Systemauslastung nach Malware Bereinigung ohne mein zutun über 50 % !!!!!

Raiker · 18.04.2016, 23:04

Hallo Experten -Gemeinde

ich habe mir vor einiger Zeit aus Unwissenheit eine Menge Ad und Malware auf mein System geladen. Ein großteil dieser konnte ich durch die gängigen Anti Ad -Malware entfernen. Leider sieht es aber so aus als ob ich mir richtig fiese Malware , welche sich nicht so einfach entfernen lässt eingefangen habe.
Auf einen Tip von einem Freund habe ich mir das Programm OTL besorgt. Das Ergibniss von OTL habe ich nun unten angefügt, in der hoffnung das einer von euch mir helfen kann.

Weiß nicht mehr weiter.. Vielen Dank schon mal

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 18.04.2016 23:34:32 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = I:\Programme\Viren killer
64bit- Enterprise Edition (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10586.0)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
7,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 79,00% Memory free
9,00 Gb Paging File | 7,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,92 Gb Total Space | 243,46 Gb Free Space | 81,45% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 296,76 Gb Total Space | 101,72 Gb Free Space | 34,28% Space Free | Partition Type: NTFS
Drive F: | 197,20 Gb Total Space | 60,02 Gb Free Space | 30,44% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 268,55 Gb Total Space | 68,74 Gb Free Space | 25,60% Space Free | Partition Type: NTFS
 
Computer Name: BASEMASCHINE
Current User Name: Raik-Raiker
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" File not found
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CF 14 68 A3 D7 92 D1 01 [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
"DontEnumerateCommonFilesUpgradeExe" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{063E67F0-C298-8A2A-0FA6-84C15322A4E0}" = ccc-utility64
"{396FF2B1-6FD6-4BA4-AA6D-3C909E8D12FF}" = FMW 1
"{47EF2552-84E8-4810-B710-22770CAB803B}" = Max 7 (64-bit)
"{77D0571D-D8A9-4FA0-9DE4-5D8489FB0C9E}" = Ableton Live 9 Suite
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{E7366CA8-7179-77AE-E712-BA18D70A0A07}" = AMD Fuel
"ARIA Engine_is1" = ARIA Engine v1.8.2.2
"CCleaner" = CCleaner
"Effectrix_is1" = Sugar Bytes Effectrix 1.4.2
"VLC media player" = VLC media player
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07326A3E-02B3-1078-25D7-B8666BA8FE15}" = CCC Help Korean
"{078E1F5C-C102-4701-9D9D-7D49BA41AB7A}_is1" = Aalto VST version 1.3.2
"{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF}" = CCC Help Finnish
"{11087D24-567D-7D88-69C6-D7A08B5F4C47}" = Catalyst Control Center - Branding
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{1AD99E77-37CC-744E-39CA-67F6FD34565A}" = Catalyst Control Center Localization All
"{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6}" = CCC Help English
"{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C}" = CCC Help French
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F}" = CCC Help Russian
"{2D07E15C-A9A4-D8D6-D371-92EC8779E587}" = CCC Help Hungarian
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0}" = CCC Help Spanish
"{35A71DED-DA81-1313-352A-EC8A0B27DF3B}" = CCC Help Chinese Standard
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{64D5A142-BD50-726E-ED9E-D2508D2A17E2}" = Catalyst Control Center InstallProxy
"{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494}" = CCC Help German
"{79D22166-78C1-2AD4-04E7-BD22BD58FD46}" = CCC Help Chinese Traditional
"{82CA1714-13EA-F419-91FE-12834424745E}" = CCC Help Italian
"{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68}" = CCC Help Turkish
"{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81}" = CCC Help Swedish
"{A5A6A4D0-2005-2A05-2E21-495808CF95ED}" = CCC Help Norwegian
"{A760847A-C4D9-E7EF-716F-07C6CBF6B147}" = CCC Help Thai
"{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2}" = AMD Catalyst Control Center
"{B839153C-D4D2-F89C-5033-0A160C62706B}" = CCC Help Portuguese
"{C1EA3764-1138-AE27-AD63-549BAD99BA15}" = CCC Help Japanese
"{C3D13AB8-468A-0174-1D06-DB9AAE8A131B}" = CCC Help Czech
"{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E}" = CCC Help Dutch
"{E817E580-6318-AFC8-2102-322C73117EC4}" = CCC Help Polish
"{F77474EE-EB6C-C87B-88AF-3310C848E068}" = CCC Help Greek
"{F8DDBE95-DCBE-03B5-5359-DE3601146E21}" = CCC Help Danish
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"ASIO4ALL" = ASIO4ALL
"Burt Free2.0" = Burt Free
"DAEMON Tools Lite" = DAEMON Tools Lite
"Google Chrome" = Google Chrome
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.2.1.1043
"NewsLeecher_is1" = NewsLeecher v5.0 Final
"PhonicUSB Driver v1.35.03" = PhonicUSB Driver v1.35.03
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"WUCCCApp" = AMD Catalyst Control Center
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 18.04.2016 17:16:11 | Computer Name = BaseMaschine | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“
ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie
im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Error - 18.04.2016 17:16:11 | Computer Name = BaseMaschine | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“
ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie
im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Error - 18.04.2016 17:18:55 | Computer Name = BaseMaschine | Source = Software Protection Platform Service | ID = 8198
Description = Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode: hr=0x8007232B
Befehlszeilenargumente:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 
Error - 18.04.2016 17:18:56 | Computer Name = BaseMaschine | Source = Software Protection Platform Service | ID = 8198
Description = Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode: hr=0x8007232B
Befehlszeilenargumente:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable
 
Error - 18.04.2016 17:19:16 | Computer Name = BaseMaschine | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“
ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie
im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Error - 18.04.2016 17:19:24 | Computer Name = BaseMaschine | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“
ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie
im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Error - 18.04.2016 17:21:15 | Computer Name = BaseMaschine | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“
ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie
im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Error - 18.04.2016 17:21:38 | Computer Name = BaseMaschine | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“
ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie
im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Error - 18.04.2016 17:24:41 | Computer Name = BaseMaschine | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“
ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie
im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Error - 18.04.2016 17:30:55 | Computer Name = BaseMaschine | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“
ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie
im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
[ System Events ]
Error - 18.04.2016 16:58:20 | Computer Name = BaseMaschine | Source = Service Control Manager | ID = 7031
Description = Der Dienst "AVG Service" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt:
Restart the service.
 
Error - 18.04.2016 17:13:13 | Computer Name = BaseMaschine | Source = DCOM | ID = 10016
Description = 
 
Error - 18.04.2016 17:13:13 | Computer Name = BaseMaschine | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Sync Host_3244a" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt:
Restart the service.
 
Error - 18.04.2016 17:15:15 | Computer Name = BaseMaschine | Source = bowser | ID = 8016
Description = 
 
Error - 18.04.2016 17:16:01 | Computer Name = BaseMaschine | Source = DCOM | ID = 10001
Description = 
 
Error - 18.04.2016 17:16:03 | Computer Name = BaseMaschine | Source = DCOM | ID = 10001
Description = 
 
Error - 18.04.2016 17:16:05 | Computer Name = BaseMaschine | Source = DCOM | ID = 10001
Description = 
 
Error - 18.04.2016 17:16:07 | Computer Name = BaseMaschine | Source = DCOM | ID = 10001
Description = 
 
Error - 18.04.2016 17:16:09 | Computer Name = BaseMaschine | Source = DCOM | ID = 10001
Description = 
 
Error - 18.04.2016 17:16:11 | Computer Name = BaseMaschine | Source = DCOM | ID = 10001
Description = 
 
 
< End of report >

--- --- ---

cosinus · 18.04.2016, 23:32

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Raiker · 18.04.2016, 23:58

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
Ran by Raik-Raiker (administrator) on BASEMASCHINE (19-04-2016 00:41:37)
Running from C:\Users\Raik-Raiker\Desktop
Loaded Profiles: Raik-Raiker (Available Profiles: Raik-Raiker)
Platform: Windows 10 Enterprise Version 1511 (X64) Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Phonic) C:\Program Files\Phonic\phonicusb_Driver\phonicusbsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\Windows-KB890830-x64-V5.35.exe
(Microsoft Corporation) C:\Windows\System32\MRT.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\RunOnce: [Uninstall C:\Users\Raik-Raiker\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Raik-Raiker\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhonicUSB Control Panel.lnk [2016-04-16]
ShortcutTarget: PhonicUSB Control Panel.lnk -> C:\Program Files\Phonic\phonicusb_Driver\phonicusbcpl.exe (Phonic)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{6a3b3e23-7265-49a1-b475-57eebaecf69e}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-10] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.hohosearch.com/?mode=nnnb&ptid=epf1&uid=FFF86F512F5EF7566FF7D6C0A9806227&v=20160415&ts=AHEqA3QtBn8sB0..
CHR StartupUrls: Default -> "hxxp://www.hohosearch.com/?mode=nnnb&ptid=epf1&uid=FFF86F512F5EF7566FF7D6C0A9806227&v=20160415&ts=AHEqA3QtBn8sB0.."
CHR DefaultSearchURL: Default -> hxxp://www.hohosearch.com/chrome.php?q={searchTerms}&ts=AHEqA3QtBn8sB0..&v=20160415&uid=FFF86F512F5EF7566FF7D6C0A9806227&ptid=epf1&mode=nnnb
CHR DefaultSearchKeyword: Default -> hohosearch
CHR Profile: C:\Users\Raik-Raiker\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Raik-Raiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-11]
CHR Extension: (Google Docs) - C:\Users\Raik-Raiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-11]
CHR Extension: (Google Drive) - C:\Users\Raik-Raiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-11]
CHR Extension: (YouTube) - C:\Users\Raik-Raiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-11]
CHR Extension: (Google Tabellen) - C:\Users\Raik-Raiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-11]
CHR Extension: (Google Docs Offline) - C:\Users\Raik-Raiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Raik-Raiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-11]
CHR Extension: (Google Mail) - C:\Users\Raik-Raiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-11]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 PhonicUSBsvc; C:\Program Files\Phonic\phonicusb_Driver\phonicusbsvc.exe [134408 2013-09-11] (Phonic)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 AMD FUEL Service; "C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService [X]
S2 avgsvc; "C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4342936 2015-09-21] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2016-01-07] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [270912 2016-04-12] (DT Soft Ltd)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-19] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [45720 2015-12-31] (Toshiba Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-19 00:41 - 2016-04-19 00:42 - 00008544 _____ C:\Users\Raik-Raiker\Desktop\FRST.txt
2016-04-19 00:41 - 2016-04-19 00:41 - 00000000 ____D C:\FRST
2016-04-19 00:39 - 2016-04-19 00:40 - 02375680 _____ (Farbar) C:\Users\Raik-Raiker\Desktop\FRST64.exe
2016-04-19 00:34 - 2016-04-19 00:34 - 00000000 ____D C:\ProgramData\USOShared
2016-04-19 00:34 - 2016-04-19 00:34 - 00000000 ____D C:\ProgramData\USOPrivate
2016-04-19 00:11 - 2016-04-19 00:23 - 00000000 ____D C:\Program Files\Unlocker
2016-04-19 00:11 - 2016-04-19 00:11 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2016-04-18 23:18 - 2016-04-18 23:18 - 00000000 ____D C:\Users\Raik-Raiker\Documents\cortana deinstalation
2016-04-18 22:51 - 2016-04-18 22:51 - 00000085 _____ C:\WINDOWS\wininit.ini
2016-04-16 16:27 - 2016-04-16 13:00 - 00451800 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160416-162724.backup
2016-04-16 13:00 - 2016-04-10 14:46 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20160416-130004.backup
2016-04-16 12:39 - 2016-04-16 12:39 - 00000000 ____D C:\Program Files\Common Files\AV
2016-04-16 12:32 - 2016-04-16 12:32 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-04-16 12:31 - 2016-04-18 22:52 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-04-16 11:49 - 2016-04-19 00:31 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-16 11:49 - 2016-04-16 12:22 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-04-16 11:48 - 2016-04-16 11:49 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-04-16 11:48 - 2016-04-16 11:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-16 11:48 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-04-16 11:48 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-04-16 11:48 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-04-16 11:15 - 2016-04-16 11:35 - 00000000 ____D C:\WINDOWS\system32\pudf
2016-04-16 11:07 - 2016-04-16 11:36 - 00000000 ____D C:\Program Files (x86)\DesktopPlay
2016-04-16 11:03 - 2016-04-16 11:03 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\Tempfolder
2016-04-16 11:02 - 2016-04-16 11:02 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-16 10:02 - 2016-04-16 10:02 - 04663751 _____ C:\Users\Raik-Raiker\Downloads\Izotope_keygen.zip
2016-04-16 09:45 - 2016-04-16 10:03 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\iZotope
2016-04-16 09:39 - 2016-04-16 11:10 - 00000000 ____D C:\Users\Raik-Raiker\Downloads\!! newsleecher temporary !!
2016-04-16 08:29 - 2016-04-16 08:31 - 00000000 ____D C:\Users\Raik-Raiker\Downloads\i7dPBAuujy
2016-04-16 08:27 - 2016-04-16 08:28 - 00000000 ____D C:\Users\Raik-Raiker\Downloads\qNi37bGa6q
2016-04-16 08:27 - 2016-04-16 08:27 - 00000000 ____D C:\Users\Raik-Raiker\Downloads\VWawSWDdaB
2016-04-16 08:25 - 2016-04-16 08:25 - 00000000 ____D C:\Users\Raik-Raiker\Downloads\clips
2016-04-16 06:58 - 2016-04-16 11:36 - 00000000 ____D C:\Program Files (x86)\Alt.Binz
2016-04-16 06:46 - 2016-04-16 09:45 - 00000000 ____D C:\Users\Raik-Raiker\Documents\iZotope
2016-04-16 06:46 - 2016-04-16 06:52 - 00000000 ____D C:\Program Files (x86)\iZotope
2016-04-16 06:46 - 2016-04-16 06:46 - 00000000 ____D C:\Program Files\Common Files\VST3
2016-04-16 06:45 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r29
2016-04-16 06:45 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r28
2016-04-16 06:45 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r27
2016-04-16 06:45 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r26
2016-04-16 06:45 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r25
2016-04-16 06:45 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r24
2016-04-16 06:45 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r23
2016-04-16 06:45 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r22
2016-04-16 06:44 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r21
2016-04-16 06:44 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r20
2016-04-16 06:44 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r19
2016-04-16 06:44 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r10
2016-04-16 06:44 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r18
2016-04-16 06:44 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r17
2016-04-16 06:44 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r16
2016-04-16 06:44 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r14
2016-04-16 06:44 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r13
2016-04-16 06:44 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r12
2016-04-16 06:44 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r11
2016-04-16 06:44 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r09
2016-04-16 06:43 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r08
2016-04-16 06:43 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r07
2016-04-16 06:43 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r06
2016-04-16 06:43 - 2016-04-16 06:43 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.rar
2016-04-16 06:43 - 2016-04-16 06:43 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r05
2016-04-16 06:43 - 2016-04-16 06:43 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r04
2016-04-16 06:43 - 2016-04-16 06:43 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r03
2016-04-16 06:43 - 2016-04-16 06:43 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r02
2016-04-16 06:43 - 2016-04-16 06:43 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r01
2016-04-16 06:43 - 2016-04-16 06:43 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r00
2016-04-16 06:42 - 2016-04-16 06:43 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part02.1.rar
2016-04-16 06:42 - 2016-04-16 06:43 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part01.1.rar
2016-04-16 06:40 - 2016-04-16 06:41 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part16.rar
2016-04-16 06:36 - 2016-04-16 06:41 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part15.rar
2016-04-16 06:36 - 2016-04-16 06:40 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part14.rar
2016-04-16 06:36 - 2016-04-16 06:40 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part13.rar
2016-04-16 06:36 - 2016-04-16 06:40 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part12.rar
2016-04-16 06:35 - 2016-04-16 06:37 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part11.rar
2016-04-16 06:35 - 2016-04-16 06:36 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part10.rar
2016-04-16 06:35 - 2016-04-16 06:35 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part09.rar
2016-04-16 06:35 - 2016-04-16 06:35 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part08.rar
2016-04-16 06:35 - 2016-04-16 06:35 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part07.rar
2016-04-16 06:34 - 2016-04-16 06:35 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part06.rar
2016-04-16 06:34 - 2016-04-16 06:34 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part05.rar
2016-04-16 06:34 - 2016-04-16 06:34 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part04.rar
2016-04-16 06:34 - 2016-04-16 06:34 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part03.rar
2016-04-16 06:34 - 2016-04-16 06:34 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part02.rar
2016-04-16 06:34 - 2016-04-16 06:34 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part01.rar
2016-04-16 06:33 - 2016-04-16 06:34 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r26
2016-04-16 06:33 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r29
2016-04-16 06:33 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r28
2016-04-16 06:33 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r27
2016-04-16 06:33 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r25
2016-04-16 06:33 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r24
2016-04-16 06:33 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r23
2016-04-16 06:33 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r22
2016-04-16 06:33 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r21
2016-04-16 06:32 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r20
2016-04-16 06:32 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r19
2016-04-16 06:32 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r17
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r18
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r16
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r14
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r13
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r12
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r11
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r10
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r09
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r08
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r07
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r06
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r05
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r04
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r03
2016-04-16 06:31 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r02
2016-04-16 06:31 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r01
2016-04-16 06:31 - 2016-04-16 06:31 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.rar
2016-04-16 06:31 - 2016-04-16 06:31 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r00
2016-04-16 05:24 - 2016-04-16 05:26 - 81893033 _____ C:\Users\Raik-Raiker\Downloads\iZotope Ozone Advanced v7.00 WiN X86 X64-d33p57a7u5.part05.rar
2016-04-16 05:23 - 2016-04-16 05:24 - 104857600 _____ C:\Users\Raik-Raiker\Downloads\iZotope Ozone Advanced v7.00 WiN X86 X64-d33p57a7u5.part04.rar
2016-04-16 05:22 - 2016-04-16 05:23 - 104857600 _____ C:\Users\Raik-Raiker\Downloads\iZotope Ozone Advanced v7.00 WiN X86 X64-d33p57a7u5.part03.rar
2016-04-16 05:20 - 2016-04-16 05:22 - 104857600 _____ C:\Users\Raik-Raiker\Downloads\iZotope Ozone Advanced v7.00 WiN X86 X64-d33p57a7u5.part02.rar
2016-04-16 05:19 - 2016-04-16 05:21 - 104857600 _____ C:\Users\Raik-Raiker\Downloads\iZotope Ozone Advanced v7.00 WiN X86 X64-d33p57a7u5.part01.rar
2016-04-15 23:13 - 2016-04-15 23:13 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\Microsoft_Corporation
2016-04-15 14:16 - 2016-04-15 14:16 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Arturia
2016-04-15 14:12 - 2016-04-15 14:15 - 00000000 ____D C:\ProgramData\Arturia
2016-04-15 14:12 - 2016-04-15 14:12 - 00000000 ____D C:\Program Files (x86)\Arturia
2016-04-15 13:42 - 2016-04-16 07:19 - 00000000 ____D C:\Users\Raik-Raiker\Downloads\porno clips
2016-04-15 12:44 - 2016-04-16 11:35 - 00000000 ____D C:\Users\Raik-Raiker\Documents\TestUnrarit7
2016-04-15 12:39 - 2016-04-15 12:40 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\.unrarit
2016-04-15 12:37 - 2016-04-15 12:37 - 00000000 ____D C:\Program Files (x86)\Nils Maier
2016-04-15 04:05 - 2016-04-15 04:05 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-04-14 21:56 - 2016-04-18 23:21 - 00000000 ____D C:\Users\Raik-Raiker\Documents\Steinberg WaveLab 6.1 Portable Fully Working
2016-04-14 21:43 - 2016-04-14 21:55 - 00625168 _____ C:\Users\Raik-Raiker\Desktop\Spire Ableton Project File.wav.gpk
2016-04-14 21:35 - 2016-04-14 21:35 - 69953672 ____T C:\Users\Raik-Raiker\Desktop\Spire Ableton Project File.wav
2016-04-14 21:35 - 2016-04-14 21:35 - 00672917 ____T C:\Users\Raik-Raiker\Desktop\Spire Ableton Project File.wav.asd
2016-04-14 14:21 - 2016-04-14 14:21 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\PeerDistRepub
2016-04-14 09:22 - 2016-04-14 09:22 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Plogue Art et Technologie, Inc
2016-04-14 09:19 - 2016-04-14 09:19 - 00000000 ____D C:\Program Files\Common Files\VST2
2016-04-14 09:08 - 2016-04-14 09:08 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sugar Bytes
2016-04-14 09:08 - 2016-04-14 09:08 - 00000000 ____D C:\Programme
2016-04-14 09:04 - 2016-04-14 09:04 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Madrona Labs
2016-04-14 09:04 - 2016-04-14 09:04 - 00000000 ____D C:\ProgramData\Madrona Labs
2016-04-14 09:03 - 2016-04-14 12:43 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Plogue
2016-04-14 08:59 - 2016-04-14 08:59 - 00000000 ____D C:\Program Files\Plogue
2016-04-14 07:49 - 2016-04-14 07:49 - 00000000 ____D C:\Users\Raik-Raiker\Documents\Max 7
2016-04-14 07:49 - 2016-04-14 07:49 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Cycling '74
2016-04-14 07:49 - 2016-04-14 07:49 - 00000000 ____D C:\ProgramData\Max 7
2016-04-14 07:31 - 2016-04-16 12:22 - 00002066 _____ C:\Users\Raik-Raiker\Desktop\Ableton Live 9 Suite.lnk
2016-04-14 06:01 - 2016-04-14 06:01 - 00000398 __RSH C:\ProgramData\ntuser.pol
2016-04-14 05:54 - 2016-04-16 12:22 - 00000861 _____ C:\Users\Raik-Raiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Suite.lnk
2016-04-14 05:45 - 2016-04-16 11:25 - 00000000 ____D C:\Users\Raik-Raiker\Downloads\Ableton Live Suite 9.6 (x64) Multi
2016-04-14 05:01 - 2016-04-14 05:01 - 00000000 ____D C:\Users\Raik-Raiker\Documents\Native Instruments
2016-04-14 05:01 - 2016-04-14 05:01 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\Native Instruments
2016-04-14 04:55 - 2016-04-16 11:25 - 00000000 ____D C:\Users\Raik-Raiker\Documents\FabFilter
2016-04-14 04:55 - 2016-04-15 13:04 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\FabFilter
2016-04-14 02:42 - 2016-04-16 11:37 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\vlc
2016-04-14 02:41 - 2016-04-14 02:41 - 00000000 ____D C:\Program Files\VideoLAN
2016-04-13 23:09 - 2016-04-16 12:22 - 00001042 _____ C:\Users\Raik-Raiker\Desktop\NewsLeecher.lnk
2016-04-13 23:09 - 2016-04-15 13:29 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\NewsLeecher
2016-04-13 23:09 - 2016-04-13 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewsLeecher
2016-04-13 23:09 - 2016-04-13 23:09 - 00000000 ____D C:\Program Files (x86)\NewsLeecher
2016-04-13 22:48 - 2016-04-16 11:37 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alt.Binz
2016-04-13 20:56 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-13 20:56 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-13 20:56 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-13 20:56 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 20:56 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-13 20:56 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-13 20:56 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-13 20:55 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-13 20:55 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 20:55 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 20:55 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-13 20:55 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 20:55 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-13 20:55 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 20:55 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-13 20:55 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 20:55 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 20:55 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 20:55 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 20:55 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 20:55 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 20:55 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 20:55 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 20:55 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 20:55 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 20:55 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 20:55 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-13 20:55 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-13 20:55 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-13 20:55 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-13 20:55 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-13 20:55 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 20:55 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-13 20:55 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-13 20:55 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-13 20:55 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-13 20:55 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-13 20:55 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 20:55 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-13 20:55 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-13 20:55 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-13 20:55 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-13 20:55 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 20:55 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-13 20:55 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-13 20:55 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-13 20:55 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-13 20:55 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-13 20:55 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-13 20:55 - 2016-03-29 09:51 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-04-13 20:55 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-13 20:55 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-13 20:55 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 20:55 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-13 20:55 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-13 20:55 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-13 20:55 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 20:55 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-13 20:55 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-13 20:55 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-13 20:55 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 20:55 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 20:55 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 20:55 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 20:55 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 20:55 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 20:55 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-13 20:55 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 20:55 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-13 20:55 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-13 20:55 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 20:55 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-13 20:55 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-13 20:55 - 2016-03-29 09:14 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-04-13 20:55 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 20:55 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-13 20:55 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-13 20:55 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-13 20:55 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 20:55 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-13 20:55 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-13 20:55 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 20:55 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 20:55 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-13 20:55 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 20:55 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-13 20:55 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 20:55 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-13 20:55 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 20:55 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-13 20:55 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 20:55 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-13 20:55 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 20:55 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-13 20:55 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-13 20:55 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-13 20:55 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-13 20:55 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-13 20:55 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 20:55 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 20:55 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-13 20:55 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-13 20:55 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-13 20:55 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-13 20:55 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-13 20:55 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-13 20:55 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-13 20:55 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-13 20:55 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-13 20:55 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 20:55 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-13 20:55 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-13 20:55 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-13 20:55 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 20:55 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-13 20:55 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-13 20:55 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-13 20:55 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-13 20:55 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-13 20:55 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-13 20:55 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-13 20:55 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-13 20:55 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-13 20:55 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 20:55 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-13 20:55 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-13 20:55 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-13 20:55 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-13 20:55 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-13 20:55 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-13 20:55 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-13 20:55 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 20:55 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-13 20:55 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 20:55 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-13 20:55 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-13 20:55 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-13 20:55 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-13 20:55 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-13 20:55 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-13 20:55 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-13 20:55 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 20:55 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-13 20:55 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-13 20:55 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 20:55 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-13 20:55 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-13 20:55 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-13 20:55 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 20:55 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-13 20:54 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-13 20:54 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 20:54 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 20:54 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-13 20:54 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 20:54 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-13 20:54 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 20:54 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-13 20:54 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-13 20:54 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-13 20:54 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-13 20:54 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-13 20:54 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-13 20:54 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 20:54 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-13 20:54 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-13 20:54 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-13 20:54 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-13 20:54 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-13 20:54 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-13 20:54 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-13 20:54 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-13 20:54 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-13 20:54 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-13 20:54 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-13 20:54 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-13 20:54 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-13 20:54 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 20:54 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 20:54 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-13 20:54 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 20:54 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 20:54 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-13 20:54 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 20:54 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-13 20:54 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-13 20:54 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 20:54 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-13 20:54 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 20:54 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-13 20:54 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-13 20:54 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 20:54 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 20:54 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-13 20:54 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-13 20:54 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-13 20:54 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-13 20:54 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-13 20:54 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 20:54 - 2016-03-29 09:54 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-04-13 20:54 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-13 20:54 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 20:54 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-13 20:54 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 20:54 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 20:54 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 20:54 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-13 20:54 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 20:54 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 20:54 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-13 20:54 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 20:54 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-13 20:54 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-13 20:54 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 20:54 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-13 20:54 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-13 20:54 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-13 20:54 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-13 20:54 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-13 20:54 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 20:54 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-13 20:54 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-13 20:54 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-13 20:54 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-13 20:54 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 20:54 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-13 20:54 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 20:54 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-13 20:54 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-13 20:54 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-13 20:54 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-13 20:54 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-13 20:54 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-13 20:54 - 2016-03-29 09:14 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-04-13 20:54 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-13 20:54 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-13 20:54 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-13 20:54 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-13 20:54 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-13 20:54 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-13 20:54 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-13 20:54 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-13 20:54 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 20:54 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-13 20:54 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-13 20:54 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-13 20:54 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-13 20:54 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-13 20:54 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-13 20:54 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 20:54 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-13 20:54 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 20:54 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 20:54 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-13 20:54 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 20:54 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 20:54 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-13 20:54 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-13 20:54 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-13 20:54 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-13 20:54 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 20:54 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-13 20:54 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-13 20:54 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-13 20:54 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-13 20:54 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-13 20:54 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-13 20:54 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-13 20:54 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 20:54 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-13 20:54 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-13 20:54 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-13 20:54 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 20:54 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-13 20:54 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-13 20:54 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-13 20:54 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-13 20:54 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-13 20:54 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-13 20:54 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-13 20:54 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 20:54 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 20:54 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-13 20:54 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-13 20:54 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-13 20:54 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-13 20:54 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 20:54 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-13 20:54 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-13 20:33 - 2016-04-13 20:36 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\Alt.Binz
2016-04-13 20:32 - 2016-04-16 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alt.Binz
2016-04-12 01:33 - 2016-04-16 12:22 - 00000907 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-12 01:33 - 2016-04-12 01:34 - 00000000 ____D C:\Program Files\CCleaner
2016-04-12 01:33 - 2016-04-12 01:33 - 00002876 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-04-12 01:10 - 2016-04-12 01:19 - 00000000 ____D C:\ProgramData\Avg
2016-04-12 01:09 - 2016-04-16 12:22 - 00002019 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-04-12 01:09 - 2016-04-12 01:19 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\AvgSetupLog
2016-04-12 01:09 - 2016-04-12 01:12 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\Avg
2016-04-12 01:09 - 2016-04-12 01:09 - 00270912 _____ (DT Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2016-04-12 01:09 - 2016-04-12 01:09 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2016-04-12 01:08 - 2016-04-18 22:31 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\DAEMON Tools Lite
2016-04-12 01:08 - 2016-04-15 13:25 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-04-12 01:06 - 2016-04-16 12:22 - 00001162 _____ C:\Users\Raik-Raiker\Documents\ASIO4ALL v2 Anleitung.lnk
2016-04-12 01:06 - 2016-04-12 01:06 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2016-04-12 01:06 - 2016-04-12 01:06 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2016-04-12 01:03 - 2016-04-12 01:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phonic
2016-04-12 01:03 - 2016-04-12 01:03 - 00000000 ____D C:\Program Files\Phonic
2016-04-12 00:47 - 2016-04-12 00:47 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-04-11 01:25 - 2016-04-16 12:22 - 00002529 _____ C:\Users\Public\Desktop\Max 7 (64-bit).lnk
2016-04-11 01:25 - 2016-04-11 01:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cycling '74
2016-04-11 01:22 - 2016-04-11 01:22 - 00000000 ____D C:\Program Files\Cycling '74
2016-04-11 00:18 - 2016-04-11 00:18 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\WinRAR
2016-04-11 00:18 - 2016-04-11 00:18 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-11 00:18 - 2016-04-11 00:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-11 00:17 - 2016-04-11 00:18 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-04-11 00:10 - 2016-04-16 12:22 - 00000279 _____ C:\Users\Raik-Raiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2016-04-11 00:00 - 2016-04-16 12:22 - 00002336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-10 23:58 - 2016-04-19 00:31 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-10 23:58 - 2016-04-19 00:03 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-10 23:58 - 2016-04-11 00:44 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\Google
2016-04-10 23:58 - 2016-04-10 23:59 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-10 23:58 - 2016-04-10 23:58 - 00004204 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-04-10 23:58 - 2016-04-10 23:58 - 00003972 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-04-10 23:45 - 2016-04-14 06:04 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Ableton
2016-04-10 23:45 - 2016-04-10 23:45 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2016-04-10 23:41 - 2016-04-14 05:54 - 00000000 ____D C:\ProgramData\Ableton
2016-04-10 23:24 - 2016-04-14 09:08 - 00000000 ____D C:\Users\Raik-Raiker\Documents\Sugar Bytes
2016-04-10 20:18 - 2016-04-14 06:15 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\AMD
2016-04-10 20:18 - 2016-04-10 20:18 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\ATI
2016-04-10 20:18 - 2016-04-10 20:18 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\ATI
2016-04-10 20:18 - 2016-04-10 20:18 - 00000000 ____D C:\ProgramData\ATI
2016-04-10 15:09 - 2016-04-14 13:26 - 00000000 ____D C:\Windows.old
2016-04-10 15:09 - 2016-04-12 01:36 - 00000000 ___DC C:\WINDOWS\Panther
2016-04-10 15:09 - 2016-04-10 15:09 - 00000000 ____D C:\WINDOWS\InfusedApps
2016-04-10 15:08 - 2016-04-10 15:08 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-04-10 15:06 - 2016-04-10 15:06 - 00000000 ____D C:\WINDOWS\Setup
2016-04-10 15:02 - 2016-04-10 15:02 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-04-10 15:02 - 2016-04-10 15:02 - 00000000 ____D C:\WINDOWS\OCR
2016-04-10 15:02 - 2016-04-10 15:02 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-04-10 15:02 - 2016-04-10 15:02 - 00000000 ____D C:\Program Files\MSBuild
2016-04-10 15:02 - 2016-04-10 15:02 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-04-10 15:02 - 2016-04-10 15:02 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-04-10 14:57 - 2016-04-19 00:37 - 00774606 _____ C:\WINDOWS\system32\perfh007.dat
2016-04-10 14:57 - 2016-04-19 00:37 - 00155212 _____ C:\WINDOWS\system32\perfc007.dat
2016-04-10 14:57 - 2016-04-10 14:56 - 00305634 _____ C:\WINDOWS\system32\perfi007.dat
2016-04-10 14:57 - 2016-04-10 14:56 - 00040390 _____ C:\WINDOWS\system32\perfd007.dat
2016-04-10 14:56 - 2016-04-10 15:00 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-04-10 14:56 - 2016-04-10 15:00 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-04-10 14:56 - 2016-04-10 15:00 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-04-10 14:56 - 2016-04-10 15:00 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-04-10 14:56 - 2016-04-10 15:00 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-04-10 14:56 - 2016-04-10 15:00 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-04-10 14:56 - 2016-04-10 15:00 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-04-10 14:56 - 2016-04-10 15:00 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-04-10 14:56 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-04-10 14:56 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\SysWOW64\de
2016-04-10 14:56 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2016-04-10 14:56 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\system32\de
2016-04-10 14:56 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\system32\0409
2016-04-10 14:56 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-04-10 14:52 - 2016-04-06 20:32 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-10 14:52 - 2016-04-06 20:32 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-10 14:50 - 2016-04-10 14:46 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2016-04-10 14:50 - 2016-04-10 14:46 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2016-04-10 14:50 - 2016-04-10 14:46 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2016-04-10 14:50 - 2016-04-10 14:46 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2016-04-10 14:50 - 2016-04-10 14:46 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2016-04-10 14:49 - 2016-04-19 00:31 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-10 14:49 - 2016-04-18 23:05 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-10 14:49 - 2016-04-16 12:20 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-04-10 14:49 - 2016-04-16 11:37 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-04-10 14:49 - 2016-04-16 11:37 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-04-10 14:49 - 2016-04-16 11:35 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-04-10 14:49 - 2016-04-16 11:28 - 00000000 ____D C:\WINDOWS\registration
2016-04-10 14:49 - 2016-04-15 15:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-10 14:49 - 2016-04-15 04:09 - 00000000 ____D C:\WINDOWS\rescache
2016-04-10 14:49 - 2016-04-15 03:34 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-10 14:49 - 2016-04-15 03:34 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-10 14:49 - 2016-04-15 03:34 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-10 14:49 - 2016-04-15 03:34 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-10 14:49 - 2016-04-12 00:02 - 00000000 ____D C:\WINDOWS\appcompat
2016-04-10 14:49 - 2016-04-10 15:09 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-04-10 14:49 - 2016-04-10 15:02 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-04-10 14:49 - 2016-04-10 15:02 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-04-10 14:49 - 2016-04-10 15:00 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-04-10 14:49 - 2016-04-10 15:00 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-04-10 14:49 - 2016-04-10 15:00 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-04-10 14:49 - 2016-04-10 15:00 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-04-10 14:49 - 2016-04-10 15:00 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-04-10 14:49 - 2016-04-10 15:00 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-04-10 14:49 - 2016-04-10 15:00 - 00000000 ____D C:\Program Files\Windows Defender
2016-04-10 14:49 - 2016-04-10 15:00 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-04-10 14:49 - 2016-04-10 15:00 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-04-10 14:49 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-04-10 14:49 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-04-10 14:49 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2016-04-10 14:49 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\system32\setup
2016-04-10 14:49 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\system32\Com
2016-04-10 14:49 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\IME
2016-04-10 14:49 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\Help
2016-04-10 14:49 - 2016-04-10 14:56 - 00000000 ____D C:\Program Files\Common Files\System
2016-04-10 14:49 - 2016-04-10 14:56 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\system32\ias
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\Web
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\Vss
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\tracing
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\TAPI
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SystemResources
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SystemApps
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\spool
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\ras
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\IME
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\downlevel
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\System
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SKB
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\ShellNew
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\security
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\schemas
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SchCache
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\Resources
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\RemotePackages
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\PLA
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\Performance
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\InputMethod
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\Globalization
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\Cursors
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\Branding
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\addins
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\Program Files\Windows NT
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\Program Files\Common Files\Services
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-04-10 14:49 - 2016-04-10 14:46 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2016-04-10 14:49 - 2016-04-10 14:46 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2016-04-10 14:49 - 2016-04-10 14:46 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services
2016-04-10 14:49 - 2016-04-10 14:46 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-04-10 14:49 - 2016-04-10 14:46 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2016-04-10 14:49 - 2016-04-10 14:46 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2016-04-10 14:49 - 2016-04-10 14:46 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2016-04-10 14:49 - 2016-04-10 14:46 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2016-04-10 14:49 - 2016-04-10 14:46 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2016-04-10 14:49 - 2016-04-10 14:46 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2016-04-10 14:49 - 2016-04-10 14:46 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2016-04-10 14:49 - 2016-04-10 14:46 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config
2016-04-10 14:49 - 2016-04-10 14:45 - 00000219 _____ C:\WINDOWS\system.ini
2016-04-10 14:49 - 2016-04-10 14:45 - 00000092 _____ C:\WINDOWS\win.ini
2016-04-10 14:49 - 2016-04-10 14:45 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-04-10 14:49 - 2016-04-10 14:44 - 00000000 __RSD C:\WINDOWS\Media
2016-04-10 14:49 - 2016-04-10 14:44 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-04-10 14:49 - 2016-04-10 14:44 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-04-10 14:49 - 2016-04-10 14:44 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-04-10 14:49 - 2016-04-10 14:44 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-04-10 14:49 - 2016-04-10 14:44 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-04-10 14:49 - 2016-04-10 14:44 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-04-10 14:49 - 2016-04-10 14:44 - 00000000 ____D C:\WINDOWS\Provisioning
2016-04-10 14:49 - 2016-04-10 14:44 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-04-10 14:49 - 2016-04-10 14:44 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-04-10 14:49 - 2016-04-10 14:43 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-04-10 14:49 - 2016-04-10 14:43 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-04-10 14:49 - 2016-04-10 14:43 - 00000000 ____D C:\Program Files\Windows Journal
2016-04-10 14:49 - 2016-04-10 06:55 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-04-10 14:49 - 2016-04-10 06:38 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-04-10 14:49 - 2016-04-10 06:38 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-04-10 14:49 - 2016-04-10 05:27 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-04-10 14:49 - 2016-04-10 05:26 - 00000000 __RHD C:\Users\Public\Libraries
2016-04-10 14:49 - 2016-04-10 05:23 - 00000000 ____D C:\WINDOWS\CSC
2016-04-10 14:49 - 2016-04-10 05:22 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-04-10 14:47 - 2016-04-19 00:37 - 00000000 ____D C:\WINDOWS\INF
2016-04-10 14:32 - 2016-04-18 23:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-10 14:19 - 2016-04-10 14:19 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Macromedia
2016-04-10 14:17 - 2016-04-10 14:17 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\MicrosoftEdge
2016-04-10 14:16 - 2016-04-19 00:30 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-04-10 14:16 - 2016-04-10 15:00 - 00000000 ____D C:\WINDOWS\servicing
2016-04-10 14:16 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\SMI
2016-04-10 14:16 - 2016-04-10 05:18 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-04-10 14:16 - 2015-10-30 08:33 - 00000164 _____ C:\WINDOWS\system32\config\FP
2016-04-10 12:57 - 2016-04-10 12:57 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2016-04-10 12:55 - 2016-04-10 12:55 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-04-10 12:55 - 2016-04-10 12:55 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-04-10 08:44 - 2016-04-14 01:45 - 00453280 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-10 08:41 - 2016-04-19 00:38 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-10 08:41 - 2016-04-19 00:38 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-10 07:07 - 2016-04-10 07:07 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\Comms
2016-04-10 06:57 - 2016-04-10 06:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-04-10 06:57 - 2016-04-10 06:57 - 00000000 ____D C:\ProgramData\AMD
2016-04-10 06:57 - 2016-04-10 06:57 - 00000000 ____D C:\Program Files\ATI Technologies
2016-04-10 06:56 - 2016-04-10 06:57 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-04-10 06:55 - 2016-04-10 06:55 - 00000000 ____D C:\Program Files\AMD
2016-04-10 06:55 - 2016-04-10 06:55 - 00000000 ____D C:\AMD
2016-04-10 06:55 - 2016-04-10 06:55 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2016-04-10 06:41 - 2016-04-16 12:22 - 00002401 _____ C:\Users\Raik-Raiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-10 06:39 - 2016-04-10 06:39 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\ActiveSync
2016-04-10 06:38 - 2016-04-10 06:38 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\Publishers
2016-04-10 06:37 - 2016-04-18 22:50 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\Packages
2016-04-10 06:37 - 2016-04-10 06:37 - 00000020 ___SH C:\Users\Raik-Raiker\ntuser.ini
2016-04-10 06:37 - 2016-04-10 06:37 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Adobe
2016-04-10 06:37 - 2016-04-10 06:37 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\VirtualStore
2016-04-10 06:37 - 2016-04-10 06:37 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\TileDataLayer
2016-04-10 05:31 - 2016-04-19 00:37 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-10 05:28 - 2016-04-10 05:28 - 00000000 _SHDL C:\Users\Default\My Documents
2016-04-10 05:28 - 2016-04-10 05:28 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-04-10 05:28 - 2016-04-10 05:28 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-04-10 05:28 - 2016-04-10 05:28 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-04-10 05:28 - 2016-04-10 05:28 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-04-10 05:28 - 2016-04-10 05:28 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-04-10 05:28 - 2016-04-10 05:28 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-04-10 05:28 - 2016-04-10 05:28 - 00000000 _SHDL C:\Users\Default User
2016-04-10 05:28 - 2016-04-10 05:28 - 00000000 _SHDL C:\Users\All Users
2016-04-10 05:25 - 2016-04-18 23:22 - 00000000 ____D C:\Users\Raik-Raiker
2016-04-10 05:25 - 2016-04-10 05:25 - 00000000 _SHDL C:\Users\Raik-Raiker\My Documents
2016-04-10 05:25 - 2016-04-10 05:25 - 00000000 _SHDL C:\Users\Raik-Raiker\Documents\My Videos
2016-04-10 05:25 - 2016-04-10 05:25 - 00000000 _SHDL C:\Users\Raik-Raiker\Documents\My Pictures
2016-04-10 05:25 - 2016-04-10 05:25 - 00000000 _SHDL C:\Users\Raik-Raiker\Documents\My Music
2016-04-10 05:18 - 2016-04-10 05:18 - 00000000 ____D C:\Program Files\Common Files\Atheros
2016-04-10 05:15 - 2015-10-30 09:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-04-10 05:12 - 2016-04-19 00:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-10 05:12 - 2016-04-10 05:12 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-04-10 05:11 - 2016-04-15 03:37 - 00194272 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-10 04:13 - 2016-04-10 06:44 - 00000000 ___HD C:\$SysReset
2016-04-10 03:47 - 2016-04-10 03:47 - 00000000 ____D C:\AdwCleaner
2016-04-10 01:56 - 2016-04-10 01:56 - 00000000 _____ C:\autoexec.bat
2016-04-09 09:27 - 2016-04-16 12:15 - 00000000 ____D C:\Users\Raik-Raiker\AppData\LocalLow\Company
2016-04-09 09:27 - 2016-04-09 09:27 - 00000000 ____D C:\uninst
2016-04-07 03:39 - 2016-04-07 03:48 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-03-25 09:20 - 2016-04-09 11:27 - 00000000 ___RD C:\Users\Raik-Raiker\Documents\Galaxy Note 4 Root

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-16 12:22 - 2015-10-30 09:19 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2016-04-16 12:22 - 2015-10-30 09:19 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2016-04-16 12:22 - 2015-10-30 09:19 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk
2016-04-16 12:22 - 2015-10-30 09:18 - 00001590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
2016-04-16 12:22 - 2015-10-30 09:18 - 00000853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2016-04-16 12:22 - 2015-10-30 09:17 - 00002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
2016-04-16 11:37 - 2016-02-10 23:42 - 00000000 ____D C:\VSTPlugIns
2016-04-14 21:41 - 2015-12-31 01:38 - 00000000 ____D C:\temp
2016-04-14 06:14 - 2016-02-20 04:58 - 00000000 ___RD C:\Users\Raik-Raiker\Desktop\TheDarkness Pattern Project
2016-04-10 23:20 - 2016-01-01 17:02 - 00000000 ____D C:\Users\Raik-Raiker\Documents\Mega Drums Pack [MIDI]
2016-04-10 20:17 - 2016-01-04 04:04 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-09 12:34 - 2016-01-19 16:40 - 00000000 ____D C:\Users\Raik-Raiker\Documents\JDownloader
2016-04-09 11:27 - 2016-03-14 00:41 - 00000000 ___RD C:\Users\Raik-Raiker\Documents\Passwortliste_01_01_2016
2016-04-09 11:21 - 2016-01-28 10:15 - 00000000 ____D C:\Users\Raik-Raiker\Documents\Selected Drum Banks For Superior & EZ Drummer
2016-04-03 11:12 - 2016-03-17 11:43 - 00000000 ____D C:\Users\Raik-Raiker\.oracle_jre_usage

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-04-2016
Ran by Raik-Raiker (2016-04-19 00:43:54)
Running from C:\Users\Raik-Raiker\Desktop
Windows 10 Enterprise Version 1511 (X64) (2016-04-10 03:28:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3132783333-464131444-2734203698-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3132783333-464131444-2734203698-503 - Limited - Disabled)
Guest (S-1-5-21-3132783333-464131444-2734203698-501 - Limited - Disabled)
Raik-Raiker (S-1-5-21-3132783333-464131444-2734203698-1001 - Administrator - Enabled) => C:\Users\Raik-Raiker

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aalto VST version 1.3.2 (HKLM-x32\...\{078E1F5C-C102-4701-9D9D-7D49BA41AB7A}_is1) (Version: 1.3.2 - Madrona Labs, LLC)
Ableton Live 9 Suite (HKLM\...\{77D0571D-D8A9-4FA0-9DE4-5D8489FB0C9E}) (Version: 9.0.0.0 - Ableton)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
ARIA Engine v1.8.2.2 (HKLM\...\ARIA Engine_is1) (Version: v1.8.2.2 - Plogue Art et Technologie, Inc)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Burt Free (HKLM-x32\...\Burt Free2.0) (Version: 2.0 - Noisebud)
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.41.3.0173 - DT Soft Ltd)
FMW 1 (Version: 1.72.2 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Max 7 (64-bit) (HKLM\...\{47EF2552-84E8-4810-B710-22770CAB803B}) (Version: 7.1.0 - Cycling '74)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
NewsLeecher v5.0 Final (HKLM-x32\...\NewsLeecher_is1) (Version:  - )
PhonicUSB Driver v1.35.03 (HKLM-x32\...\PhonicUSB Driver v1.35.03) (Version: 1.35.03 - Phonic)
Sugar Bytes Effectrix 1.4.2 (HKLM\...\Effectrix_is1) (Version: 1.4.2 - Sugar Bytes)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3132783333-464131444-2734203698-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Raik-Raiker\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {11D671CC-E976-4559-9705-5436652F37AA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {85C92820-2916-483B-A959-272C328684D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-10] (Google Inc.)
Task: {A4BB224E-5548-4C36-9CD6-67FF6A2BA2AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-10] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ich hoffe das ich dass so richtig gemacht hab !!

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-04-2016
Ran by Raik-Raiker (2016-04-19 00:43:54)
Running from C:\Users\Raik-Raiker\Desktop
Windows 10 Enterprise Version 1511 (X64) (2016-04-10 03:28:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3132783333-464131444-2734203698-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3132783333-464131444-2734203698-503 - Limited - Disabled)
Guest (S-1-5-21-3132783333-464131444-2734203698-501 - Limited - Disabled)
Raik-Raiker (S-1-5-21-3132783333-464131444-2734203698-1001 - Administrator - Enabled) => C:\Users\Raik-Raiker

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aalto VST version 1.3.2 (HKLM-x32\...\{078E1F5C-C102-4701-9D9D-7D49BA41AB7A}_is1) (Version: 1.3.2 - Madrona Labs, LLC)
Ableton Live 9 Suite (HKLM\...\{77D0571D-D8A9-4FA0-9DE4-5D8489FB0C9E}) (Version: 9.0.0.0 - Ableton)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
ARIA Engine v1.8.2.2 (HKLM\...\ARIA Engine_is1) (Version: v1.8.2.2 - Plogue Art et Technologie, Inc)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Burt Free (HKLM-x32\...\Burt Free2.0) (Version: 2.0 - Noisebud)
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.41.3.0173 - DT Soft Ltd)
FMW 1 (Version: 1.72.2 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Max 7 (64-bit) (HKLM\...\{47EF2552-84E8-4810-B710-22770CAB803B}) (Version: 7.1.0 - Cycling '74)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
NewsLeecher v5.0 Final (HKLM-x32\...\NewsLeecher_is1) (Version:  - )
PhonicUSB Driver v1.35.03 (HKLM-x32\...\PhonicUSB Driver v1.35.03) (Version: 1.35.03 - Phonic)
Sugar Bytes Effectrix 1.4.2 (HKLM\...\Effectrix_is1) (Version: 1.4.2 - Sugar Bytes)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3132783333-464131444-2734203698-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Raik-Raiker\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {11D671CC-E976-4559-9705-5436652F37AA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {85C92820-2916-483B-A959-272C328684D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-10] (Google Inc.)
Task: {A4BB224E-5548-4C36-9CD6-67FF6A2BA2AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-10] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 ____N () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-04-13 20:55 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 20:55 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-11 00:17 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2016-01-08 14:12 - 2016-01-08 14:12 - 00093696 ____N () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-13 20:54 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-11 00:00 - 2016-04-06 04:12 - 02140824 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-11 00:00 - 2016-04-06 04:12 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7887 more sites.

IE restricted site: HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\123simsen.com -> www.123simsen.com

There are 7887 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-04-10 14:49 - 2016-04-16 16:27 - 00451800 ____R C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

There are 15500 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3132783333-464131444-2734203698-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Raik-Raiker\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{780283be-fc54-4dfd-86f3-7730d67e2084}.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "AvgUi"
HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{3EA65420-85CC-477C-B756-3F687B4676CF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

10-04-2016 06:56:12 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
12-04-2016 00:26:59 Removed Ableton Live 9 Suite
14-04-2016 01:07:11 Installed Ableton Live 9 Suite
15-04-2016 12:36:08 Installed UnRarIt.Net
16-04-2016 11:12:23 Wiederherstellungsvorgang
18-04-2016 23:09:35 Windows Modules Installer

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/19/2016 12:41:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BASEMASCHINE)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/19/2016 12:36:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BASEMASCHINE)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/19/2016 12:33:26 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0x8007232B
Befehlszeilenargumente:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (04/19/2016 12:33:26 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0x8007232B
Befehlszeilenargumente:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=73111121-5638-40f6-bc11-f1d7b0d64300;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (04/19/2016 12:33:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BASEMASCHINE)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/19/2016 12:31:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BASEMASCHINE)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/19/2016 12:31:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BASEMASCHINE)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/19/2016 12:31:51 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BASEMASCHINE)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/19/2016 12:31:49 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BASEMASCHINE)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (04/19/2016 12:31:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BASEMASCHINE)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (04/19/2016 12:34:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD FUEL Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/19/2016 12:33:17 AM) (Source: DCOM) (EventID: 10001) (User: BASEMASCHINE)
Description: "C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca2CortanaUIUnavailableUnavailable

Error: (04/19/2016 12:31:53 AM) (Source: DCOM) (EventID: 10001) (User: BASEMASCHINE)
Description: "C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca2CortanaUIUnavailableUnavailable

Error: (04/19/2016 12:31:51 AM) (Source: DCOM) (EventID: 10001) (User: BASEMASCHINE)
Description: "C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca2CortanaUIUnavailableUnavailable

Error: (04/19/2016 12:31:49 AM) (Source: DCOM) (EventID: 10001) (User: BASEMASCHINE)
Description: "C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca2CortanaUIUnavailableUnavailable

Error: (04/19/2016 12:31:47 AM) (Source: DCOM) (EventID: 10001) (User: BASEMASCHINE)
Description: "C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca2CortanaUIUnavailableUnavailable

Error: (04/19/2016 12:31:44 AM) (Source: DCOM) (EventID: 10001) (User: BASEMASCHINE)
Description: "C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca2CortanaUIUnavailableUnavailable

Error: (04/19/2016 12:31:41 AM) (Source: DCOM) (EventID: 10001) (User: BASEMASCHINE)
Description: "C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca2CortanaUIUnavailableUnavailable

Error: (04/19/2016 12:31:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avgsvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/19/2016 12:29:59 AM) (Source: DCOM) (EventID: 10010) (User: BASEMASCHINE)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}


CodeIntegrity:
===================================
  Date: 2016-04-18 23:18:08.875
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-16 22:30:51.334
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-16 11:42:18.525
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-15 22:36:33.604
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-15 03:38:28.715
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-14 21:16:28.511
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-13 20:31:42.908
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-12 00:58:45.906
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-12 00:44:48.899
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-12 00:43:48.589
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: AMD A6-3400M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 29%
Total physical RAM: 7658.11 MB
Available physical RAM: 5394.83 MB
Total Virtual: 8874.11 MB
Available Virtual: 7061.17 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:298.92 GB) (Free:247.93 GB) NTFS
Drive e: (Data) (Fixed) (Total:296.76 GB) (Free:101.72 GB) NTFS
Drive f: (ENGE INGE) (Fixed) (Total:197.2 GB) (Free:60.02 GB) NTFS
Drive i: (ENGE MELLE) (Fixed) (Total:268.55 GB) (Free:64.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: F8D79D6B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=296.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 1D0AE8E1)
Partition 1: (Not Active) - (Size=197.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=268.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

--- --- ---

Raiker · 18.04.2016, 23:59

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
Ran by Raik-Raiker (administrator) on BASEMASCHINE (19-04-2016 00:41:37)
Running from C:\Users\Raik-Raiker\Desktop
Loaded Profiles: Raik-Raiker (Available Profiles: Raik-Raiker)
Platform: Windows 10 Enterprise Version 1511 (X64) Language: Englisch (Vereinigte Staaten)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Phonic) C:\Program Files\Phonic\phonicusb_Driver\phonicusbsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\Windows-KB890830-x64-V5.35.exe
(Microsoft Corporation) C:\Windows\System32\MRT.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-3132783333-464131444-2734203698-1001\...\RunOnce: [Uninstall C:\Users\Raik-Raiker\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Raik-Raiker\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhonicUSB Control Panel.lnk [2016-04-16]
ShortcutTarget: PhonicUSB Control Panel.lnk -> C:\Program Files\Phonic\phonicusb_Driver\phonicusbcpl.exe (Phonic)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{6a3b3e23-7265-49a1-b475-57eebaecf69e}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-10] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.hohosearch.com/?mode=nnnb&ptid=epf1&uid=FFF86F512F5EF7566FF7D6C0A9806227&v=20160415&ts=AHEqA3QtBn8sB0..
CHR StartupUrls: Default -> "hxxp://www.hohosearch.com/?mode=nnnb&ptid=epf1&uid=FFF86F512F5EF7566FF7D6C0A9806227&v=20160415&ts=AHEqA3QtBn8sB0.."
CHR DefaultSearchURL: Default -> hxxp://www.hohosearch.com/chrome.php?q={searchTerms}&ts=AHEqA3QtBn8sB0..&v=20160415&uid=FFF86F512F5EF7566FF7D6C0A9806227&ptid=epf1&mode=nnnb
CHR DefaultSearchKeyword: Default -> hohosearch
CHR Profile: C:\Users\Raik-Raiker\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Raik-Raiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-11]
CHR Extension: (Google Docs) - C:\Users\Raik-Raiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-11]
CHR Extension: (Google Drive) - C:\Users\Raik-Raiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-11]
CHR Extension: (YouTube) - C:\Users\Raik-Raiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-11]
CHR Extension: (Google Tabellen) - C:\Users\Raik-Raiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-11]
CHR Extension: (Google Docs Offline) - C:\Users\Raik-Raiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Raik-Raiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-11]
CHR Extension: (Google Mail) - C:\Users\Raik-Raiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-11]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 PhonicUSBsvc; C:\Program Files\Phonic\phonicusb_Driver\phonicusbsvc.exe [134408 2013-09-11] (Phonic)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 AMD FUEL Service; "C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService [X]
S2 avgsvc; "C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4342936 2015-09-21] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2016-01-07] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [270912 2016-04-12] (DT Soft Ltd)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-19] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [45720 2015-12-31] (Toshiba Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-19 00:41 - 2016-04-19 00:42 - 00008544 _____ C:\Users\Raik-Raiker\Desktop\FRST.txt
2016-04-19 00:41 - 2016-04-19 00:41 - 00000000 ____D C:\FRST
2016-04-19 00:39 - 2016-04-19 00:40 - 02375680 _____ (Farbar) C:\Users\Raik-Raiker\Desktop\FRST64.exe
2016-04-19 00:34 - 2016-04-19 00:34 - 00000000 ____D C:\ProgramData\USOShared
2016-04-19 00:34 - 2016-04-19 00:34 - 00000000 ____D C:\ProgramData\USOPrivate
2016-04-19 00:11 - 2016-04-19 00:23 - 00000000 ____D C:\Program Files\Unlocker
2016-04-19 00:11 - 2016-04-19 00:11 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2016-04-18 23:18 - 2016-04-18 23:18 - 00000000 ____D C:\Users\Raik-Raiker\Documents\cortana deinstalation
2016-04-18 22:51 - 2016-04-18 22:51 - 00000085 _____ C:\WINDOWS\wininit.ini
2016-04-16 16:27 - 2016-04-16 13:00 - 00451800 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20160416-162724.backup
2016-04-16 13:00 - 2016-04-10 14:46 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20160416-130004.backup
2016-04-16 12:39 - 2016-04-16 12:39 - 00000000 ____D C:\Program Files\Common Files\AV
2016-04-16 12:32 - 2016-04-16 12:32 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-04-16 12:31 - 2016-04-18 22:52 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-04-16 11:49 - 2016-04-19 00:31 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-16 11:49 - 2016-04-16 12:22 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-04-16 11:48 - 2016-04-16 11:49 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-04-16 11:48 - 2016-04-16 11:48 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-16 11:48 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-04-16 11:48 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-04-16 11:48 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-04-16 11:15 - 2016-04-16 11:35 - 00000000 ____D C:\WINDOWS\system32\pudf
2016-04-16 11:07 - 2016-04-16 11:36 - 00000000 ____D C:\Program Files (x86)\DesktopPlay
2016-04-16 11:03 - 2016-04-16 11:03 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\Tempfolder
2016-04-16 11:02 - 2016-04-16 11:02 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-16 10:02 - 2016-04-16 10:02 - 04663751 _____ C:\Users\Raik-Raiker\Downloads\Izotope_keygen.zip
2016-04-16 09:45 - 2016-04-16 10:03 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\iZotope
2016-04-16 09:39 - 2016-04-16 11:10 - 00000000 ____D C:\Users\Raik-Raiker\Downloads\!! newsleecher temporary !!
2016-04-16 08:29 - 2016-04-16 08:31 - 00000000 ____D C:\Users\Raik-Raiker\Downloads\i7dPBAuujy
2016-04-16 08:27 - 2016-04-16 08:28 - 00000000 ____D C:\Users\Raik-Raiker\Downloads\qNi37bGa6q
2016-04-16 08:27 - 2016-04-16 08:27 - 00000000 ____D C:\Users\Raik-Raiker\Downloads\VWawSWDdaB
2016-04-16 08:25 - 2016-04-16 08:25 - 00000000 ____D C:\Users\Raik-Raiker\Downloads\clips
2016-04-16 06:58 - 2016-04-16 11:36 - 00000000 ____D C:\Program Files (x86)\Alt.Binz
2016-04-16 06:46 - 2016-04-16 09:45 - 00000000 ____D C:\Users\Raik-Raiker\Documents\iZotope
2016-04-16 06:46 - 2016-04-16 06:52 - 00000000 ____D C:\Program Files (x86)\iZotope
2016-04-16 06:46 - 2016-04-16 06:46 - 00000000 ____D C:\Program Files\Common Files\VST3
2016-04-16 06:45 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r29
2016-04-16 06:45 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r28
2016-04-16 06:45 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r27
2016-04-16 06:45 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r26
2016-04-16 06:45 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r25
2016-04-16 06:45 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r24
2016-04-16 06:45 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r23
2016-04-16 06:45 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r22
2016-04-16 06:44 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r21
2016-04-16 06:44 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r20
2016-04-16 06:44 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r19
2016-04-16 06:44 - 2016-04-16 06:45 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r10
2016-04-16 06:44 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r18
2016-04-16 06:44 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r17
2016-04-16 06:44 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r16
2016-04-16 06:44 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r14
2016-04-16 06:44 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r13
2016-04-16 06:44 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r12
2016-04-16 06:44 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r11
2016-04-16 06:44 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r09
2016-04-16 06:43 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r08
2016-04-16 06:43 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r07
2016-04-16 06:43 - 2016-04-16 06:44 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r06
2016-04-16 06:43 - 2016-04-16 06:43 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.rar
2016-04-16 06:43 - 2016-04-16 06:43 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r05
2016-04-16 06:43 - 2016-04-16 06:43 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r04
2016-04-16 06:43 - 2016-04-16 06:43 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r03
2016-04-16 06:43 - 2016-04-16 06:43 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r02
2016-04-16 06:43 - 2016-04-16 06:43 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r01
2016-04-16 06:43 - 2016-04-16 06:43 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.1.r00
2016-04-16 06:42 - 2016-04-16 06:43 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part02.1.rar
2016-04-16 06:42 - 2016-04-16 06:43 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part01.1.rar
2016-04-16 06:40 - 2016-04-16 06:41 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part16.rar
2016-04-16 06:36 - 2016-04-16 06:41 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part15.rar
2016-04-16 06:36 - 2016-04-16 06:40 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part14.rar
2016-04-16 06:36 - 2016-04-16 06:40 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part13.rar
2016-04-16 06:36 - 2016-04-16 06:40 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part12.rar
2016-04-16 06:35 - 2016-04-16 06:37 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part11.rar
2016-04-16 06:35 - 2016-04-16 06:36 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part10.rar
2016-04-16 06:35 - 2016-04-16 06:35 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part09.rar
2016-04-16 06:35 - 2016-04-16 06:35 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part08.rar
2016-04-16 06:35 - 2016-04-16 06:35 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part07.rar
2016-04-16 06:34 - 2016-04-16 06:35 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part06.rar
2016-04-16 06:34 - 2016-04-16 06:34 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part05.rar
2016-04-16 06:34 - 2016-04-16 06:34 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part04.rar
2016-04-16 06:34 - 2016-04-16 06:34 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part03.rar
2016-04-16 06:34 - 2016-04-16 06:34 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part02.rar
2016-04-16 06:34 - 2016-04-16 06:34 - 15728640 _____ C:\Users\Raik-Raiker\Downloads\iZotope.RX.3.Advanced.3.00.695.x86.x64.incl.crack.part01.rar
2016-04-16 06:33 - 2016-04-16 06:34 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r26
2016-04-16 06:33 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r29
2016-04-16 06:33 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r28
2016-04-16 06:33 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r27
2016-04-16 06:33 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r25
2016-04-16 06:33 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r24
2016-04-16 06:33 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r23
2016-04-16 06:33 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r22
2016-04-16 06:33 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r21
2016-04-16 06:32 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r20
2016-04-16 06:32 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r19
2016-04-16 06:32 - 2016-04-16 06:33 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r17
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r18
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r16
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r14
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r13
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r12
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r11
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r10
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r09
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r08
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r07
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r06
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r05
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r04
2016-04-16 06:32 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r03
2016-04-16 06:31 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r02
2016-04-16 06:31 - 2016-04-16 06:32 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r01
2016-04-16 06:31 - 2016-04-16 06:31 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.rar
2016-04-16 06:31 - 2016-04-16 06:31 - 05242880 _____ C:\Users\Raik-Raiker\Downloads\IZotope.Ozone.VST.DX.AS.RTAS.HTDM.v3.15.incl.Keygen-AiR.r00
2016-04-16 05:24 - 2016-04-16 05:26 - 81893033 _____ C:\Users\Raik-Raiker\Downloads\iZotope Ozone Advanced v7.00 WiN X86 X64-d33p57a7u5.part05.rar
2016-04-16 05:23 - 2016-04-16 05:24 - 104857600 _____ C:\Users\Raik-Raiker\Downloads\iZotope Ozone Advanced v7.00 WiN X86 X64-d33p57a7u5.part04.rar
2016-04-16 05:22 - 2016-04-16 05:23 - 104857600 _____ C:\Users\Raik-Raiker\Downloads\iZotope Ozone Advanced v7.00 WiN X86 X64-d33p57a7u5.part03.rar
2016-04-16 05:20 - 2016-04-16 05:22 - 104857600 _____ C:\Users\Raik-Raiker\Downloads\iZotope Ozone Advanced v7.00 WiN X86 X64-d33p57a7u5.part02.rar
2016-04-16 05:19 - 2016-04-16 05:21 - 104857600 _____ C:\Users\Raik-Raiker\Downloads\iZotope Ozone Advanced v7.00 WiN X86 X64-d33p57a7u5.part01.rar
2016-04-15 23:13 - 2016-04-15 23:13 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\Microsoft_Corporation
2016-04-15 14:16 - 2016-04-15 14:16 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Arturia
2016-04-15 14:12 - 2016-04-15 14:15 - 00000000 ____D C:\ProgramData\Arturia
2016-04-15 14:12 - 2016-04-15 14:12 - 00000000 ____D C:\Program Files (x86)\Arturia
2016-04-15 13:42 - 2016-04-16 07:19 - 00000000 ____D C:\Users\Raik-Raiker\Downloads\porno clips
2016-04-15 12:44 - 2016-04-16 11:35 - 00000000 ____D C:\Users\Raik-Raiker\Documents\TestUnrarit7
2016-04-15 12:39 - 2016-04-15 12:40 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\.unrarit
2016-04-15 12:37 - 2016-04-15 12:37 - 00000000 ____D C:\Program Files (x86)\Nils Maier
2016-04-15 04:05 - 2016-04-15 04:05 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-04-14 21:56 - 2016-04-18 23:21 - 00000000 ____D C:\Users\Raik-Raiker\Documents\Steinberg WaveLab 6.1 Portable Fully Working
2016-04-14 21:43 - 2016-04-14 21:55 - 00625168 _____ C:\Users\Raik-Raiker\Desktop\Spire Ableton Project File.wav.gpk
2016-04-14 21:35 - 2016-04-14 21:35 - 69953672 ____T C:\Users\Raik-Raiker\Desktop\Spire Ableton Project File.wav
2016-04-14 21:35 - 2016-04-14 21:35 - 00672917 ____T C:\Users\Raik-Raiker\Desktop\Spire Ableton Project File.wav.asd
2016-04-14 14:21 - 2016-04-14 14:21 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\PeerDistRepub
2016-04-14 09:22 - 2016-04-14 09:22 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Plogue Art et Technologie, Inc
2016-04-14 09:19 - 2016-04-14 09:19 - 00000000 ____D C:\Program Files\Common Files\VST2
2016-04-14 09:08 - 2016-04-14 09:08 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sugar Bytes
2016-04-14 09:08 - 2016-04-14 09:08 - 00000000 ____D C:\Programme
2016-04-14 09:04 - 2016-04-14 09:04 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Madrona Labs
2016-04-14 09:04 - 2016-04-14 09:04 - 00000000 ____D C:\ProgramData\Madrona Labs
2016-04-14 09:03 - 2016-04-14 12:43 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Plogue
2016-04-14 08:59 - 2016-04-14 08:59 - 00000000 ____D C:\Program Files\Plogue
2016-04-14 07:49 - 2016-04-14 07:49 - 00000000 ____D C:\Users\Raik-Raiker\Documents\Max 7
2016-04-14 07:49 - 2016-04-14 07:49 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Cycling '74
2016-04-14 07:49 - 2016-04-14 07:49 - 00000000 ____D C:\ProgramData\Max 7
2016-04-14 07:31 - 2016-04-16 12:22 - 00002066 _____ C:\Users\Raik-Raiker\Desktop\Ableton Live 9 Suite.lnk
2016-04-14 06:01 - 2016-04-14 06:01 - 00000398 __RSH C:\ProgramData\ntuser.pol
2016-04-14 05:54 - 2016-04-16 12:22 - 00000861 _____ C:\Users\Raik-Raiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Suite.lnk
2016-04-14 05:45 - 2016-04-16 11:25 - 00000000 ____D C:\Users\Raik-Raiker\Downloads\Ableton Live Suite 9.6 (x64) Multi
2016-04-14 05:01 - 2016-04-14 05:01 - 00000000 ____D C:\Users\Raik-Raiker\Documents\Native Instruments
2016-04-14 05:01 - 2016-04-14 05:01 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\Native Instruments
2016-04-14 04:55 - 2016-04-16 11:25 - 00000000 ____D C:\Users\Raik-Raiker\Documents\FabFilter
2016-04-14 04:55 - 2016-04-15 13:04 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\FabFilter
2016-04-14 02:42 - 2016-04-16 11:37 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\vlc
2016-04-14 02:41 - 2016-04-14 02:41 - 00000000 ____D C:\Program Files\VideoLAN
2016-04-13 23:09 - 2016-04-16 12:22 - 00001042 _____ C:\Users\Raik-Raiker\Desktop\NewsLeecher.lnk
2016-04-13 23:09 - 2016-04-15 13:29 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\NewsLeecher
2016-04-13 23:09 - 2016-04-13 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewsLeecher
2016-04-13 23:09 - 2016-04-13 23:09 - 00000000 ____D C:\Program Files (x86)\NewsLeecher
2016-04-13 22:48 - 2016-04-16 11:37 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alt.Binz
2016-04-13 20:56 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-13 20:56 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-13 20:56 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-13 20:56 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 20:56 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-13 20:56 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-13 20:56 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-13 20:55 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-13 20:55 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 20:55 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 20:55 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-13 20:55 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 20:55 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-13 20:55 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 20:55 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-13 20:55 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 20:55 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 20:55 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 20:55 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 20:55 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 20:55 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 20:55 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 20:55 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 20:55 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 20:55 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 20:55 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 20:55 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-13 20:55 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-13 20:55 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-13 20:55 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-13 20:55 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-13 20:55 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 20:55 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-13 20:55 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-13 20:55 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-13 20:55 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-13 20:55 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-13 20:55 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 20:55 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-13 20:55 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-13 20:55 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-13 20:55 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-13 20:55 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 20:55 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-13 20:55 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-13 20:55 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-13 20:55 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-13 20:55 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-13 20:55 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-13 20:55 - 2016-03-29 09:51 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-04-13 20:55 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-13 20:55 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-13 20:55 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 20:55 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-13 20:55 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-13 20:55 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-13 20:55 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 20:55 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-13 20:55 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-13 20:55 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-13 20:55 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 20:55 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 20:55 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 20:55 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 20:55 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 20:55 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 20:55 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-13 20:55 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 20:55 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-13 20:55 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-13 20:55 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 20:55 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-13 20:55 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-13 20:55 - 2016-03-29 09:14 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-04-13 20:55 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 20:55 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-13 20:55 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-13 20:55 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-13 20:55 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 20:55 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-13 20:55 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-13 20:55 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 20:55 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 20:55 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-13 20:55 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 20:55 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-13 20:55 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 20:55 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-13 20:55 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 20:55 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-13 20:55 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 20:55 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-13 20:55 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 20:55 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-13 20:55 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-13 20:55 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-13 20:55 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-13 20:55 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-13 20:55 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 20:55 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 20:55 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-13 20:55 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-13 20:55 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-13 20:55 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-13 20:55 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-13 20:55 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-13 20:55 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-13 20:55 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-13 20:55 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-13 20:55 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 20:55 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-13 20:55 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-13 20:55 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-13 20:55 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 20:55 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-13 20:55 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-13 20:55 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-13 20:55 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-13 20:55 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-13 20:55 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-13 20:55 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-13 20:55 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-13 20:55 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-13 20:55 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 20:55 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-13 20:55 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-13 20:55 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-13 20:55 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-13 20:55 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-13 20:55 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-13 20:55 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-13 20:55 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 20:55 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-13 20:55 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 20:55 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-13 20:55 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-13 20:55 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-13 20:55 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-13 20:55 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-13 20:55 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-13 20:55 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-13 20:55 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 20:55 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-13 20:55 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-13 20:55 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 20:55 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-13 20:55 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-13 20:55 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-13 20:55 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 20:55 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-13 20:54 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-13 20:54 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 20:54 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 20:54 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-13 20:54 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 20:54 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-13 20:54 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 20:54 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-13 20:54 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-13 20:54 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-13 20:54 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-13 20:54 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-13 20:54 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-13 20:54 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 20:54 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-13 20:54 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-13 20:54 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-13 20:54 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-13 20:54 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-13 20:54 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-13 20:54 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-13 20:54 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-13 20:54 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-13 20:54 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-13 20:54 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-13 20:54 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-13 20:54 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-13 20:54 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 20:54 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 20:54 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-13 20:54 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 20:54 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 20:54 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-13 20:54 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 20:54 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-13 20:54 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-13 20:54 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 20:54 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-13 20:54 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 20:54 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-13 20:54 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-13 20:54 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 20:54 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 20:54 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-13 20:54 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-13 20:54 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-13 20:54 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-13 20:54 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-13 20:54 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 20:54 - 2016-03-29 09:54 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-04-13 20:54 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-13 20:54 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 20:54 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-13 20:54 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 20:54 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 20:54 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 20:54 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-13 20:54 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 20:54 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 20:54 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-13 20:54 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 20:54 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-13 20:54 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-13 20:54 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 20:54 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-13 20:54 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-13 20:54 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-13 20:54 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-13 20:54 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-13 20:54 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 20:54 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-13 20:54 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-13 20:54 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-13 20:54 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-13 20:54 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 20:54 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-13 20:54 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 20:54 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-13 20:54 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-13 20:54 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-13 20:54 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-13 20:54 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-13 20:54 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-13 20:54 - 2016-03-29 09:14 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-04-13 20:54 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-13 20:54 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-13 20:54 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-13 20:54 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-13 20:54 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-13 20:54 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-13 20:54 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-13 20:54 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-13 20:54 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 20:54 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-13 20:54 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-13 20:54 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-13 20:54 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-13 20:54 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-13 20:54 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-13 20:54 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 20:54 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-13 20:54 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 20:54 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 20:54 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-13 20:54 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 20:54 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 20:54 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-13 20:54 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-13 20:54 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-13 20:54 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-13 20:54 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 20:54 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-13 20:54 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-13 20:54 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-13 20:54 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-13 20:54 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-13 20:54 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-13 20:54 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-13 20:54 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 20:54 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-13 20:54 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-13 20:54 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-13 20:54 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 20:54 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-13 20:54 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-13 20:54 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-13 20:54 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-13 20:54 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-13 20:54 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-13 20:54 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-13 20:54 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 20:54 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 20:54 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-13 20:54 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-13 20:54 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-13 20:54 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-13 20:54 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 20:54 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-13 20:54 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-13 20:33 - 2016-04-13 20:36 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\Alt.Binz
2016-04-13 20:32 - 2016-04-16 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alt.Binz
2016-04-12 01:33 - 2016-04-16 12:22 - 00000907 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-12 01:33 - 2016-04-12 01:34 - 00000000 ____D C:\Program Files\CCleaner
2016-04-12 01:33 - 2016-04-12 01:33 - 00002876 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-04-12 01:10 - 2016-04-12 01:19 - 00000000 ____D C:\ProgramData\Avg
2016-04-12 01:09 - 2016-04-16 12:22 - 00002019 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-04-12 01:09 - 2016-04-12 01:19 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\AvgSetupLog
2016-04-12 01:09 - 2016-04-12 01:12 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\Avg
2016-04-12 01:09 - 2016-04-12 01:09 - 00270912 _____ (DT Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2016-04-12 01:09 - 2016-04-12 01:09 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2016-04-12 01:08 - 2016-04-18 22:31 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\DAEMON Tools Lite
2016-04-12 01:08 - 2016-04-15 13:25 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-04-12 01:06 - 2016-04-16 12:22 - 00001162 _____ C:\Users\Raik-Raiker\Documents\ASIO4ALL v2 Anleitung.lnk
2016-04-12 01:06 - 2016-04-12 01:06 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2016-04-12 01:06 - 2016-04-12 01:06 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2016-04-12 01:03 - 2016-04-12 01:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phonic
2016-04-12 01:03 - 2016-04-12 01:03 - 00000000 ____D C:\Program Files\Phonic
2016-04-12 00:47 - 2016-04-12 00:47 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-04-11 01:25 - 2016-04-16 12:22 - 00002529 _____ C:\Users\Public\Desktop\Max 7 (64-bit).lnk
2016-04-11 01:25 - 2016-04-11 01:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cycling '74
2016-04-11 01:22 - 2016-04-11 01:22 - 00000000 ____D C:\Program Files\Cycling '74
2016-04-11 00:18 - 2016-04-11 00:18 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\WinRAR
2016-04-11 00:18 - 2016-04-11 00:18 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-11 00:18 - 2016-04-11 00:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-11 00:17 - 2016-04-11 00:18 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-04-11 00:10 - 2016-04-16 12:22 - 00000279 _____ C:\Users\Raik-Raiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2016-04-11 00:00 - 2016-04-16 12:22 - 00002336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-10 23:58 - 2016-04-19 00:31 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-10 23:58 - 2016-04-19 00:03 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-10 23:58 - 2016-04-11 00:44 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\Google
2016-04-10 23:58 - 2016-04-10 23:59 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-10 23:58 - 2016-04-10 23:58 - 00004204 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-04-10 23:58 - 2016-04-10 23:58 - 00003972 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-04-10 23:45 - 2016-04-14 06:04 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Ableton
2016-04-10 23:45 - 2016-04-10 23:45 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2016-04-10 23:41 - 2016-04-14 05:54 - 00000000 ____D C:\ProgramData\Ableton
2016-04-10 23:24 - 2016-04-14 09:08 - 00000000 ____D C:\Users\Raik-Raiker\Documents\Sugar Bytes
2016-04-10 20:18 - 2016-04-14 06:15 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\AMD
2016-04-10 20:18 - 2016-04-10 20:18 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\ATI
2016-04-10 20:18 - 2016-04-10 20:18 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\ATI
2016-04-10 20:18 - 2016-04-10 20:18 - 00000000 ____D C:\ProgramData\ATI
2016-04-10 15:09 - 2016-04-14 13:26 - 00000000 ____D C:\Windows.old
2016-04-10 15:09 - 2016-04-12 01:36 - 00000000 ___DC C:\WINDOWS\Panther
2016-04-10 15:09 - 2016-04-10 15:09 - 00000000 ____D C:\WINDOWS\InfusedApps
2016-04-10 15:08 - 2016-04-10 15:08 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-04-10 15:06 - 2016-04-10 15:06 - 00000000 ____D C:\WINDOWS\Setup
2016-04-10 15:02 - 2016-04-10 15:02 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-04-10 15:02 - 2016-04-10 15:02 - 00000000 ____D C:\WINDOWS\OCR
2016-04-10 15:02 - 2016-04-10 15:02 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-04-10 15:02 - 2016-04-10 15:02 - 00000000 ____D C:\Program Files\MSBuild
2016-04-10 15:02 - 2016-04-10 15:02 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-04-10 15:02 - 2016-04-10 15:02 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-04-10 14:57 - 2016-04-19 00:37 - 00774606 _____ C:\WINDOWS\system32\perfh007.dat
2016-04-10 14:57 - 2016-04-19 00:37 - 00155212 _____ C:\WINDOWS\system32\perfc007.dat
2016-04-10 14:57 - 2016-04-10 14:56 - 00305634 _____ C:\WINDOWS\system32\perfi007.dat
2016-04-10 14:57 - 2016-04-10 14:56 - 00040390 _____ C:\WINDOWS\system32\perfd007.dat
2016-04-10 14:56 - 2016-04-10 15:00 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-04-10 14:56 - 2016-04-10 15:00 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-04-10 14:56 - 2016-04-10 15:00 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-04-10 14:56 - 2016-04-10 15:00 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-04-10 14:56 - 2016-04-10 15:00 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-04-10 14:56 - 2016-04-10 15:00 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-04-10 14:56 - 2016-04-10 15:00 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-04-10 14:56 - 2016-04-10 15:00 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-04-10 14:56 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-04-10 14:56 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\SysWOW64\de
2016-04-10 14:56 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2016-04-10 14:56 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\system32\de
2016-04-10 14:56 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\system32\0409
2016-04-10 14:56 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-04-10 14:52 - 2016-04-06 20:32 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-10 14:52 - 2016-04-06 20:32 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-10 14:50 - 2016-04-10 14:46 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2016-04-10 14:50 - 2016-04-10 14:46 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2016-04-10 14:50 - 2016-04-10 14:46 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2016-04-10 14:50 - 2016-04-10 14:46 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2016-04-10 14:50 - 2016-04-10 14:46 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2016-04-10 14:49 - 2016-04-19 00:31 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-10 14:49 - 2016-04-18 23:05 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-10 14:49 - 2016-04-16 12:20 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-04-10 14:49 - 2016-04-16 11:37 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-04-10 14:49 - 2016-04-16 11:37 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-04-10 14:49 - 2016-04-16 11:35 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-04-10 14:49 - 2016-04-16 11:28 - 00000000 ____D C:\WINDOWS\registration
2016-04-10 14:49 - 2016-04-15 15:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-10 14:49 - 2016-04-15 04:09 - 00000000 ____D C:\WINDOWS\rescache
2016-04-10 14:49 - 2016-04-15 03:34 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-10 14:49 - 2016-04-15 03:34 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-10 14:49 - 2016-04-15 03:34 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-10 14:49 - 2016-04-15 03:34 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-10 14:49 - 2016-04-12 00:02 - 00000000 ____D C:\WINDOWS\appcompat
2016-04-10 14:49 - 2016-04-10 15:09 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-04-10 14:49 - 2016-04-10 15:02 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-04-10 14:49 - 2016-04-10 15:02 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-04-10 14:49 - 2016-04-10 15:00 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-04-10 14:49 - 2016-04-10 15:00 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-04-10 14:49 - 2016-04-10 15:00 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-04-10 14:49 - 2016-04-10 15:00 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-04-10 14:49 - 2016-04-10 15:00 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-04-10 14:49 - 2016-04-10 15:00 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-04-10 14:49 - 2016-04-10 15:00 - 00000000 ____D C:\Program Files\Windows Defender
2016-04-10 14:49 - 2016-04-10 15:00 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-04-10 14:49 - 2016-04-10 15:00 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-04-10 14:49 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-04-10 14:49 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-04-10 14:49 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2016-04-10 14:49 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\system32\setup
2016-04-10 14:49 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\system32\Com
2016-04-10 14:49 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\IME
2016-04-10 14:49 - 2016-04-10 14:56 - 00000000 ____D C:\WINDOWS\Help
2016-04-10 14:49 - 2016-04-10 14:56 - 00000000 ____D C:\Program Files\Common Files\System
2016-04-10 14:49 - 2016-04-10 14:56 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-04-10 14:49 - 2016-04-10 14:50 - 00000000 ____D C:\WINDOWS\system32\ias
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\Web
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\Vss
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\tracing
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\TAPI
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SystemResources
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SystemApps
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\spool
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\ras
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\IME
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\downlevel
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\System
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SKB
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\ShellNew
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\security
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\schemas
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\SchCache
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\Resources
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\RemotePackages
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\PLA
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\Performance
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\InputMethod
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\Globalization
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\Cursors
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\Branding
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\addins
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\Program Files\Windows NT
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\Program Files\Common Files\Services
2016-04-10 14:49 - 2016-04-10 14:49 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-04-10 14:49 - 2016-04-10 14:46 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2016-04-10 14:49 - 2016-04-10 14:46 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2016-04-10 14:49 - 2016-04-10 14:46 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services
2016-04-10 14:49 - 2016-04-10 14:46 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-04-10 14:49 - 2016-04-10 14:46 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2016-04-10 14:49 - 2016-04-10 14:46 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2016-04-10 14:49 - 2016-04-10 14:46 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2016-04-10 14:49 - 2016-04-10 14:46 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2016-04-10 14:49 - 2016-04-10 14:46 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2016-04-10 14:49 - 2016-04-10 14:46 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2016-04-10 14:49 - 2016-04-10 14:46 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2016-04-10 14:49 - 2016-04-10 14:46 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config
2016-04-10 14:49 - 2016-04-10 14:45 - 00000219 _____ C:\WINDOWS\system.ini
2016-04-10 14:49 - 2016-04-10 14:45 - 00000092 _____ C:\WINDOWS\win.ini
2016-04-10 14:49 - 2016-04-10 14:45 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-04-10 14:49 - 2016-04-10 14:44 - 00000000 __RSD C:\WINDOWS\Media
2016-04-10 14:49 - 2016-04-10 14:44 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-04-10 14:49 - 2016-04-10 14:44 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-04-10 14:49 - 2016-04-10 14:44 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-04-10 14:49 - 2016-04-10 14:44 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-04-10 14:49 - 2016-04-10 14:44 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-04-10 14:49 - 2016-04-10 14:44 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-04-10 14:49 - 2016-04-10 14:44 - 00000000 ____D C:\WINDOWS\Provisioning
2016-04-10 14:49 - 2016-04-10 14:44 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-04-10 14:49 - 2016-04-10 14:44 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-04-10 14:49 - 2016-04-10 14:43 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-04-10 14:49 - 2016-04-10 14:43 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-04-10 14:49 - 2016-04-10 14:43 - 00000000 ____D C:\Program Files\Windows Journal
2016-04-10 14:49 - 2016-04-10 06:55 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-04-10 14:49 - 2016-04-10 06:38 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-04-10 14:49 - 2016-04-10 06:38 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-04-10 14:49 - 2016-04-10 05:27 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-04-10 14:49 - 2016-04-10 05:26 - 00000000 __RHD C:\Users\Public\Libraries
2016-04-10 14:49 - 2016-04-10 05:23 - 00000000 ____D C:\WINDOWS\CSC
2016-04-10 14:49 - 2016-04-10 05:22 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-04-10 14:47 - 2016-04-19 00:37 - 00000000 ____D C:\WINDOWS\INF
2016-04-10 14:32 - 2016-04-18 23:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-10 14:19 - 2016-04-10 14:19 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Macromedia
2016-04-10 14:17 - 2016-04-10 14:17 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\MicrosoftEdge
2016-04-10 14:16 - 2016-04-19 00:30 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-04-10 14:16 - 2016-04-10 15:00 - 00000000 ____D C:\WINDOWS\servicing
2016-04-10 14:16 - 2016-04-10 14:49 - 00000000 ____D C:\WINDOWS\system32\SMI
2016-04-10 14:16 - 2016-04-10 05:18 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-04-10 14:16 - 2015-10-30 08:33 - 00000164 _____ C:\WINDOWS\system32\config\FP
2016-04-10 12:57 - 2016-04-10 12:57 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2016-04-10 12:55 - 2016-04-10 12:55 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-04-10 12:55 - 2016-04-10 12:55 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-04-10 08:44 - 2016-04-14 01:45 - 00453280 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-10 08:41 - 2016-04-19 00:38 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-10 08:41 - 2016-04-19 00:38 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-10 07:07 - 2016-04-10 07:07 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\Comms
2016-04-10 06:57 - 2016-04-10 06:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-04-10 06:57 - 2016-04-10 06:57 - 00000000 ____D C:\ProgramData\AMD
2016-04-10 06:57 - 2016-04-10 06:57 - 00000000 ____D C:\Program Files\ATI Technologies
2016-04-10 06:56 - 2016-04-10 06:57 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-04-10 06:55 - 2016-04-10 06:55 - 00000000 ____D C:\Program Files\AMD
2016-04-10 06:55 - 2016-04-10 06:55 - 00000000 ____D C:\AMD
2016-04-10 06:55 - 2016-04-10 06:55 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2016-04-10 06:41 - 2016-04-16 12:22 - 00002401 _____ C:\Users\Raik-Raiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-10 06:39 - 2016-04-10 06:39 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\ActiveSync
2016-04-10 06:38 - 2016-04-10 06:38 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\Publishers
2016-04-10 06:37 - 2016-04-18 22:50 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\Packages
2016-04-10 06:37 - 2016-04-10 06:37 - 00000020 ___SH C:\Users\Raik-Raiker\ntuser.ini
2016-04-10 06:37 - 2016-04-10 06:37 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Roaming\Adobe
2016-04-10 06:37 - 2016-04-10 06:37 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\VirtualStore
2016-04-10 06:37 - 2016-04-10 06:37 - 00000000 ____D C:\Users\Raik-Raiker\AppData\Local\TileDataLayer
2016-04-10 05:31 - 2016-04-19 00:37 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-10 05:28 - 2016-04-10 05:28 - 00000000 _SHDL C:\Users\Default\My Documents
2016-04-10 05:28 - 2016-04-10 05:28 - 00000000 _SHDL C:\Users\Default\Documents\My Videos
2016-04-10 05:28 - 2016-04-10 05:28 - 00000000 _SHDL C:\Users\Default\Documents\My Pictures
2016-04-10 05:28 - 2016-04-10 05:28 - 00000000 _SHDL C:\Users\Default\Documents\My Music
2016-04-10 05:28 - 2016-04-10 05:28 - 00000000 _SHDL C:\Users\Default User\Documents\My Videos
2016-04-10 05:28 - 2016-04-10 05:28 - 00000000 _SHDL C:\Users\Default User\Documents\My Pictures
2016-04-10 05:28 - 2016-04-10 05:28 - 00000000 _SHDL C:\Users\Default User\Documents\My Music
2016-04-10 05:28 - 2016-04-10 05:28 - 00000000 _SHDL C:\Users\Default User
2016-04-10 05:28 - 2016-04-10 05:28 - 00000000 _SHDL C:\Users\All Users
2016-04-10 05:25 - 2016-04-18 23:22 - 00000000 ____D C:\Users\Raik-Raiker
2016-04-10 05:25 - 2016-04-10 05:25 - 00000000 _SHDL C:\Users\Raik-Raiker\My Documents
2016-04-10 05:25 - 2016-04-10 05:25 - 00000000 _SHDL C:\Users\Raik-Raiker\Documents\My Videos
2016-04-10 05:25 - 2016-04-10 05:25 - 00000000 _SHDL C:\Users\Raik-Raiker\Documents\My Pictures
2016-04-10 05:25 - 2016-04-10 05:25 - 00000000 _SHDL C:\Users\Raik-Raiker\Documents\My Music
2016-04-10 05:18 - 2016-04-10 05:18 - 00000000 ____D C:\Program Files\Common Files\Atheros
2016-04-10 05:15 - 2015-10-30 09:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-04-10 05:12 - 2016-04-19 00:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-10 05:12 - 2016-04-10 05:12 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-04-10 05:11 - 2016-04-15 03:37 - 00194272 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-10 04:13 - 2016-04-10 06:44 - 00000000 ___HD C:\$SysReset
2016-04-10 03:47 - 2016-04-10 03:47 - 00000000 ____D C:\AdwCleaner
2016-04-10 01:56 - 2016-04-10 01:56 - 00000000 _____ C:\autoexec.bat
2016-04-09 09:27 - 2016-04-16 12:15 - 00000000 ____D C:\Users\Raik-Raiker\AppData\LocalLow\Company
2016-04-09 09:27 - 2016-04-09 09:27 - 00000000 ____D C:\uninst
2016-04-07 03:39 - 2016-04-07 03:48 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-03-25 09:20 - 2016-04-09 11:27 - 00000000 ___RD C:\Users\Raik-Raiker\Documents\Galaxy Note 4 Root

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-16 12:22 - 2015-10-30 09:19 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
2016-04-16 12:22 - 2015-10-30 09:19 - 00002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk
2016-04-16 12:22 - 2015-10-30 09:19 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk
2016-04-16 12:22 - 2015-10-30 09:18 - 00001590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
2016-04-16 12:22 - 2015-10-30 09:18 - 00000853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2016-04-16 12:22 - 2015-10-30 09:17 - 00002325 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk
2016-04-16 11:37 - 2016-02-10 23:42 - 00000000 ____D C:\VSTPlugIns
2016-04-14 21:41 - 2015-12-31 01:38 - 00000000 ____D C:\temp
2016-04-14 06:14 - 2016-02-20 04:58 - 00000000 ___RD C:\Users\Raik-Raiker\Desktop\TheDarkness Pattern Project
2016-04-10 23:20 - 2016-01-01 17:02 - 00000000 ____D C:\Users\Raik-Raiker\Documents\Mega Drums Pack [MIDI]
2016-04-10 20:17 - 2016-01-04 04:04 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-04-09 12:34 - 2016-01-19 16:40 - 00000000 ____D C:\Users\Raik-Raiker\Documents\JDownloader
2016-04-09 11:27 - 2016-03-14 00:41 - 00000000 ___RD C:\Users\Raik-Raiker\Documents\Passwortliste_01_01_2016
2016-04-09 11:21 - 2016-01-28 10:15 - 00000000 ____D C:\Users\Raik-Raiker\Documents\Selected Drum Banks For Superior & EZ Drummer
2016-04-03 11:12 - 2016-03-17 11:43 - 00000000 ____D C:\Users\Raik-Raiker\.oracle_jre_usage

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-04-10 05:11

==================== End of FRST.txt ============================

--- --- ---

cosinus · 19.04.2016, 00:10

Zitat:

Platform: Windows 10 Enterprise Version

Oh geil, hast du einen Volumenlizenzvertrag mit Microsoft?

Raiker · 19.04.2016, 00:18

ich bin mal ehrlich und sag nein..

cosinus · 19.04.2016, 08:22

Und woher hast du die Enterprise Edition von Windows 10?

Raiker · 19.04.2016, 08:24

von einem Freund

cosinus · 19.04.2016, 08:32

mit anderen Worten: gecrackter/illegaler Mist

Besorg dir ein legales Windows 10. Es reicht schon wenn aus, wenn du einen Windows-7-Key hast, mit dem kannst du ein neu installiertes Windows 10 aktivieren.

Download da => https://www.microsoft.com/de-de/soft...d/windows10ISO

19.04.2016, 08:22	#7
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Systemauslastung nach Malware Bereinigung ohne mein zutun über 50 % !!!!! Und woher hast du die Enterprise Edition von Windows 10? __________________ Logfiles bitte immer in CODE-Tags posten

Systemauslastung nach Malware Bereinigung ohne mein zutun über 50 % !!!!!

Log-Analyse und Auswertung: Systemauslastung nach Malware Bereinigung ohne mein zutun über 50 % !!!!!