Mario773 | 01.01.2018 18:30 | Code:
DRV:64bit: - [2017.03.18 21:56:25 | 001,135,512 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2017.03.18 21:56:25 | 000,842,656 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:64bit: - [2017.03.18 21:56:25 | 000,526,240 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:64bit: - [2017.03.18 21:56:25 | 000,347,032 | ---- | M] (Chelsio Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cht4sx64.sys -- (cht4iscsi)
DRV:64bit: - [2017.03.18 21:56:25 | 000,305,568 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2017.03.18 21:56:25 | 000,259,488 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2017.03.18 21:56:25 | 000,123,808 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:64bit: - [2017.03.18 21:56:25 | 000,122,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:64bit: - [2017.03.18 21:56:25 | 000,108,960 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:64bit: - [2017.03.18 21:56:25 | 000,107,424 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2017.03.18 21:56:25 | 000,103,328 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:64bit: - [2017.03.18 21:56:25 | 000,083,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2017.03.18 21:56:25 | 000,082,848 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2017.03.18 21:56:25 | 000,064,920 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:64bit: - [2017.03.18 21:56:25 | 000,064,416 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2017.03.18 21:56:25 | 000,064,416 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\MegaSas2i.sys -- (megasas2i)
DRV:64bit: - [2017.03.18 21:56:25 | 000,063,904 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2017.03.18 21:56:25 | 000,061,848 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:64bit: - [2017.03.18 21:56:25 | 000,058,784 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:64bit: - [2017.03.18 21:56:25 | 000,032,160 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:64bit: - [2017.03.18 21:56:25 | 000,031,136 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2017.03.18 21:56:25 | 000,027,040 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2017.03.18 21:56:25 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AcpiDev.sys -- (AcpiDev)
DRV:64bit: - [2017.03.18 21:56:25 | 000,009,728 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2017.03.18 21:56:23 | 003,419,040 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2017.03.18 21:56:23 | 000,533,920 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2017.03.18 21:56:23 | 000,074,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2017.03.18 21:56:23 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2017.03.18 21:56:19 | 000,119,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2017.03.18 21:56:19 | 000,113,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2017.03.18 21:56:19 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2017.03.18 21:56:19 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2017.03.18 21:56:19 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2017.03.06 10:39:41 | 000,101,376 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdWT6.sys -- (AtiHDAudioService)
DRV:64bit: - [2017.03.06 10:39:40 | 000,255,368 | ---- | M] (Advanced Micro Devices, Inc. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdpsp.sys -- (amdpsp)
DRV:64bit: - [2017.03.06 10:39:40 | 000,100,744 | ---- | M] (Advanced Micro Devices, Inc. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdkmcsp.sys -- (amdkmcsp)
DRV:64bit: - [2017.02.22 11:33:32 | 000,419,296 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUer.sys -- (RTSUER)
DRV:64bit: - [2017.01.20 13:22:24 | 000,044,768 | ---- | M] (AO Kaspersky Lab) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\klpnpflt.sys -- (klpnpflt)
DRV:64bit: - [2016.12.26 20:27:10 | 000,247,008 | ---- | M] (AO Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cm_km.sys -- (cm_km)
DRV:64bit: - [2016.12.23 09:20:56 | 000,057,056 | ---- | M] (AO Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:64bit: - [2016.12.20 17:51:06 | 000,093,920 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klwfp.sys -- (klwfp)
DRV:64bit: - [2016.12.07 09:30:58 | 000,058,592 | ---- | M] (AO Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2016.10.14 02:44:02 | 000,029,816 | ---- | M] (AO Kaspersky Lab) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\klelam.sys -- (klelam)
DRV:64bit: - [2016.10.12 12:29:22 | 000,057,424 | ---- | M] (AO Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2016.10.01 02:26:00 | 000,554,408 | ---- | M] (AO Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2016.06.07 01:31:06 | 000,052,152 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kltap.sys -- (kltap)
DRV:64bit: - [2016.05.31 23:24:06 | 000,078,216 | ---- | M] (AO Kaspersky Lab) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\kldisk.sys -- (kldisk)
DRV:64bit: - [2016.04.21 10:10:04 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2016.03.10 14:09:10 | 000,065,408 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2016.03.10 14:08:54 | 000,027,008 | ---- | M] (Malwarebytes) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.03.01 02:49:12 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV - [2017.12.25 16:34:15 | 000,190,832 | ---- | M] (AO Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\ProgramData\Kaspersky Lab\AVP18.0.0\Bases\klids.sys -- (klids)
DRV - [2017.12.13 16:43:32 | 000,028,160 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\ExpressVpn SplitTunnel Driver\driver\expressvpnsplittunnel.sys -- (expressvpnsplittunnel)
DRV - [2017.04.06 14:42:46 | 032,656,792 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\windows\System32\DriverStore\FileRepository\c0311397.inf_amd64_bbc78e3fab18ca3b\atikmdag.sys -- (amdkmdag)
DRV - [2017.04.06 14:42:46 | 000,525,208 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\windows\System32\DriverStore\FileRepository\c0311397.inf_amd64_bbc78e3fab18ca3b\atikmpag.sys -- (amdkmdap)
DRV - [2017.03.18 21:56:19 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys -- (CompositeBus)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=PRHPC1&src=IE11TR&pc=HCTE
IE:64bit: - HKLM\..\SearchScopes\{64344A08-283C-47E9-86F3-006E5D6C6620}: "URL" = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=PRHPC1&src=IE11TR&pc=HCTE
IE - HKLM\..\SearchScopes\{64344A08-283C-47E9-86F3-006E5D6C6620}: "URL" = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=PRHPC1&src=IE11TR&pc=HCTE
IE - HKCU\..\SearchScopes\{64344A08-283C-47E9-86F3-006E5D6C6620}: "URL" = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "DE"
FF - prefs.js..browser.search.region: "DE"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com: C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 18.0.0\FFEXT\LIGHT_PLUGIN_FIREFOX\ADDON.XPI [2017.12.25 16:52:02 | 000,169,071 | ---- | M] ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 57.0.3\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 57.0.3\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2017.12.25 16:52:02 | 000,169,071 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 57.0.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 57.0.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2017.12.20 22:25:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kristian\AppData\Roaming\mozilla\Extensions
[2017.12.20 22:25:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kristian\AppData\Roaming\mozilla\SystemExtensionsDev
[2017.12.25 16:48:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kristian\AppData\Roaming\mozilla\Firefox\Profiles\cactd8yr.default\browser-extension-data
[2017.12.30 18:06:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kristian\AppData\Roaming\mozilla\Firefox\Profiles\cactd8yr.default\browser-extension-data\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2017.12.25 16:48:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kristian\AppData\Roaming\mozilla\Firefox\Profiles\cactd8yr.default\browser-extension-data\light_plugin_448EC0843447455C9DA355B3C2811D6A@kaspersky.com
[2017.12.20 22:26:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kristian\AppData\Roaming\mozilla\Firefox\Profiles\cactd8yr.default\browser-extension-data\screenshots@mozilla.org
[2017.12.25 16:13:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kristian\AppData\Roaming\mozilla\Firefox\Profiles\cactd8yr.default\extensions
[2017.12.25 16:13:05 | 001,588,091 | ---- | M] () (No name found) -- C:\Users\Kristian\AppData\Roaming\mozilla\firefox\profiles\cactd8yr.default\extensions\https-everywhere-eff@eff.org.xpi
[2017.12.25 16:12:41 | 001,044,671 | ---- | M] () (No name found) -- C:\Users\Kristian\AppData\Roaming\mozilla\firefox\profiles\cactd8yr.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2017.12.20 22:34:32 | 000,005,507 | ---- | M] () (No name found) -- C:\Users\Kristian\AppData\Roaming\mozilla\firefox\profiles\cactd8yr.default\features\{79e5f1e4-4f06-414a-9d21-d03e5ee06ab7}\disable-media-wmf-nv12@mozilla.org.xpi
[2017.12.30 14:43:12 | 000,005,507 | ---- | M] () (No name found) -- C:\Users\Kristian\AppData\Roaming\mozilla\firefox\profiles\cactd8yr.default\features\{7d55bf52-e503-4b30-baae-8bd24bfeec56}\disable-media-wmf-nv12@mozilla.org.xpi
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Kristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
CHR - Extension: No name found = C:\Users\Kristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Kristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Kristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.13.4_0\
CHR - Extension: No name found = C:\Users\Kristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\Kristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk\5.1.93.0_0\
CHR - Extension: No name found = C:\Users\Kristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb\1.5.4_0\
CHR - Extension: No name found = C:\Users\Kristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb\1.5.4_0\.orig
CHR - Extension: No name found = C:\Users\Kristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\
CHR - Extension: No name found = C:\Users\Kristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Kristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6317.1002.0.5_0\
O1 HOSTS File: ([2017.03.18 22:01:13 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (HP Inc.)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (HP Inc.)
O4:64bit: - HKLM..\Run: [BtServer] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe (Realtek Semiconductor Corporation)
O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Programme\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe (HP Inc.)
O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKCU..\Run: [BitTorrent] C:\Users\Kristian\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [CyberGhost] "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min File not found
O4 - HKCU..\Run: [ExpressVPN4] C:\Program Files (x86)\ExpressVPN\xvpn-ui\ExpressVpn.exe (ExpressVPN)
O4 - HKCU..\Run: [icq.desktop] C:\Users\Kristian\AppData\Roaming\ICQ\bin\icq.exe ()
O4 - HKCU..\Run: [OneDrive] C:\Users\Kristian\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Kristian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk = C:\Users\Kristian\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 24
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 File not found
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (HP Inc.)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (HP Inc.)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (HP Inc.)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (HP Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000014 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000015 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000015 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4656e31f-e2b8-4d4f-8e4f-f04c3b35f9b5}: DhcpNameServer = 10.165.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48c38849-b09b-47c1-a931-90252c66aba8}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{a994e60e-03ab-443e-8d71-9c2822ad0c24}: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{adc45c24-9647-409f-80f7-1f26b40030c8}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{eb4e6593-558b-4109-8217-74d1989e4d6e}: DhcpNameServer = 172.20.10.1
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2017.09.27 17:29:49 | 000,000,128 | ---- | M] () - G:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{5a7f20f1-ec13-11e7-995c-168811c37529}\Shell - "" = AutoRun
O33 - MountPoints2\{5a7f20f1-ec13-11e7-995c-168811c37529}\Shell\AutoRun\command - "" = "H:\setup.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2018.01.01 17:01:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CloseAll
[2018.01.01 17:00:59 | 000,000,000 | ---D | C] -- C:\Program Files\CloseAll
[2017.12.31 17:46:20 | 000,000,000 | ---D | C] -- C:\Users\Kristian\Desktop\Neuer Ordner (3)
[2017.12.31 15:24:39 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\Notepad++
[2017.12.31 15:24:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2017.12.31 15:24:35 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\Notepad++
[2017.12.31 15:24:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2017.12.30 14:59:10 | 000,000,000 | ---D | C] -- C:\Users\Kristian\Desktop\Neuer Ordner (2)
[2017.12.30 14:39:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pioneer
[2017.12.30 14:39:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pioneer
[2017.12.30 13:59:10 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\Serato
[2017.12.30 13:56:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serato
[2017.12.30 13:56:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Serato
[2017.12.30 13:54:47 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\Windows
[2017.12.30 13:54:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\{03135366-5966-4D7D-962A-24A1F6B4D4CD}
[2017.12.30 13:54:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serato DJ
[2017.12.30 13:54:06 | 000,000,000 | ---D | C] -- C:\Program Files\Serato DJ
[2017.12.30 13:54:04 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\IIIQF
[2017.12.30 13:48:38 | 000,000,000 | ---D | C] -- C:\Users\Kristian\Documents\Arduino
[2017.12.30 13:48:35 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\Arduino15
[2017.12.30 13:48:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2017.12.30 13:42:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Arduino
[2017.12.28 23:09:10 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~BT
[2017.12.28 22:46:43 | 000,000,000 | ---D | C] -- C:\ESD
[2017.12.28 22:45:14 | 000,000,000 | -H-D | C] -- C:\$Windows.~WS
[2017.12.28 20:13:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetCutDefender
[2017.12.28 20:05:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arcai.com
[2017.12.28 20:05:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\netcut
[2017.12.26 21:53:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Steam
[2017.12.26 19:44:17 | 000,192,216 | ---- | C] (Malwarebytes) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2017.12.26 19:43:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2017.12.26 19:43:35 | 000,140,672 | ---- | C] (Malwarebytes) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2017.12.26 19:43:35 | 000,065,408 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2017.12.26 19:43:35 | 000,027,008 | ---- | C] (Malwarebytes) -- C:\windows\SysNative\drivers\mbam.sys
[2017.12.26 19:12:43 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\speech
[2017.12.26 19:12:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killing Floor
[2017.12.26 19:03:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\killingfloor
[2017.12.26 18:55:39 | 000,000,000 | ---D | C] -- C:\Users\Kristian\Desktop\Spiele
[2017.12.26 18:44:00 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\ATI
[2017.12.26 18:44:00 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\ATI
[2017.12.26 18:44:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2017.12.26 18:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
[2017.12.26 18:39:21 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\RadeonInstaller
[2017.12.26 18:35:39 | 000,000,000 | ---D | C] -- C:\AMD
[2017.12.26 18:07:09 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2017.12.26 18:06:46 | 000,000,000 | ---D | C] -- C:\ProgramData\MB2Migration
[2017.12.26 17:20:48 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\CrashDumps
[2017.12.26 15:23:05 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
[2017.12.26 15:23:05 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\ICQ
[2017.12.26 15:22:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Technitium MAC Address Changer v6
[2017.12.26 15:22:39 | 000,224,016 | R-S- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TABCTL32.OCX
[2017.12.26 15:22:38 | 001,010,720 | R-S- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSCHRT20.OCX
[2017.12.26 15:22:37 | 000,140,488 | R-S- | C] (Microsoft Corporation) -- C:\windows\SysWow64\COMDLG32.OCX
[2017.12.26 15:22:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Technitium
[2017.12.26 15:22:31 | 001,070,232 | R-S- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSCOMCTL.OCX
[2017.12.26 15:21:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pidgin
[2017.12.26 15:04:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Year Walk
[2017.12.26 14:44:54 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2017.12.26 14:08:16 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2017.12.26 14:08:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
[2017.12.26 14:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\RogueKiller
[2017.12.25 21:06:35 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
[2017.12.25 20:59:40 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\Microsoft Help
[2017.12.25 20:59:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2017.12.25 20:57:16 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2017.12.25 20:55:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Logs
[2017.12.25 20:55:55 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2017.12.25 20:55:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2017.12.25 20:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office Tab
[2017.12.25 20:54:19 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Office Tab
[2017.12.25 20:54:19 | 000,000,000 | ---D | C] -- C:\Program Files\Detong
[2017.12.25 18:25:57 | 000,000,000 | ---D | C] -- C:\Users\Kristian\Desktop\Neuer Ordner
[2017.12.25 17:58:58 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\KeePass
[2017.12.25 17:33:21 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\IsolatedStorage
[2017.12.25 17:33:08 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\ExpressVPN
[2017.12.25 17:32:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExpressVPN
[2017.12.25 17:32:23 | 000,000,000 | ---D | C] -- C:\ProgramData\ExpressVPN
[2017.12.25 17:32:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ExpressVPN
[2017.12.25 17:32:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ExpressVpn Tap Driver Win10
[2017.12.25 17:32:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ExpressVpn SplitTunnel Driver
[2017.12.25 16:44:11 | 000,253,192 | ---- | C] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klupd_klif_klark.sys
[2017.12.25 16:34:10 | 000,107,680 | ---- | C] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klupd_klif_klbg.sys
[2017.12.25 16:34:09 | 000,230,312 | ---- | C] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klupd_klif_arkmon.sys
[2017.12.25 16:34:08 | 000,173,664 | ---- | C] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klupd_klif_mark.sys
[2017.12.25 16:34:08 | 000,087,584 | ---- | C] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klupd_klif_kimul.sys
[2017.12.25 16:33:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
[2017.12.25 16:32:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV
[2017.12.25 16:32:39 | 000,110,176 | ---- | C] (Kaspersky Lab ZAO) -- C:\windows\SysNative\klfphc.dll
[2017.12.25 16:32:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2017.12.25 16:32:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2017.12.25 16:31:53 | 001,055,424 | ---- | C] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klif.sys
[2017.12.25 16:31:53 | 000,594,144 | ---- | C] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klhk.sys
[2017.12.25 16:31:53 | 000,207,576 | ---- | C] (AO Kaspersky Lab) -- C:\windows\SysNative\drivers\klflt.sys
[2017.12.25 16:31:53 | 000,149,304 | ---- | C] (AO Kaspersky Lab) -- C:\windows\SysNative\klhkum.dll
[2017.12.25 16:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2017.12.25 13:51:43 | 000,000,000 | --SD | C] -- C:\windows\UpdateAssistantV2
[2017.12.24 23:18:38 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\Wireshark
[2017.12.24 21:13:14 | 000,000,000 | ---D | C] -- C:\Users\Kristian\Documents\Bioshock
[2017.12.24 21:13:14 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\Bioshock
[2017.12.24 20:34:52 | 000,000,000 | ---D | C] -- C:\Program Files\USBPcap
[2017.12.24 20:34:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2017.12.24 20:34:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2017.12.24 20:24:43 | 000,000,000 | ---D | C] -- C:\Program Files\Wireshark
[2017.12.23 22:04:19 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\Diagnostics
[2017.12.23 19:12:52 | 000,000,000 | ---D | C] -- C:\Users\Kristian\Documents\Virtual Machines
[2017.12.23 19:11:57 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\VMware
[2017.12.23 19:11:53 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\VMware
[2017.12.23 18:07:32 | 000,084,768 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\windows\SysNative\drivers\cgnetfilter1521.sys
[2017.12.23 18:07:04 | 000,000,000 | ---D | C] -- C:\Program Files\CyberGhost 6
[2017.12.22 22:03:58 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\Hewlett-Packard
[2017.12.22 20:02:09 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\hpqLog
[2017.12.21 22:28:13 | 000,091,712 | ---- | C] (VMware, Inc.) -- C:\windows\SysNative\drivers\vsock.sys
[2017.12.21 22:28:13 | 000,069,104 | ---- | C] (VMware, Inc.) -- C:\windows\SysNative\vsocklib.dll
[2017.12.21 22:28:13 | 000,065,016 | ---- | C] (VMware, Inc.) -- C:\windows\SysWow64\vsocklib.dll
[2017.12.21 22:28:09 | 000,095,704 | ---- | C] (VMware, Inc.) -- C:\windows\SysNative\drivers\vmx86.sys
[2017.12.21 22:27:48 | 000,367,080 | ---- | C] (VMware, Inc.) -- C:\windows\SysWow64\vmnetdhcp.exe
[2017.12.21 22:27:40 | 000,402,408 | ---- | C] (VMware, Inc.) -- C:\windows\SysWow64\vmnat.exe
[2017.12.21 22:27:39 | 000,134,104 | ---- | C] (VMware, Inc.) -- C:\windows\SysNative\vnetinst.dll
[2017.12.21 22:27:39 | 000,043,992 | ---- | C] (VMware, Inc.) -- C:\windows\SysNative\drivers\vmnetuserif.sys
[2017.12.21 22:27:33 | 001,134,056 | ---- | C] (VMware, Inc.) -- C:\windows\SysNative\vnetlib64.dll
[2017.12.21 22:27:02 | 000,083,008 | ---- | C] (VMware, Inc.) -- C:\windows\SysNative\drivers\hcmon.sys
[2017.12.21 22:27:02 | 000,000,000 | ---D | C] -- C:\windows\SysNative\DRVSTORE
[2017.12.21 22:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
[2017.12.21 22:26:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ThinPrint
[2017.12.21 22:26:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
[2017.12.21 22:26:21 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2017.12.21 22:26:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VMware
[2017.12.21 22:24:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VMware
[2017.12.21 22:10:29 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_7.dll
[2017.12.21 22:10:29 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_7.dll
[2017.12.21 22:10:29 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_5.dll
[2017.12.21 22:10:29 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_5.dll
[2017.12.21 22:10:28 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_7.dll
[2017.12.21 22:10:28 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_7.dll
[2017.12.21 22:10:27 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_43.dll
[2017.12.21 22:10:27 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_43.dll
[2017.12.21 22:10:27 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dcsx_43.dll
[2017.12.21 22:10:27 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dcsx_43.dll
[2017.12.21 22:10:26 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_43.dll
[2017.12.21 22:10:26 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_43.dll
[2017.12.21 22:10:26 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx11_43.dll
[2017.12.21 22:10:26 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx11_43.dll
[2017.12.21 22:10:25 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_43.dll
[2017.12.21 22:10:25 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_43.dll
[2017.12.21 22:10:25 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_6.dll
[2017.12.21 22:10:25 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_6.dll
[2017.12.21 22:10:25 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_4.dll
[2017.12.21 22:10:25 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_4.dll
[2017.12.21 22:10:24 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_6.dll
[2017.12.21 22:10:24 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_6.dll
[2017.12.21 22:10:24 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_7.dll
[2017.12.21 22:10:24 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_7.dll
[2017.12.21 22:10:23 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_5.dll
[2017.12.21 22:10:23 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_5.dll
[2017.12.21 22:10:22 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_42.dll
[2017.12.21 22:10:22 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_42.dll
[2017.12.21 22:10:22 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_5.dll
[2017.12.21 22:10:22 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_5.dll
[2017.12.21 22:10:21 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dcsx_42.dll
[2017.12.21 22:10:21 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dcsx_42.dll
[2017.12.21 22:10:20 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx11_42.dll
[2017.12.21 22:10:20 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx11_42.dll
[2017.12.21 22:10:19 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_42.dll
[2017.12.21 22:10:19 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_42.dll
[2017.12.21 22:10:19 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_42.dll
[2017.12.21 22:10:19 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_42.dll
[2017.12.21 22:10:18 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_41.dll
[2017.12.21 22:10:18 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_41.dll
[2017.12.21 22:10:18 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_41.dll
[2017.12.21 22:10:18 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_41.dll
[2017.12.21 22:10:17 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_41.dll
[2017.12.21 22:10:17 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_41.dll
[2017.12.21 22:10:16 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_4.dll
[2017.12.21 22:10:16 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_4.dll
[2017.12.21 22:10:16 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_3.dll
[2017.12.21 22:10:16 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_3.dll
[2017.12.21 22:10:15 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_4.dll
[2017.12.21 22:10:15 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_4.dll
[2017.12.21 22:10:15 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_6.dll
[2017.12.21 22:10:15 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_6.dll
[2017.12.21 22:10:14 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_40.dll
[2017.12.21 22:10:14 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_40.dll
[2017.12.21 22:10:14 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_40.dll
[2017.12.21 22:10:14 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_40.dll
[2017.12.21 22:10:14 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_40.dll
[2017.12.21 22:10:14 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_40.dll
[2017.12.21 22:10:13 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_3.dll
[2017.12.21 22:10:13 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_3.dll
[2017.12.21 22:10:13 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_2.dll
[2017.12.21 22:10:13 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_2.dll
[2017.12.21 22:10:12 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_3.dll
[2017.12.21 22:10:12 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_3.dll
[2017.12.21 22:10:11 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_5.dll
[2017.12.21 22:10:11 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_5.dll
[2017.12.21 22:10:10 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_2.dll
[2017.12.21 22:10:10 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_2.dll
[2017.12.21 22:10:10 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_1.dll
[2017.12.21 22:10:10 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_1.dll
[2017.12.21 22:10:09 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_2.dll
[2017.12.21 22:10:09 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_2.dll
[2017.12.21 22:10:08 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_39.dll
[2017.12.21 22:10:08 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_39.dll
[2017.12.21 22:10:08 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_39.dll
[2017.12.21 22:10:08 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_39.dll
[2017.12.21 22:10:07 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_39.dll
[2017.12.21 22:10:07 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_39.dll
[2017.12.21 22:10:06 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_1.dll
[2017.12.21 22:10:06 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_1.dll
[2017.12.21 22:10:06 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_0.dll
[2017.12.21 22:10:06 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_0.dll
[2017.12.21 22:10:05 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_1.dll
[2017.12.21 22:10:05 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_1.dll
[2017.12.21 22:10:05 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_4.dll
[2017.12.21 22:10:05 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_4.dll
[2017.12.21 22:10:04 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_38.dll
[2017.12.21 22:10:04 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_38.dll
[2017.12.21 22:10:04 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_38.dll
[2017.12.21 22:10:04 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_38.dll
[2017.12.21 22:10:03 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_38.dll
[2017.12.21 22:10:03 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_38.dll
[2017.12.21 22:10:02 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_0.dll
[2017.12.21 22:10:02 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_0.dll
[2017.12.21 22:10:01 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine3_0.dll
[2017.12.21 22:10:01 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine3_0.dll
[2017.12.21 22:10:01 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_3.dll
[2017.12.21 22:10:01 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_3.dll
[2017.12.21 22:10:00 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_37.dll
[2017.12.21 22:10:00 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_37.dll
[2017.12.21 22:10:00 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_37.dll
[2017.12.21 22:10:00 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_37.dll
[2017.12.21 22:09:59 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DX9_37.dll
[2017.12.21 22:09:59 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DX9_37.dll
[2017.12.21 22:09:58 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_10.dll
[2017.12.21 22:09:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_10.dll
[2017.12.21 22:09:56 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_36.dll
[2017.12.21 22:09:56 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_36.dll
[2017.12.21 22:09:56 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_36.dll
[2017.12.21 22:09:56 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_36.dll
[2017.12.21 22:09:55 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_36.dll
[2017.12.21 22:09:55 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_36.dll
[2017.12.21 22:09:54 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_9.dll
[2017.12.21 22:09:54 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_9.dll
[2017.12.21 22:09:53 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_35.dll
[2017.12.21 22:09:53 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_35.dll
[2017.12.21 22:09:53 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_35.dll
[2017.12.21 22:09:53 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_35.dll
[2017.12.21 22:09:52 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_35.dll
[2017.12.21 22:09:52 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_35.dll
[2017.12.21 22:09:50 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_8.dll
[2017.12.21 22:09:50 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_8.dll
[2017.12.21 22:09:50 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\X3DAudio1_2.dll
[2017.12.21 22:09:50 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\X3DAudio1_2.dll
[2017.12.21 22:09:49 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_34.dll
[2017.12.21 22:09:49 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_34.dll
[2017.12.21 22:09:49 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_34.dll
[2017.12.21 22:09:49 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_34.dll
[2017.12.21 22:09:48 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_34.dll
[2017.12.21 22:09:48 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_34.dll
[2017.12.21 22:09:47 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_3.dll
[2017.12.21 22:09:47 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_3.dll
[2017.12.21 22:09:45 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_7.dll
[2017.12.21 22:09:45 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_7.dll
[2017.12.21 22:09:44 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_33.dll
[2017.12.21 22:09:44 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_33.dll
[2017.12.21 22:09:44 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10_33.dll
[2017.12.21 22:09:44 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10_33.dll
[2017.12.21 22:09:42 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_33.dll
[2017.12.21 22:09:42 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_33.dll
[2017.12.21 22:09:41 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_6.dll
[2017.12.21 22:09:41 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_6.dll
[2017.12.21 22:09:39 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_5.dll
[2017.12.21 22:09:39 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_5.dll
[2017.12.21 22:09:38 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx10.dll
[2017.12.21 22:09:38 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx10.dll
[2017.12.21 22:09:37 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_32.dll
[2017.12.21 22:09:37 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_32.dll
[2017.12.21 22:09:36 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_4.dll
[2017.12.21 22:09:36 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_4.dll
[2017.12.21 22:09:36 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_1.dll
[2017.12.21 22:09:36 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_1.dll
[2017.12.21 22:09:35 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_31.dll
[2017.12.21 22:09:35 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_31.dll
[2017.12.21 22:09:33 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_3.dll
[2017.12.21 22:09:33 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_3.dll
[2017.12.21 22:09:32 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_2.dll
[2017.12.21 22:09:32 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_2.dll
[2017.12.21 22:09:31 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_2.dll
[2017.12.21 22:09:31 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_2.dll
[2017.12.21 22:09:30 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xinput1_1.dll
[2017.12.21 22:09:30 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xinput1_1.dll
[2017.12.21 22:09:29 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_1.dll
[2017.12.21 22:09:29 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_1.dll
[2017.12.21 22:09:26 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_30.dll
[2017.12.21 22:09:26 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_30.dll
[2017.12.21 22:09:24 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\xactengine2_0.dll
[2017.12.21 22:09:24 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\xactengine2_0.dll
[2017.12.21 22:09:24 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\x3daudio1_0.dll
[2017.12.21 22:09:24 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\x3daudio1_0.dll
[2017.12.21 22:09:23 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_29.dll
[2017.12.21 22:09:23 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_28.dll
[2017.12.21 22:09:23 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_29.dll
[2017.12.21 22:09:23 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_28.dll
[2017.12.21 22:09:22 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_27.dll
[2017.12.21 22:09:22 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_27.dll
[2017.12.21 22:09:21 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_26.dll
[2017.12.21 22:09:21 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_26.dll
[2017.12.21 22:09:19 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_25.dll
[2017.12.21 22:09:19 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_25.dll
[2017.12.21 22:09:18 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx9_24.dll
[2017.12.21 22:09:18 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx9_24.dll
[2017.12.21 22:06:36 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\directx
[2017.12.21 22:06:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bioshock
[2017.12.21 21:59:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mr DJ
[2017.12.21 21:31:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\R.G. Mechanics
[2017.12.21 00:22:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2017.12.20 23:55:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeePass Password Safe 2
[2017.12.20 23:51:44 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\Mega Limited
[2017.12.20 23:51:17 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
[2017.12.20 23:50:53 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\MEGAsync
[2017.12.20 23:46:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2017.12.20 23:45:56 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\Programs
[2017.12.20 23:45:37 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\WinRAR
[2017.12.20 23:38:30 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT
[2017.12.20 23:38:11 | 133,326,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MRT-KB890830.exe
[2017.12.20 23:32:23 | 003,377,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tquery.dll
[2017.12.20 23:32:23 | 000,636,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WpcWebFilter.dll
[2017.12.20 23:32:23 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PCPKsp.dll
[2017.12.20 23:32:23 | 000,471,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TpmCoreProvisioning.dll
[2017.12.20 23:32:23 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scksp.dll
[2017.12.20 23:32:23 | 000,182,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AppxAllUserStore.dll
[2017.12.20 23:32:23 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rpchttp.dll
[2017.12.20 23:32:22 | 001,506,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2017.12.20 23:32:22 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AppXDeploymentClient.dll
[2017.12.20 23:32:22 | 000,354,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\bcryptprimitives.dll
[2017.12.20 23:32:22 | 000,308,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptngc.dll
[2017.12.20 23:32:22 | 000,175,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\basecsp.dll
[2017.12.20 23:32:22 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UserDataTimeUtil.dll
[2017.12.20 23:32:21 | 003,667,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_47.dll
[2017.12.20 23:32:21 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msIso.dll
[2017.12.20 23:32:20 | 002,782,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msftedit.dll
[2017.12.20 23:32:20 | 002,671,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tquery.dll
[2017.12.20 23:32:19 | 005,963,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Data.Pdf.dll
[2017.12.20 23:32:19 | 001,019,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aadtb.dll
[2017.12.20 23:32:18 | 002,199,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.UI.Xaml.Resources.dll
[2017.12.20 23:32:17 | 005,721,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\BingMaps.dll
[2017.12.20 23:32:16 | 002,953,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32kfull.sys
[2017.12.20 23:32:16 | 001,292,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MSVPXENC.dll
[2017.12.20 23:32:15 | 004,559,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dbgeng.dll
[2017.12.20 23:32:15 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dsreg.dll
[2017.12.20 23:32:15 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TokenBrokerUI.dll
[2017.12.20 23:32:14 | 005,808,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Media.dll
[2017.12.20 23:32:14 | 000,804,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.UI.dll
[2017.12.20 23:32:14 | 000,750,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WWAHost.exe
[2017.12.20 23:32:14 | 000,613,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wer.dll
[2017.12.20 23:32:14 | 000,583,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CoreMessaging.dll
[2017.12.20 23:32:14 | 000,559,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SettingSyncHost.exe
[2017.12.20 23:32:14 | 000,438,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.ApplicationModel.dll
[2017.12.20 23:32:14 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\werui.dll
[2017.12.20 23:32:14 | 000,283,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WerFault.exe
[2017.12.20 23:32:14 | 000,172,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wermgr.exe
[2017.12.20 23:32:14 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\DWWIN.EXE
[2017.12.20 23:32:13 | 004,215,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.StateRepository.dll
[2017.12.20 23:32:13 | 000,223,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aepic.dll
[2017.12.20 23:32:12 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ActiveSyncProvider.dll
[2017.12.20 23:32:12 | 001,248,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\AzureSettingSyncProvider.dll
[2017.12.20 23:32:11 | 013,844,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.UI.Xaml.dll
[2017.12.20 23:32:11 | 000,798,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TokenBroker.dll
[2017.12.20 23:32:11 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\daxexec.dll
[2017.12.20 23:32:10 | 005,827,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\windows.storage.dll
[2017.12.20 23:32:10 | 002,259,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CoreUIComponents.dll
[2017.12.20 23:32:10 | 001,266,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\twinapi.appcore.dll
[2017.12.20 23:32:10 | 000,362,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Faultrep.dll
[2017.12.20 23:32:10 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2017.12.20 23:32:09 | 006,728,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\twinui.dll
[2017.12.20 23:32:09 | 004,417,024 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ExplorerFrame.dll
[2017.12.20 23:32:08 | 006,763,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Media.Protection.PlayReady.dll
[2017.12.20 23:32:07 | 004,471,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\explorer.exe
[2017.12.20 23:32:07 | 000,787,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2017.12.20 23:32:07 | 000,133,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WerFaultSecure.exe
[2017.12.20 23:32:05 | 007,598,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2017.12.20 23:32:05 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cldapi.dll
[2017.12.20 23:32:05 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\odbcconf.dll
[2017.12.20 23:32:04 | 001,408,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gdi32full.dll
[2017.12.20 23:32:02 | 001,439,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfsrcsnk.dll
[2017.12.20 23:32:02 | 000,554,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\USBHUB3.SYS
[2017.12.20 23:32:02 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\BasicRender.sys
[2017.12.20 23:32:01 | 001,123,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mfnetcore.dll
[2017.12.20 23:32:01 | 000,640,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mswstr10.dll
[2017.12.20 23:32:01 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.System.Launcher.dll
[2017.12.20 23:32:01 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msexcl40.dll
[2017.12.20 23:32:01 | 000,336,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SecurityHealthService.exe
[2017.12.20 23:32:01 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msjint40.dll
[2017.12.20 23:32:00 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wsp_fs.dll
[2017.12.20 23:32:00 | 001,318,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wsp_health.dll
[2017.12.20 23:32:00 | 001,244,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.UI.Xaml.Phone.dll
[2017.12.20 23:32:00 | 000,680,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.AccountsControl.dll
[2017.12.20 23:32:00 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\smartscreenps.dll
[2017.12.20 23:31:59 | 002,603,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\OneCoreUAPCommonProxyStub.dll
[2017.12.20 23:31:59 | 000,681,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\clusapi.dll
[2017.12.20 23:31:59 | 000,473,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\resutils.dll
[2017.12.20 23:31:59 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\efswrt.dll
[2017.12.20 23:31:59 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Windows.Graphics.dll
[2017.12.20 23:31:59 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mssprxy.dll
[2017.12.20 23:31:58 | 000,648,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MbaeApiPublic.dll
[2017.12.20 23:31:58 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mcbuilder.exe
[2017.12.20 23:31:58 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\VPNv2CSP.dll
[2017.12.20 23:31:58 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scrobj.dll
[2017.12.20 23:31:58 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cscript.exe
[2017.12.20 23:31:58 | 000,133,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\t2embed.dll
[2017.12.20 23:31:58 | 000,095,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\stornvme.sys
[2017.12.20 23:31:58 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\updatepolicy.dll
[2017.12.20 23:31:58 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tetheringclient.dll
[2017.12.20 23:31:57 | 001,135,616 | R--- | C] (The ICU Project) -- C:\windows\SysWow64\icuuc.dll
[2017.12.20 23:31:57 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iprtrmgr.dll
[2017.12.20 23:31:57 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\twinapi.dll
[2017.12.20 23:31:57 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Robocopy.exe
[2017.12.20 23:31:57 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\usoapi.dll
[2017.12.20 23:31:57 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\CertPKICmdlet.dll
[2017.12.20 23:31:57 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cipher.exe
[2017.12.20 23:31:57 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mgmtapi.dll
[2017.12.20 23:31:56 | 003,107,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe
[2017.12.20 23:31:56 | 000,463,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll
[2017.12.20 23:31:56 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\BitLockerCsp.dll
[2017.12.20 23:31:56 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\OnDemandConnRouteHelper.dll
[2017.12.20 23:31:55 | 001,004,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ucrtbase.dll
[2017.12.20 23:31:54 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NgcCtnr.dll
[2017.12.20 23:31:53 | 000,546,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys
[2017.12.20 23:31:53 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptngc.dll
[2017.12.20 23:31:53 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\utcutil.dll
[2017.12.20 23:31:50 | 002,516,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\diagtrack.dll
[2017.12.20 23:31:50 | 000,820,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WWAHost.exe
[2017.12.20 23:31:49 | 008,213,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2017.12.20 23:31:43 | 000,724,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MusUpdateHandlers.dll
[2017.12.20 23:31:43 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UserDataTimeUtil.dll
[2017.12.20 23:31:43 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\musdialoghandlers.dll
[2017.12.20 23:31:42 | 001,937,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wpdshext.dll
[2017.12.20 23:31:42 | 001,628,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UserDataService.dll
[2017.12.20 23:31:42 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MusNotification.exe
[2017.12.20 23:31:42 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\storewuauth.dll
[2017.12.20 23:31:41 | 000,804,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fvewiz.dll
[2017.12.20 23:31:41 | 000,259,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MusNotifyIcon.exe
[2017.12.20 23:31:41 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MusNotificationUx.exe
[2017.12.20 23:31:41 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\updatepolicy.dll
[2017.12.20 23:31:40 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Graphics.dll
[2017.12.20 23:31:40 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuautoappupdate.dll
[2017.12.20 23:31:39 | 003,304,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe
[2017.12.20 23:31:39 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fvecpl.dll
[2017.12.20 23:31:39 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fveui.dll
[2017.12.20 23:31:39 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\manage-bde.exe
[2017.12.20 23:31:39 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BitLockerDeviceEncryption.exe
[2017.12.20 23:31:38 | 020,511,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\edgehtml.dll
[2017.12.20 23:31:38 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Chakradiag.dll
[2017.12.20 23:31:34 | 006,252,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Chakra.dll
[2017.12.20 23:31:34 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieproxy.dll
[2017.12.20 23:31:33 | 004,726,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2017.12.20 23:31:33 | 000,805,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieproxy.dll
[2017.12.20 23:31:32 | 000,094,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpudd.dll
[2017.12.20 23:31:32 | 000,038,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OOBEUpdater.exe
[2017.12.20 23:31:31 | 008,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Chakra.dll
[2017.12.20 23:31:31 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Chakradiag.dll
[2017.12.20 23:31:29 | 006,557,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Media.dll
[2017.12.20 23:31:29 | 001,303,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MSVPXENC.dll
[2017.12.20 23:31:27 | 002,398,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2017.12.20 23:31:26 | 008,333,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BingMaps.dll
[2017.12.20 23:31:26 | 000,777,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\oleaut32.dll
[2017.12.20 23:31:26 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.UI.Core.TextInput.dll
[2017.12.20 23:31:25 | 023,678,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\edgehtml.dll
[2017.12.20 23:31:23 | 002,239,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfsrcsnk.dll
[2017.12.20 23:31:23 | 001,194,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2017.12.20 23:31:23 | 001,194,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mfnetcore.dll
[2017.12.20 23:31:23 | 000,585,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2017.12.20 23:31:22 | 012,227,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2017.12.20 23:31:22 | 000,831,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MbaeApiPublic.dll
[2017.12.20 23:31:22 | 000,387,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmpps.dll
[2017.12.20 23:31:22 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SEMgrPS.dll
[2017.12.20 23:31:21 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2017.12.20 23:31:21 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2017.12.20 23:31:21 | 000,181,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2017.12.20 23:31:20 | 013,381,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll
[2017.12.20 23:31:20 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iprtrmgr.dll
[2017.12.20 23:31:19 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\InputLocaleManager.dll
[2017.12.20 23:31:19 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2017.12.20 23:31:19 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mgmtapi.dll
[2017.12.20 23:31:18 | 002,009,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2017.12.20 23:31:18 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2017.12.20 23:31:17 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2017.12.20 23:31:17 | 000,654,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AppXDeploymentClient.dll
[2017.12.20 23:31:16 | 002,969,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CoreUIComponents.dll
[2017.12.20 23:31:16 | 002,829,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2017.12.20 23:31:16 | 002,078,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2017.12.20 23:31:16 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2017.12.20 23:31:15 | 005,304,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.StateRepository.dll
[2017.12.20 23:31:14 | 001,150,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ucrtbase.dll
[2017.12.20 23:31:14 | 000,727,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wer.dll
[2017.12.20 23:31:14 | 000,412,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Faultrep.dll
[2017.12.20 23:31:14 | 000,319,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WerFault.exe
[2017.12.20 23:31:14 | 000,187,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wermgr.exe
[2017.12.20 23:31:14 | 000,144,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WerFaultSecure.exe
[2017.12.20 23:31:14 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\odbcconf.dll
[2017.12.20 23:31:13 | 005,557,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dbgeng.dll
[2017.12.20 23:31:13 | 004,396,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_47.dll
[2017.12.20 23:31:12 | 008,319,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2017.12.20 23:31:11 | 000,212,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browserbroker.dll
[2017.12.20 23:31:10 | 001,065,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.efi
[2017.12.20 23:31:10 | 000,900,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winresume.exe
[2017.12.20 23:31:09 | 001,395,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.efi
[2017.12.20 23:31:09 | 001,186,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winload.exe
[2017.12.20 23:31:08 | 000,719,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FlightSettings.dll
[2017.12.20 23:31:08 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AppReadiness.dll
[2017.12.20 23:31:07 | 000,939,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.AccountsControl.dll
[2017.12.20 23:31:06 | 000,430,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\bcryptprimitives.dll
[2017.12.20 23:31:04 | 000,661,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dnsapi.dll
[2017.12.20 23:31:03 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\eShims.dll
[2017.12.20 23:31:02 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\LocationFrameworkInternalPS.dll
[2017.12.20 23:31:01 | 007,910,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Media.Protection.PlayReady.dll
[2017.12.20 23:31:01 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpchttp.dll
[2017.12.20 23:31:00 | 002,730,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smartscreen.exe
[2017.12.20 23:31:00 | 000,925,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WpcWebFilter.dll
[2017.12.20 23:31:00 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wcmsvc.dll
[2017.12.20 23:31:00 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smartscreenps.dll
[2017.12.20 23:30:59 | 003,206,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Microsoft.Bluetooth.Profiles.Gatt.dll
[2017.12.20 23:30:58 | 007,339,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Data.Pdf.dll
[2017.12.20 23:30:58 | 003,140,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msftedit.dll
[2017.12.20 23:30:57 | 017,370,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.UI.Xaml.dll
[2017.12.20 23:30:56 | 007,318,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\windows.storage.dll
[2017.12.20 23:30:56 | 000,923,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CoreMessaging.dll
[2017.12.20 23:30:56 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2017.12.20 23:30:55 | 002,760,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
[2017.12.20 23:30:55 | 000,961,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\efscore.dll
[2017.12.20 23:30:55 | 000,415,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\updatehandlers.dll
[2017.12.20 23:30:55 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\domgmt.dll
[2017.12.20 23:30:55 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TokenBrokerUI.dll
[2017.12.20 23:30:54 | 003,060,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\NetworkMobileSettings.dll
[2017.12.20 23:30:54 | 001,307,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dosvc.dll
[2017.12.20 23:30:54 | 001,052,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TokenBroker.dll
[2017.12.20 23:30:54 | 000,684,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usocore.dll
[2017.12.20 23:30:54 | 000,647,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RDXService.dll
[2017.12.20 23:30:54 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowManagement.dll
[2017.12.20 23:30:54 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.System.Launcher.dll
[2017.12.20 23:30:54 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DeviceEnroller.exe
[2017.12.20 23:30:53 | 004,445,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SettingsHandlers_nt.dll
[2017.12.20 23:30:53 | 004,175,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\StartTileData.dll
[2017.12.20 23:30:53 | 002,503,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\twinui.pcshell.dll
[2017.12.20 23:30:53 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vss_ps.dll
[2017.12.20 23:30:52 | 001,269,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\enterprisecsps.dll
[2017.12.20 23:30:52 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msIso.dll
[2017.12.20 23:30:51 | 007,931,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\twinui.dll
[2017.12.20 23:30:51 | 005,477,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OneCoreUAPCommonProxyStub.dll
[2017.12.20 23:30:51 | 001,878,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AzureSettingSyncProvider.dll
[2017.12.20 23:30:50 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdiWiFi.sys
[2017.12.20 23:30:49 | 003,668,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32kfull.sys
[2017.12.20 23:30:49 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32kbase.sys
[2017.12.20 23:30:48 | 002,199,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.UI.Xaml.Resources.dll
[2017.12.20 23:30:47 | 004,848,952 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2017.12.20 23:30:46 | 004,707,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ExplorerFrame.dll
[2017.12.20 23:30:46 | 002,032,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aitstatic.exe
[2017.12.20 23:30:46 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIRibbonRes.dll
[2017.12.20 23:30:46 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIRibbonRes.dll
[2017.12.20 23:30:45 | 001,886,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AppXDeploymentExtensions.onecore.dll
[2017.12.20 23:30:45 | 001,468,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AppXDeploymentExtensions.desktop.dll
[2017.12.20 23:30:45 | 000,407,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuuhext.dll
[2017.12.20 23:30:45 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SIHClient.exe
[2017.12.20 23:30:45 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuuhosdeployment.dll
[2017.12.20 23:30:44 | 002,809,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AppXDeploymentServer.dll
[2017.12.20 23:30:44 | 001,018,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SecConfig.efi
[2017.12.20 23:30:44 | 000,821,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hvloader.exe
[2017.12.20 23:30:44 | 000,667,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ci.dll
[2017.12.20 23:30:44 | 000,543,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\securekernel.exe
[2017.12.20 23:30:44 | 000,524,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TileDataRepository.dll
[2017.12.20 23:30:44 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsqmcons.exe
[2017.12.20 23:30:43 | 001,458,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msctf.dll
[2017.12.20 23:30:43 | 001,068,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.UI.dll
[2017.12.20 23:30:43 | 001,015,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hvax64.exe
[2017.12.20 23:30:43 | 000,965,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hvloader.efi
[2017.12.20 23:30:43 | 000,565,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dsreg.dll
[2017.12.20 23:30:43 | 000,558,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.ApplicationModel.dll
[2017.12.20 23:30:43 | 000,409,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys
[2017.12.20 23:30:43 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWWIN.EXE
[2017.12.20 23:30:43 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2017.12.20 23:30:43 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TpmTasks.dll
[2017.12.20 23:30:42 | 001,595,152 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32full.dll
[2017.12.20 23:30:42 | 001,278,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\werconcpl.dll
[2017.12.20 23:30:42 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\werui.dll
[2017.12.20 23:30:41 | 001,713,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ActiveSyncProvider.dll
[2017.12.20 23:30:41 | 001,605,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2017.12.20 23:30:41 | 000,986,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2017.12.20 23:30:41 | 000,772,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PCPKsp.dll
[2017.12.20 23:30:41 | 000,257,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\AppxAllUserStore.dll
[2017.12.20 23:30:40 | 001,460,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2017.12.20 23:30:40 | 001,345,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\user32.dll
[2017.12.20 23:30:40 | 001,144,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\hvix64.exe
[2017.12.20 23:30:40 | 000,712,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms2.sys
[2017.12.20 23:30:40 | 000,556,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TpmCoreProvisioning.dll
[2017.12.20 23:30:39 | 001,506,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\twinapi.appcore.dll
[2017.12.20 23:30:39 | 000,872,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ClipSVC.dll
[2017.12.20 23:30:39 | 000,651,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SettingSyncHost.exe
[2017.12.20 23:30:37 | 002,086,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UpdateAgent.dll
[2017.12.20 23:30:36 | 002,438,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ResetEngine.dll
[2017.12.20 23:30:36 | 001,527,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RecoveryDrive.exe
[2017.12.20 23:30:36 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aadcloudap.dll
[2017.12.20 23:30:36 | 000,484,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dcntel.dll
[2017.12.20 23:30:36 | 000,259,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepic.dll
[2017.12.20 23:30:36 | 000,136,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CompatTelRunner.exe
[2017.12.20 23:30:36 | 000,067,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32appinventorycsp.dll
[2017.12.20 23:30:36 | 000,034,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DeviceCensus.exe
[2017.12.20 23:30:35 | 001,578,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\appraiser.dll
[2017.12.20 23:30:35 | 000,678,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
[2017.12.20 23:30:35 | 000,613,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2017.12.20 23:30:35 | 000,612,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\devinv.dll
[2017.12.20 23:30:35 | 000,529,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\daxexec.dll
[2017.12.20 23:30:35 | 000,379,288 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\invagent.dll
[2017.12.20 23:30:34 | 001,260,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\GamePanel.exe
[2017.12.20 23:30:33 | 001,293,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aadtb.dll
[2017.12.20 23:30:33 | 000,841,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fveapi.dll
[2017.12.20 23:30:31 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scksp.dll
[2017.12.20 23:30:31 | 000,203,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\basecsp.dll
[2017.12.20 23:30:30 | 002,088,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsp_fs.dll
[2017.12.20 23:30:30 | 000,469,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2017.12.20 23:30:30 | 000,255,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ubpm.dll
[2017.12.20 23:30:29 | 001,811,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wsp_health.dll
[2017.12.20 23:30:29 | 000,644,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\advapi32.dll
[2017.12.20 23:30:29 | 000,461,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wlansec.dll
[2017.12.20 23:30:29 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SharedPCCSP.dll
[2017.12.20 23:30:29 | 000,190,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\acmigration.dll
[2017.12.20 23:30:28 | 000,893,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\clusapi.dll
[2017.12.20 23:30:28 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\resutils.dll
[2017.12.20 23:30:28 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fveapibase.dll
[2017.12.20 23:30:28 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mcbuilder.exe
[2017.12.20 23:30:28 | 000,304,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dusmsvc.dll
[2017.12.20 23:30:28 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMapi.dll
[2017.12.20 23:30:28 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cldapi.dll
[2017.12.20 23:30:27 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.UI.Storage.dll
[2017.12.20 23:30:26 | 001,438,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Windows.UI.Xaml.Phone.dll
[2017.12.20 23:30:26 | 001,321,984 | R--- | C] (The ICU Project) -- C:\windows\SysNative\icuuc.dll
[2017.12.20 23:30:26 | 000,635,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\efswrt.dll
[2017.12.20 23:30:26 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\twinapi.dll
[2017.12.20 23:30:26 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\provhandlers.dll
[2017.12.20 23:30:26 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tetheringservice.dll
[2017.12.20 23:30:26 | 000,175,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\t2embed.dll
[2017.12.20 23:30:25 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scrobj.dll
[2017.12.20 23:30:25 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscript.exe
[2017.12.20 23:30:25 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usoapi.dll
[2017.12.20 23:30:25 | 000,072,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\easinvoker.exe
[2017.12.20 23:30:25 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tetheringclient.dll
[2017.12.20 23:30:25 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\efssvc.dll
[2017.12.20 23:30:25 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cipher.exe
[2017.12.20 23:30:25 | 000,038,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys
[2017.12.20 23:30:25 | 000,026,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2017.12.20 23:30:24 | 000,565,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll
[2017.12.20 23:30:24 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Robocopy.exe
[2017.12.20 23:30:24 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\CertPKICmdlet.dll
[2017.12.20 23:30:24 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ServiceWorkerHost.exe
[2017.12.20 23:30:23 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FirewallAPI.dll
[2017.12.20 23:30:23 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DataUsageHandlers.dll
[2017.12.20 23:30:23 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\BitLockerCsp.dll
[2017.12.20 23:30:23 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DataUsageLiveTileTask.exe
[2017.12.20 23:30:23 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OnDemandConnRouteHelper.dll
[2017.12.20 23:30:23 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Dumpstorport.sys
[2017.12.20 22:50:41 | 000,000,000 | ---D | C] -- C:\Users\Kristian\Documents\Neuer Ordner
[2017.12.20 22:49:30 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\TrueCrypt
[2017.12.20 22:25:54 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\Mozilla
[2017.12.20 22:25:53 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\Mozilla
[2017.12.20 22:25:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2017.12.20 22:25:36 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2017.12.20 22:21:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2017.12.20 22:21:30 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2017.12.20 22:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
[2017.12.20 22:19:52 | 000,231,376 | ---- | C] (TrueCrypt Foundation) -- C:\windows\SysNative\drivers\truecrypt.sys
[2017.12.20 22:19:51 | 000,000,000 | ---D | C] -- C:\Program Files\TrueCrypt
[2017.12.20 22:17:59 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2017.12.20 22:17:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2017.12.20 22:17:57 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2017.12.20 22:06:41 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\Apple Computer
[2017.12.20 22:06:41 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\Apple Computer
[2017.12.20 22:06:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2017.12.20 22:05:45 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2017.12.20 22:04:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2017.12.20 22:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2017.12.20 22:02:16 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\Apple
[2017.12.20 22:02:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2017.12.20 22:01:52 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2017.12.20 22:01:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2017.12.20 22:00:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2017.12.20 21:59:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2017.12.20 21:07:15 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\Hewlett-Packard
[2017.12.20 21:02:10 | 000,000,000 | ---D | C] -- C:\Users\Kristian\Desktop\Tor Browser
[2017.12.20 20:56:01 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\Comms
[2017.12.20 20:52:42 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\BitTorrent
[2017.12.20 20:44:38 | 000,000,000 | R--D | C] -- C:\Users\Kristian\OneDrive
[2017.12.20 20:43:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2017.12.20 20:43:19 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\Google
[2017.12.20 20:42:02 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\DBG
[2017.12.20 20:41:39 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\MicrosoftEdge
[2017.12.20 20:41:31 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\Macromedia
[2017.12.20 20:37:22 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\HP JumpStart Apps
[2017.12.20 20:37:22 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\HP
[2017.12.20 20:37:22 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\DropboxOEM
[2017.12.20 20:37:21 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\DropboxOEM
[2017.12.20 20:37:20 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\Crashpad
[2017.12.20 20:36:56 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\Publishers
[2017.12.20 20:36:49 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\AMD
[2017.12.20 20:36:37 | 000,000,000 | R--D | C] -- C:\Users\Kristian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2017.12.20 20:36:36 | 000,000,000 | R--D | C] -- C:\Users\Kristian\Searches
[2017.12.20 20:36:36 | 000,000,000 | R--D | C] -- C:\Users\Kristian\Contacts
[2017.12.20 20:36:32 | 000,000,000 | ---D | C] -- C:\Users\Kristian\Documents\My Bluetooth
[2017.12.20 20:36:26 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\Adobe
[2017.12.20 20:36:25 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\VirtualStore
[2017.12.20 20:36:25 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\Packages
[2017.12.20 20:36:17 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\ConnectedDevicesPlatform
[2017.12.20 20:34:40 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\TileDataLayer
[2017.12.20 20:34:39 | 000,000,000 | --SD | C] -- C:\Users\Kristian\AppData\Roaming\Microsoft
[2017.12.20 20:34:39 | 000,000,000 | R--D | C] -- C:\Users\Kristian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[2017.12.20 20:34:39 | 000,000,000 | R--D | C] -- C:\Users\Kristian\Videos
[2017.12.20 20:34:39 | 000,000,000 | R--D | C] -- C:\Users\Kristian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2017.12.20 20:34:39 | 000,000,000 | R--D | C] -- C:\Users\Kristian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2017.12.20 20:34:39 | 000,000,000 | R--D | C] -- C:\Users\Kristian\Saved Games
[2017.12.20 20:34:39 | 000,000,000 | R--D | C] -- C:\Users\Kristian\Pictures
[2017.12.20 20:34:39 | 000,000,000 | R--D | C] -- C:\Users\Kristian\Music
[2017.12.20 20:34:39 | 000,000,000 | R--D | C] -- C:\Users\Kristian\Links
[2017.12.20 20:34:39 | 000,000,000 | R--D | C] -- C:\Users\Kristian\Favorites
[2017.12.20 20:34:39 | 000,000,000 | R--D | C] -- C:\Users\Kristian\Downloads
[2017.12.20 20:34:39 | 000,000,000 | R--D | C] -- C:\Users\Kristian\Documents
[2017.12.20 20:34:39 | 000,000,000 | R--D | C] -- C:\Users\Kristian\Desktop
[2017.12.20 20:34:39 | 000,000,000 | R--D | C] -- C:\Users\Kristian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2017.12.20 20:34:39 | 000,000,000 | R--D | C] -- C:\Users\Kristian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2017.12.20 20:34:39 | 000,000,000 | -HSD | C] -- C:\Users\Kristian\Vorlagen
[2017.12.20 20:34:39 | 000,000,000 | -HSD | C] -- C:\Users\Kristian\AppData\Local\Verlauf
[2017.12.20 20:34:39 | 000,000,000 | -HSD | C] -- C:\Users\Kristian\AppData\Local\Temporary Internet Files
[2017.12.20 20:34:39 | 000,000,000 | -HSD | C] -- C:\Users\Kristian\Startmenü
[2017.12.20 20:34:39 | 000,000,000 | -HSD | C] -- C:\Users\Kristian\SendTo
[2017.12.20 20:34:39 | 000,000,000 | -HSD | C] -- C:\Users\Kristian\Recent
[2017.12.20 20:34:39 | 000,000,000 | -HSD | C] -- C:\Users\Kristian\Netzwerkumgebung
[2017.12.20 20:34:39 | 000,000,000 | -HSD | C] -- C:\Users\Kristian\Lokale Einstellungen
[2017.12.20 20:34:39 | 000,000,000 | -HSD | C] -- C:\Users\Kristian\Documents\Eigene Videos
[2017.12.20 20:34:39 | 000,000,000 | -HSD | C] -- C:\Users\Kristian\Documents\Eigene Musik
[2017.12.20 20:34:39 | 000,000,000 | -HSD | C] -- C:\Users\Kristian\Eigene Dateien
[2017.12.20 20:34:39 | 000,000,000 | -HSD | C] -- C:\Users\Kristian\Documents\Eigene Bilder
[2017.12.20 20:34:39 | 000,000,000 | -HSD | C] -- C:\Users\Kristian\Druckumgebung
[2017.12.20 20:34:39 | 000,000,000 | -HSD | C] -- C:\Users\Kristian\Cookies
[2017.12.20 20:34:39 | 000,000,000 | -HSD | C] -- C:\Users\Kristian\AppData\Local\Anwendungsdaten
[2017.12.20 20:34:39 | 000,000,000 | -HSD | C] -- C:\Users\Kristian\Anwendungsdaten
[2017.12.20 20:34:39 | 000,000,000 | -H-D | C] -- C:\Users\Kristian\Documents\hp.system.package.metadata
[2017.12.20 20:34:39 | 000,000,000 | -H-D | C] -- C:\Users\Kristian\Documents\hp.applications.package.appdata
[2017.12.20 20:34:39 | 000,000,000 | -H-D | C] -- C:\Users\Kristian\AppData
[2017.12.20 20:34:39 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\Temp
[2017.12.20 20:34:39 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Local\Microsoft
[2017.12.20 20:34:39 | 000,000,000 | ---D | C] -- C:\Users\Kristian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2017.12.20 18:26:55 | 000,000,000 | ---D | C] -- C:\windows\SoftwareDistribution
[2017.12.20 18:24:28 | 000,000,000 | -HSD | C] -- C:\Programme
[2017.12.20 18:24:28 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2017.12.20 18:24:28 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2017.12.20 18:24:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2017.12.20 18:24:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2017.12.20 18:24:27 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2017.12.20 18:24:27 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2017.12.20 18:24:27 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2017.12.20 18:24:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2017.12.20 18:24:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2017.12.20 18:24:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2017.12.13 16:43:32 | 000,045,024 | ---- | C] (The OpenVPN Project) --
< End of report > |