25 - 2016-05-13 21:25 - 00002978 _____ C:\Windows\System32\Tasks\ATKOSD2
2016-05-13 21:24 - 2016-05-13 21:25 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-05-13 21:24 - 2016-05-13 21:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-05-13 21:22 - 2015-09-23 09:03 - 00117824 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2016-05-13 21:22 - 2015-09-23 09:00 - 00981744 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2016-05-13 21:14 - 2016-05-15 17:56 - 00000000 ____D C:\Windows\Panther
2016-05-13 21:07 - 2016-05-13 21:07 - 00000000 ____D C:\Windows\system32\nn-NO
2016-05-13 21:07 - 2016-05-13 21:07 - 00000000 ____D C:\Windows\Options
2016-05-13 21:07 - 2016-05-13 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros
2016-05-13 21:07 - 2016-05-13 21:07 - 00000000 ____D C:\Program Files (x86)\Atheros
2016-05-13 21:07 - 2010-12-20 19:20 - 00443040 _____ (Atheros) C:\Windows\system32\athihvs.dll
2016-05-13 21:07 - 2010-12-20 19:20 - 00063648 _____ (Atheros) C:\Windows\system32\athihvui.dll
2016-05-13 21:06 - 2016-05-13 21:06 - 00000000 ____D C:\Windows.old
2016-05-13 21:06 - 2016-05-13 21:06 - 00000000 ____D C:\ProgramData\Atheros
2016-05-13 21:05 - 2016-05-13 21:05 - 00000000 ____D C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation
2016-05-13 21:05 - 2011-03-10 14:43 - 00053918 _____ C:\Windows\system32\athrextx.cat
2016-05-13 21:05 - 2011-03-07 11:21 - 01594368 _____ (Atheros Communications, Inc.) C:\Windows\system32\athrx.sys
2016-05-13 21:03 - 2016-05-13 21:03 - 00000000 ____D C:\ProgramData\Qualcomm Atheros
2016-05-13 20:48 - 2016-05-14 18:47 - 00002509 _____ C:\Users\Umbrella Hunter\Desktop\Owner Commands.txt
2016-05-13 20:48 - 2016-05-13 19:40 - 00067158 _____ C:\Users\Umbrella Hunter\Desktop\bookmarks-2016-05-13.json
2016-05-13 20:48 - 2016-05-13 19:39 - 00078445 _____ C:\Users\Umbrella Hunter\Desktop\password-export-2016-05-13.xml
2016-05-13 20:48 - 2016-05-13 17:40 - 00000894 _____ C:\Users\Umbrella Hunter\Desktop\Kinofilme suchen.txt
2016-05-13 20:48 - 2016-04-29 17:02 - 00000262 _____ C:\Users\Umbrella Hunter\Desktop\Fixlist.txt
2016-05-13 20:48 - 2016-03-28 18:51 - 00000105 _____ C:\Users\Umbrella Hunter\Desktop\Mygully.txt
2016-05-13 20:42 - 2016-05-13 20:42 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Roaming\Synaptics
2016-05-13 20:41 - 2016-05-15 18:07 - 00000000 __SHD C:\Users\Umbrella Hunter\IntelGraphicsProfiles
2016-05-13 20:41 - 2016-05-13 20:41 - 00016260 _____ C:\Windows\system32\results.xml
2016-05-13 20:39 - 2016-05-13 20:39 - 00000000 ____D C:\ProgramData\Temp
2016-05-13 20:37 - 2016-05-13 20:37 - 00188565 _____ C:\Windows\system32\Drivers\RTWAVES40.dat
2016-05-13 20:37 - 2016-05-13 20:37 - 00001306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2016-05-13 20:37 - 2016-05-13 20:37 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-05-13 20:37 - 2016-05-13 20:37 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-05-13 20:37 - 2016-05-13 20:37 - 00000000 ____D C:\Program Files\Realtek
2016-05-13 20:37 - 2013-11-29 02:19 - 33683968 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-05-13 20:37 - 2013-11-29 02:19 - 03671768 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-05-13 20:37 - 2013-11-29 02:19 - 02809048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 02586840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-05-13 20:37 - 2013-11-29 02:19 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 01005784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00916016 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00648837 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-05-13 20:37 - 2013-11-29 02:19 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00149720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2016-05-13 20:37 - 2013-11-29 02:19 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 27518208 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 02032896 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 01916672 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-05-13 20:37 - 2013-11-29 02:18 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-05-13 20:37 - 2013-09-09 16:02 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-05-13 20:37 - 2013-09-09 16:02 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-05-13 20:37 - 2013-09-09 16:01 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-05-13 20:37 - 2013-09-09 16:01 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-05-13 20:37 - 2012-08-31 07:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-05-13 20:37 - 2012-08-31 07:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-05-13 20:37 - 2012-08-31 07:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-05-13 20:37 - 2012-08-31 07:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-05-13 20:37 - 2012-08-31 07:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-05-13 20:36 - 2016-05-13 20:36 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Roaming\Intel
2016-05-13 20:36 - 2013-11-29 02:18 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2016-05-13 20:35 - 2016-05-13 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2016-05-13 20:35 - 2016-05-13 20:35 - 00000000 ____D C:\ProgramData\Intel
2016-05-13 20:35 - 2016-05-13 20:35 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-05-13 20:34 - 2016-05-13 20:34 - 00000000 ____D C:\SWTOOLS
2016-05-13 20:34 - 2013-02-27 15:37 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2016-05-13 20:33 - 2016-05-13 20:33 - 00003480 _____ C:\Windows\System32\Tasks\{BF9BE503-CA41-4A91-A546-90B418686A31}
2016-05-13 20:33 - 2016-05-13 20:33 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2016-05-13 20:33 - 2016-05-13 20:33 - 00000000 ____D C:\Program Files\Synaptics
2016-05-13 20:33 - 2011-03-31 19:32 - 01424944 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2016-05-13 20:33 - 2011-03-31 19:29 - 00411432 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2016-05-13 20:33 - 2011-03-31 19:29 - 00274728 _____ (Synaptics Incorporated) C:\Windows\system32\SynCtrl.dll
2016-05-13 20:33 - 2011-03-31 19:29 - 00225576 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2016-05-13 20:33 - 2011-03-31 19:29 - 00218408 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCtrl.dll
2016-05-13 20:33 - 2011-03-31 19:29 - 00173352 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCOM.dll
2016-05-13 20:33 - 2011-03-31 19:29 - 00148264 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo9.dll
2016-05-13 20:33 - 2011-03-31 19:29 - 00107816 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCOM.dll
2016-05-13 20:33 - 2011-03-31 19:29 - 00066856 _____ C:\Windows\SysWOW64\SynTPEnhPS.dll
2016-05-13 20:33 - 2009-08-07 10:49 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2016-05-13 20:32 - 2016-05-13 20:37 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-05-13 20:32 - 2016-05-13 20:34 - 00000000 ____D C:\Program Files (x86)\Intel
2016-05-13 20:32 - 2016-05-13 20:32 - 00000000 ____D C:\ProgramData\Synaptics
2016-05-13 20:32 - 2016-05-13 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scrybe
2016-05-13 20:32 - 2016-05-13 20:32 - 00000000 ____D C:\Program Files (x86)\Synaptics
2016-05-13 20:31 - 2016-05-13 20:35 - 00000000 ____D C:\Program Files\Intel
2016-05-13 20:30 - 2016-05-13 20:30 - 00000000 ____D C:\Program Files\ATI Technologies
2016-05-13 20:30 - 2016-05-13 20:30 - 00000000 ____D C:\Program Files\ATI
2016-05-13 20:30 - 2016-05-13 20:30 - 00000000 ____D C:\Program Files (x86)\AMD APP
2016-05-13 20:29 - 2016-05-13 20:29 - 00000000 ____D C:\ProgramData\Ralink Driver
2016-05-13 20:29 - 2014-04-02 15:00 - 00382204 _____ C:\Windows\SysWOW64\Drivers\FW7650.bin
2016-05-13 20:29 - 2014-04-02 15:00 - 00382204 _____ C:\Windows\system32\Drivers\FW7650.bin
2016-05-13 20:28 - 2016-05-14 08:09 - 00000000 ____D C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver
2016-05-13 20:28 - 2016-05-13 20:41 - 00000000 ____D C:\Intel
2016-05-13 20:28 - 2016-05-13 20:28 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-05-13 20:28 - 2014-01-10 17:57 - 03073752 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlane.sys
2016-05-13 20:28 - 2013-12-05 14:39 - 00454360 _____ (Realtek) C:\Windows\SwUSB.exe
2016-05-13 20:28 - 2013-10-18 16:42 - 00048856 _____ () C:\Windows\runSW.exe
2016-05-13 20:28 - 2012-02-14 19:37 - 00594432 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll
2016-05-13 20:28 - 2010-12-01 09:31 - 00451072 _____ C:\Windows\SysWOW64\ISSRemoveSP.exe
2016-05-13 20:26 - 2016-05-14 08:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-05-13 20:26 - 2016-05-13 21:22 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-05-13 20:25 - 2016-05-14 09:30 - 00001409 _____ C:\Users\Umbrella Hunter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-05-13 20:24 - 2016-05-14 18:38 - 00000000 ____D C:\Users\Umbrella Hunter
2016-05-13 20:24 - 2016-05-13 20:24 - 00000020 ___SH C:\Users\Umbrella Hunter\ntuser.ini
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Umbrella Hunter\Vorlagen
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Umbrella Hunter\Startmenü
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Umbrella Hunter\Netzwerkumgebung
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Umbrella Hunter\Lokale Einstellungen
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Umbrella Hunter\Eigene Dateien
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Umbrella Hunter\Druckumgebung
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Umbrella Hunter\Documents\Eigene Videos
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Umbrella Hunter\Documents\Eigene Musik
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Umbrella Hunter\Documents\Eigene Bilder
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Umbrella Hunter\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Umbrella Hunter\AppData\Local\Verlauf
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Umbrella Hunter\AppData\Local\Anwendungsdaten
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Umbrella Hunter\Anwendungsdaten
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Programme
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\ProgramData\Vorlagen
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\ProgramData\Startmenü
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\ProgramData\Favoriten
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\ProgramData\Dokumente
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 _SHDL C:\Dokumente und Einstellungen
2016-05-13 20:24 - 2016-05-13 20:24 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Local\VirtualStore
2016-05-13 20:24 - 2011-04-12 09:54 - 00000000 ____D C:\Users\Umbrella Hunter\AppData\Roaming\Media Center Programs
2016-05-13 20:19 - 2016-05-13 20:19 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-05-13 20:19 - 2016-05-13 20:19 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-05-13 20:18 - 2016-05-13 20:18 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-15 18:25 - 2011-04-12 09:43 - 00698926 _____ C:\Windows\system32\perfh007.dat
2016-05-15 18:25 - 2011-04-12 09:43 - 00149034 _____ C:\Windows\system32\perfc007.dat
2016-05-15 18:25 - 2009-07-14 07:13 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-15 18:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-15 18:18 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2016-05-15 18:17 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-15 18:15 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-15 18:15 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-15 17:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-05-15 10:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-05-15 09:17 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-05-15 09:06 - 2011-04-12 09:55 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-15 09:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2016-05-15 09:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-05-15 09:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2016-05-15 09:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-05-15 09:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2016-05-14 15:57 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2016-05-14 15:57 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-05-14 15:57 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-05-13 21:38 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-05-13 21:14 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-05-13 21:05 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-05-13 20:40 - 2010-11-21 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2016-05-13 20:40 - 2010-11-21 05:24 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2016-05-13 20:40 - 2010-11-21 05:23 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2016-05-13 20:24 - 2010-11-21 04:50 - 00000000 ____D C:\Users\Administrator
2016-05-13 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-13 20:24 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT
2016-05-13 20:19 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-05-13 20:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-04-30 04:03 - 2014-04-30 04:03 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2016-05-13 20:37 - 2016-05-13 20:37 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Umbrella Hunter\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

==================== BCD ================================

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
default                 {current}
resumeobject            {8c853832-193d-11e6-aecd-c1c0752c0c8c}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows-Startladeprogramm
-------------------------
Bezeichner              {47b907ea-7fcc-11e5-abf0-de7eb5b11e81}
device                  ramdisk=[D:]\Recovery\47b907ea-7fcc-11e5-abf0-de7eb5b11e81\Winre.wim,{47b907eb-7fcc-11e5-abf0-de7eb5b11e81}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[D:]\Recovery\47b907ea-7fcc-11e5-abf0-de7eb5b11e81\Winre.wim,{47b907eb-7fcc-11e5-abf0-de7eb5b11e81}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Windows-Startladeprogramm
-------------------------
Bezeichner              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {8c853834-193d-11e6-aecd-c1c0752c0c8c}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {8c853832-193d-11e6-aecd-c1c0752c0c8c}
nx                      OptIn

Windows-Startladeprogramm
-------------------------
Bezeichner              {8c853834-193d-11e6-aecd-c1c0752c0c8c}
device                  ramdisk=[C:]\Recovery\8c853834-193d-11e6-aecd-c1c0752c0c8c\Winre.wim,{8c853835-193d-11e6-aecd-c1c0752c0c8c}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\8c853834-193d-11e6-aecd-c1c0752c0c8c\Winre.wim,{8c853835-193d-11e6-aecd-c1c0752c0c8c}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {8c853832-193d-11e6-aecd-c1c0752c0c8c}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows-Speicherdiagnose
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                 Yes

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                 {globalsettings}

Ger„teoptionen
--------------
Bezeichner              {8c853835-193d-11e6-aecd-c1c0752c0c8c}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\8c853834-193d-11e6-aecd-c1c0752c0c8c\boot.sdi



LastRegBack: 2016-05-13 20:15

==================== Ende von FRST.txt ============================



#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:38 AM

Posted 20 May 2016 - 09:52 AM

Greetings Umbrella12 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. I am not sure this is malware related so I may or may not be able to help you. Let's take a look at some information.

Please delete the existing FRST program and then do this.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your Desktop. <<< Important
  • Rename the file to FRSTenglish
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Leave the other default selections
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Farbar's MiniToolBox

--------------------
  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure only the following options are checked:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries

  • Click Go and once the scan is completed a MTB.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log
  • MTB.txt
  • System Summary Information

Edited by Oh My!, 20 May 2016 - 09:55 AM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 Umbrella12

Umbrella12
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:38 AM

Posted 22 May 2016 - 03:36 AM

THX for your answer, the topic can be closed..   It was not a hack or ddos attack.  The amplifier had no power of my provider . But this was remedied .



#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:38 AM

Posted 22 May 2016 - 08:22 AM

Thanks for letting us know.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:38 AM

Posted 22 May 2016 - 08:22 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users