Problem removing virus

[caspadan]

Sorry, I really don't know where to put this.  But I can't remove this AutoRun Hijack.  You can move this thread to relevant section if need be.

If I quarantine the item, Windows boots with a black screen and an open CMD window.  I have to manually run explorer.exe (CTRL+SHIFT+ESC to open task manager).

I've had to restore the item to resolve the issue, but I've been noticing something running upon boot (probably the virus). Once it's done its thing, the icon in the taskbar disappears.

How can I get this removed?

mbam-report.txt

[nikhils]

Moving this thread to the Malware Removal section.

One of our Agents will be able to help you with your issue.

[kevinf80]

Hello caspadan and welcome to Malwarebytes,

Run the following and post the two produced logs......

Download Farbar Recovery Scan Tool and save it to your desktop. Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way... Be aware FRST must be run from an account with Administrator status...   Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.) Make sure Addition.txt is checkmarked under "Optional scans" Press Scan button to run the tool.... It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The tool will also make a log named (Addition.txt) Please attach that log to your reply. Thank you, Kevin....

[caspadan]

Hi there Kevin

Thank you so much for the assistance.  I've also been noticing that a windows explorer window is now open booting into windows.  This after quarantine and then having to restore.

Here is the info from the FRST text file (the addition text file is attached):

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2017
Ran by Daniel (administrator) on DESKTOP-72SBGO0 (30-10-2017 20:29:46)
Running from E:\Downloads
Loaded Profiles: Daniel (Available Profiles: Daniel)
Platform: Windows 10 Pro Version 1709 16299.19 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\DriverStore\FileRepository\c0319547.inf_amd64_f15ceeed0afa1be7\atiesrxx.exe
(FreeDownloadManager.org) E:\Programs\Free Download Manager\winwfpmonitor.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) E:\Programs\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) E:\Programs\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() E:\Programs\RivaTuner Statistics Server\RTSS.exe
(Sapphire Technology Limited) E:\Programs\Sapphire TRIXX\TRIXX.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(SoundMixer) C:\Users\Daniel\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe
(SoundMixer) C:\Users\Daniel\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe
Failed to access process -> SoundMixer.exe
Failed to access process -> SoundMixer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() E:\Programs\RivaTuner Statistics Server\EncoderServer64.exe
() E:\Programs\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(SoftPerfect) E:\Programs\NetWorx\networx.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Logitech Gaming Software\LAClient\laclient.exe
(FreeDownloadManager.org) E:\Programs\Free Download Manager\fdm.exe
(Corsair Components, Inc.) E:\Programs\Corsair\Corsair Utility Engine\CUE.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [NetWorx] => E:\Programs\NetWorx\networx.exe [7710024 2016-09-22] (SoftPerfect)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17988216 2017-08-18] (Logitech Inc.)
HKLM-x32\...\Run: [Corsair Utility Engine] => E:\Programs\Corsair\Corsair Utility Engine\CUE.exe [20233936 2017-09-15] (Corsair Components, Inc.)
HKU\S-1-5-21-2571954028-960860675-1970857723-1001\...\Run: [Free Download Manager] => E:\Programs\Free Download Manager\fdm.exe [11136712 2017-10-27] (FreeDownloadManager.org)
HKU\S-1-5-21-2571954028-960860675-1970857723-1001\...\Winlogon: [Shell] C:\Windows\System32\cmd.exe [272896 2017-09-29] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-2571954028-960860675-1970857723-1001\...\Command Processor: @mode 15,1 & tasklist /FI "IMAGENAME eq SoundMixer.exe" 2>NUL | find /I /N "SoundMixer.exe">NUL && exit & start /MIN "" "C:\Users\Daniel\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit <==== ATTENTION
HKU\S-1-5-18\...\Run: [Free Download Manager] => E:\Programs\Free Download Manager\fdm.exe [11136712 2017-10-27] (FreeDownloadManager.org)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e4f3642a-aaa9-4a69-b181-6afba31ea008}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO-x32: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-10-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-10-14] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.viceice.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default [2017-10-30]
CHR Extension: (Slides) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2017-10-17]
CHR Extension: (Free Download Manager Chrome extension) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2017-10-14]
CHR Extension: (Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-14]
CHR Extension: (Adguard AdBlocker) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2017-10-14]
CHR Extension: (MEGA) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2017-10-27]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-14]
CHR Extension: (Space & Patterns) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkdmjaboldkklmcomdamidplnfpnmmmd [2017-10-27]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2017-10-14]
CHR Extension: (Sheets) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Google Docs Offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-14]
CHR Extension: (AdBlock) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-10-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-14]
CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-14]
CHR Extension: (Chrome Media Router) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-24]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0319547.inf_amd64_f15ceeed0afa1be7\atiesrxx.exe [481808 2017-10-27] (AMD)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1548808 2017-10-11] ()
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-03-17] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-08-18] (Logitech Inc.)
R2 MBAMService; E:\Programs\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4297920 2017-09-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0319547.inf_amd64_f15ceeed0afa1be7\atikmdag.sys [40030736 2017-10-27] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0319547.inf_amd64_f15ceeed0afa1be7\atikmpag.sys [545296 2017-10-27] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [118960 2017-10-13] (Advanced Micro Devices)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45528 2017-06-21] (Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21968 2017-06-21] (Corsair)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2017-10-15] (REALiX(tm))
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-08-18] (Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2017-08-18] (Logitech Inc.)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-10-30] (Malwarebytes)
R1 networx; C:\WINDOWS\System32\drivers\networx.sys [72632 2016-09-20] (NetFilterSDK.com)
R3 VGAOCTool; C:\Users\Daniel\AppData\Local\Temp\VGAOCTool.sys [27008 2017-10-30] () <==== ATTENTION
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-30 20:21 - 2017-10-30 20:29 - 000000000 ____D C:\FRST
2017-10-30 18:59 - 2017-10-30 18:59 - 000001304 _____ C:\Users\Daniel\Desktop\mbam-report.txt
2017-10-30 18:50 - 2017-10-30 18:50 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-10-30 18:50 - 2017-10-30 18:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-10-30 18:50 - 2017-10-30 18:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-10-29 09:56 - 2017-10-29 09:56 - 000000000 ____D C:\WINDOWS\LastGood
2017-10-28 22:10 - 2017-10-28 22:10 - 000001186 _____ C:\Users\Daniel\AppData\Local\recently-used.xbel
2017-10-28 19:32 - 2017-10-28 19:32 - 000000000 ____D C:\Users\Daniel\AppData\LocalLow\AMD
2017-10-28 19:23 - 2017-10-28 19:23 - 000003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-10-28 19:23 - 2017-10-28 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-10-28 19:23 - 2017-10-28 19:23 - 000000000 ____D C:\Program Files (x86)\AMD
2017-10-28 19:22 - 2017-10-28 19:22 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-10-28 19:21 - 2017-10-27 20:55 - 001061392 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-10-28 19:21 - 2017-10-27 20:55 - 000168976 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-10-28 19:21 - 2017-10-27 20:55 - 000145936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-10-28 14:12 - 2017-10-28 14:12 - 000003928 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2017-10-28 14:12 - 2017-10-28 14:12 - 000002862 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-10-28 14:12 - 2017-10-28 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-10-28 11:44 - 2017-10-28 11:44 - 000000000 ____D C:\Users\Daniel\AppData\Local\WelcomeToHanwell
2017-10-27 18:26 - 2017-10-27 18:26 - 000000000 ____D C:\Users\Daniel\AppData\Local\Python-Eggs
2017-10-27 18:24 - 2017-10-28 22:10 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\deluge
2017-10-27 18:24 - 2017-10-27 18:24 - 000000686 _____ C:\Users\Public\Desktop\Deluge.lnk
2017-10-27 18:24 - 2017-10-27 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2017-10-27 15:38 - 2017-10-27 15:38 - 000000000 ____D C:\Users\Public\Documents\Steam
2017-10-27 15:38 - 2017-10-27 15:38 - 000000000 ____D C:\Users\Daniel\AppData\LocalLow\Moonray Studios
2017-10-27 11:29 - 2017-10-27 09:36 - 000000000 ____D C:\Windows.old
2017-10-27 09:39 - 2017-10-27 09:39 - 000000000 ____D C:\ProgramData\USOShared
2017-10-27 09:38 - 2017-10-30 20:14 - 001134574 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-27 09:38 - 2017-10-27 09:38 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-10-27 09:37 - 2017-10-27 09:37 - 000000020 ___SH C:\Users\Daniel\ntuser.ini
2017-10-27 09:37 - 2017-10-27 09:37 - 000000000 ___RD C:\Users\Daniel\3D Objects
2017-10-27 09:37 - 2017-10-27 09:37 - 000000000 ___HD C:\Users\Daniel\MicrosoftEdgeBackups
2017-10-27 09:35 - 2017-10-27 09:35 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2017-10-27 09:35 - 2017-10-27 09:35 - 000007623 _____ C:\WINDOWS\diagerr.xml
2017-10-27 09:34 - 2017-10-30 20:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-27 09:34 - 2017-10-28 19:23 - 000003338 _____ C:\WINDOWS\System32\Tasks\AMD ThankingURL
2017-10-27 09:34 - 2017-10-28 10:42 - 000002832 _____ C:\WINDOWS\System32\Tasks\FreeDownloadManagerNetworkMonitor
2017-10-27 09:34 - 2017-10-27 09:39 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2571954028-960860675-1970857723-1001
2017-10-27 09:34 - 2017-10-27 09:39 - 000003106 _____ C:\WINDOWS\System32\Tasks\RTSS
2017-10-27 09:34 - 2017-10-27 09:34 - 000022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-10-27 09:34 - 2017-10-27 09:34 - 000003344 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-10-27 09:34 - 2017-10-27 09:34 - 000003120 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-10-27 09:34 - 2017-10-27 09:34 - 000002688 _____ C:\WINDOWS\System32\Tasks\Sapphire TRIXX
2017-10-27 09:33 - 2017-10-27 09:33 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-10-27 09:32 - 2017-10-30 20:27 - 000000000 ____D C:\Users\Daniel
2017-10-27 09:32 - 2017-10-27 09:49 - 000000000 ____D C:\Users\Daniel\AppData\Local\Packages
2017-10-27 09:31 - 2017-10-30 20:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-27 09:31 - 2017-10-28 19:24 - 000222024 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-27 09:31 - 2017-09-29 15:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-10-27 09:22 - 2017-10-04 13:15 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-10-27 09:21 - 2017-10-27 11:29 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-10-27 09:21 - 2017-10-27 09:22 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-10-27 09:20 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\containers
2017-10-27 09:19 - 2017-10-27 09:19 - 025246208 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 023664128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 021752832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 019343360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 018913792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 017080832 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 008592280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-27 09:19 - 2017-10-27 09:19 - 008097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 006032896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 005906264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 004744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 003681280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 003672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-10-27 09:19 - 2017-10-27 09:19 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 003312432 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-10-27 09:19 - 2017-10-27 09:19 - 002869248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-10-27 09:19 - 2017-10-27 09:19 - 002474080 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 002400664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-27 09:19 - 2017-10-27 09:19 - 002106880 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-10-27 09:19 - 2017-10-27 09:19 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 001641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 001633744 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 001528912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 001436432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 001200024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-10-27 09:19 - 2017-10-27 09:19 - 001165824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-10-27 09:19 - 2017-10-27 09:19 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-10-27 09:19 - 2017-10-27 09:19 - 000769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-27 09:19 - 2017-10-27 09:19 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000677280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-27 09:19 - 2017-10-27 09:19 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-10-27 09:19 - 2017-10-27 09:19 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-10-27 09:19 - 2017-10-27 09:19 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-27 09:19 - 2017-10-27 09:19 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000464416 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-27 09:19 - 2017-10-27 09:19 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-10-27 09:19 - 2017-10-27 09:19 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-27 09:19 - 2017-10-27 09:19 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000232344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-27 09:19 - 2017-10-27 09:19 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-27 09:19 - 2017-10-27 09:19 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-10-27 09:19 - 2017-10-27 09:19 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-10-27 09:19 - 2017-10-27 09:19 - 000045976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-10-27 09:19 - 2017-10-27 09:19 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-27 09:19 - 2017-10-27 09:19 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-27 09:19 - 2017-10-27 09:19 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-27 09:17 - 2017-10-27 09:17 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-10-27 09:17 - 2017-10-27 09:17 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-10-27 09:17 - 2017-10-27 09:17 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-10-27 09:17 - 2017-10-27 09:17 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-10-27 09:17 - 2017-10-27 09:17 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-10-27 09:17 - 2017-10-27 09:17 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-10-27 09:17 - 2017-10-27 09:17 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-10-27 09:17 - 2017-10-27 09:17 - 000000000 ____D C:\Program Files\MSBuild
2017-10-27 09:17 - 2017-10-27 09:17 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-10-27 09:17 - 2017-10-27 09:17 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-10-27 09:12 - 2017-10-27 09:12 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-10-27 08:09 - 2017-10-28 13:36 - 000000000 ___DC C:\WINDOWS\Panther
2017-10-26 22:42 - 2017-10-26 22:42 - 000151592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2017-10-26 22:42 - 2017-10-26 22:42 - 000123752 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2017-10-24 19:48 - 2017-10-27 09:21 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-10-24 19:47 - 2017-10-27 20:55 - 013537296 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 011100176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2017-10-24 19:47 - 2017-10-27 20:55 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2017-10-24 19:47 - 2017-10-27 20:55 - 002924560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 002542608 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 001464336 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 001241616 _____ (AMD) C:\WINDOWS\system32\SETBC48.tmp
2017-10-24 19:47 - 2017-10-27 20:55 - 001241616 _____ (AMD) C:\WINDOWS\system32\coinst_17.40.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 001061392 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000875536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000834320 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2017-10-24 19:47 - 2017-10-27 20:55 - 000834320 _____ C:\WINDOWS\system32\atiapfxx.blb
2017-10-24 19:47 - 2017-10-27 20:55 - 000708112 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-10-24 19:47 - 2017-10-27 20:55 - 000704016 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000556560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000552976 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000548440 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000480272 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-10-24 19:47 - 2017-10-27 20:55 - 000470544 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000467984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000458768 _____ C:\WINDOWS\system32\GameManager64.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000445968 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000414736 _____ C:\WINDOWS\system32\atieah64.exe
2017-10-24 19:47 - 2017-10-27 20:55 - 000382992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000366608 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000361488 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000352272 _____ C:\WINDOWS\system32\clinfo.exe
2017-10-24 19:47 - 2017-10-27 20:55 - 000334864 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-10-24 19:47 - 2017-10-27 20:55 - 000277008 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000242704 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000232464 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000203792 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000186416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000180240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000164552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000159248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000157864 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000157712 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000151056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000149600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000135696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000133648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000131304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000124944 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000122024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000122024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000117264 _____ C:\WINDOWS\system32\atidxx64.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000116216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000114192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000102664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000102664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000101904 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000099344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000069648 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000045584 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000042512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-10-24 19:47 - 2017-10-27 20:55 - 000000145 _____ C:\WINDOWS\SysWOW64\amd-vulkan32.json
2017-10-24 19:47 - 2017-10-27 20:55 - 000000145 _____ C:\WINDOWS\system32\amd-vulkan64.json
2017-10-24 19:47 - 2017-10-24 19:47 - 000000000 ____D C:\Users\Daniel\AppData\Local\RadeonInstaller
2017-10-24 19:47 - 2017-10-23 19:12 - 001464336 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\SET3F17.tmp
2017-10-24 19:47 - 2017-10-23 19:12 - 001241616 _____ (AMD) C:\WINDOWS\system32\SET9F7B.tmp
2017-10-24 19:47 - 2017-10-23 19:12 - 001241616 _____ (AMD) C:\WINDOWS\system32\SET4130.tmp
2017-10-24 19:47 - 2017-10-23 19:12 - 001241616 _____ (AMD) C:\WINDOWS\system32\SET2.tmp
2017-10-24 19:47 - 2017-10-23 19:12 - 000204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2017-10-24 19:47 - 2017-10-23 19:12 - 000204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2017-10-24 19:47 - 2017-10-23 19:12 - 000157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2017-10-24 19:47 - 2017-10-23 19:12 - 000157144 _____ C:\WINDOWS\system32\ativvsva.dat
2017-10-24 19:47 - 2017-10-23 19:12 - 000154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2017-10-24 19:47 - 2017-10-23 19:12 - 000138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin
2017-10-24 19:47 - 2017-10-23 19:12 - 000120880 _____ C:\WINDOWS\system32\kapp_ci.sbin
2017-10-24 19:47 - 2017-10-23 19:12 - 000114704 _____ C:\WINDOWS\system32\kapp_si.sbin
2017-10-24 19:47 - 2017-10-23 19:12 - 000034501 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2017-10-24 19:47 - 2017-10-23 19:12 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SET3F6E.tmp
2017-10-24 19:47 - 2017-10-13 05:18 - 000123368 _____ (Advanced Micro Devices) C:\WINDOWS\system32\DelayAPO.dll
2017-10-24 19:47 - 2017-10-13 05:14 - 000118960 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWT6.sys
2017-10-22 12:31 - 2017-10-22 12:31 - 000000000 ____D C:\Users\Daniel\AppData\Local\NVIDIA Corporation
2017-10-22 12:30 - 2017-10-22 12:30 - 000000000 ____D C:\Users\Daniel\AppData\Local\TslGame
2017-10-21 15:25 - 2017-10-22 12:30 - 000000000 ____D C:\Users\Daniel\AppData\Local\UnrealEngine
2017-10-21 15:25 - 2017-10-21 15:25 - 000000000 ____D C:\Users\Daniel\AppData\Local\GameAnalytics
2017-10-21 15:25 - 2017-10-21 15:25 - 000000000 ____D C:\Users\Daniel\AppData\Local\Astro
2017-10-21 13:15 - 2017-10-27 09:33 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Equalizer APO 1.2
2017-10-21 13:07 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2017-10-21 13:07 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2017-10-21 13:07 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2017-10-21 13:07 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2017-10-21 13:07 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2017-10-21 13:07 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2017-10-21 11:09 - 2017-10-21 11:09 - 000000000 ____D C:\WINDOWS\system32\Drivers\etc\BACKUP
2017-10-21 09:55 - 2017-10-21 09:55 - 000000722 _____ C:\Users\Daniel\Desktop\Astroneer.lnk
2017-10-16 21:12 - 2017-10-30 18:45 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\MPC-HC
2017-10-15 19:42 - 2017-10-27 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2017-10-15 19:42 - 2017-07-30 12:50 - 003850240 _____ (x264vfw project) C:\WINDOWS\SysWOW64\x264vfw.dll
2017-10-15 19:42 - 2017-07-30 12:50 - 003799552 _____ (x264vfw project) C:\WINDOWS\system32\x264vfw64.dll
2017-10-15 19:42 - 2015-12-18 11:00 - 000755200 _____ C:\WINDOWS\system32\xvidcore.dll
2017-10-15 19:42 - 2015-12-18 11:00 - 000674816 _____ C:\WINDOWS\SysWOW64\xvidcore.dll
2017-10-15 19:42 - 2015-12-18 11:00 - 000309248 _____ C:\WINDOWS\system32\xvidvfw.dll
2017-10-15 19:42 - 2015-12-18 11:00 - 000282112 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll
2017-10-15 19:42 - 2015-10-24 18:00 - 000112128 _____ C:\WINDOWS\SysWOW64\ff_vfw.dll
2017-10-15 19:42 - 2012-07-21 12:55 - 000180736 _____ (fccHandler) C:\WINDOWS\system32\ac3acm.acm
2017-10-15 19:42 - 2012-07-21 12:54 - 000122880 _____ (fccHandler) C:\WINDOWS\SysWOW64\ac3acm.acm
2017-10-15 19:42 - 2011-12-07 19:37 - 000148992 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2017-10-15 19:42 - 2011-12-07 19:32 - 000216064 _____ ( ) C:\WINDOWS\SysWOW64\lagarith.dll
2017-10-15 19:42 - 2005-01-22 01:53 - 000055296 _____ C:\WINDOWS\system32\huffyuv.dll
2017-10-15 19:42 - 2004-05-18 20:16 - 000039936 _____ (Disappearing Inc.) C:\WINDOWS\SysWOW64\huffyuv.dll
2017-10-15 12:11 - 2017-10-15 12:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-15 12:11 - 2017-10-15 12:11 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-15 12:11 - 2017-10-15 12:11 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-15 11:52 - 2017-10-15 11:52 - 000000729 _____ C:\Users\Public\Desktop\Sapphire TRIXX.lnk
2017-10-15 11:52 - 2017-10-15 11:52 - 000000729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sapphire TRIXX.lnk
2017-10-15 11:45 - 2017-10-15 11:45 - 000000000 ____D C:\Users\Daniel\AppData\LocalLow\Unity
2017-10-15 11:45 - 2017-10-15 11:45 - 000000000 ____D C:\Users\Daniel\AppData\LocalLow\Hyper Hippo Productions Ltd_
2017-10-15 11:30 - 2017-10-27 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2017-10-15 11:30 - 2017-10-15 11:30 - 000027552 _____ (REALiX(tm)) C:\WINDOWS\system32\Drivers\HWiNFO64A.SYS
2017-10-15 11:21 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2017-10-15 11:21 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2017-10-15 11:21 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2017-10-15 11:21 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2017-10-15 11:21 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2017-10-15 11:21 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2017-10-15 11:21 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2017-10-15 11:21 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2017-10-15 11:21 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2017-10-15 11:21 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2017-10-15 11:21 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2017-10-15 11:21 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2017-10-15 11:21 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2017-10-15 11:21 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2017-10-15 11:21 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2017-10-15 11:21 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2017-10-15 11:21 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2017-10-15 11:21 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2017-10-15 11:21 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2017-10-15 11:21 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2017-10-15 11:21 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2017-10-15 11:21 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2017-10-15 11:21 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2017-10-15 11:21 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2017-10-15 11:21 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2017-10-15 11:21 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2017-10-15 11:21 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2017-10-15 11:21 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2017-10-15 11:21 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2017-10-15 11:21 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2017-10-15 11:21 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2017-10-15 11:21 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2017-10-15 11:21 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2017-10-15 11:21 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2017-10-15 11:21 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2017-10-15 11:21 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2017-10-15 11:21 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2017-10-15 11:21 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2017-10-15 11:21 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2017-10-15 11:21 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2017-10-15 11:21 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2017-10-15 11:21 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2017-10-15 11:21 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2017-10-15 11:21 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2017-10-15 11:21 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2017-10-15 11:21 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2017-10-15 11:21 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2017-10-15 11:21 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2017-10-15 11:21 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2017-10-15 11:21 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2017-10-15 11:21 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2017-10-15 11:21 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2017-10-15 11:21 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2017-10-15 11:21 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2017-10-15 11:21 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2017-10-15 11:21 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2017-10-15 11:21 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2017-10-15 11:21 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2017-10-15 11:21 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2017-10-15 11:21 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2017-10-15 11:21 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2017-10-15 11:21 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2017-10-15 11:21 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2017-10-15 11:21 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2017-10-15 11:21 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2017-10-15 11:21 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2017-10-15 11:21 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2017-10-15 11:21 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2017-10-15 11:21 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2017-10-15 11:21 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2017-10-15 11:21 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2017-10-15 11:21 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2017-10-15 11:21 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2017-10-15 11:21 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2017-10-15 11:21 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2017-10-15 11:21 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2017-10-15 11:21 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2017-10-15 11:21 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2017-10-15 11:21 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2017-10-15 11:21 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2017-10-15 11:21 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2017-10-15 11:21 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2017-10-15 11:21 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2017-10-15 11:21 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2017-10-15 11:21 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2017-10-15 11:21 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2017-10-15 11:21 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2017-10-15 11:21 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2017-10-15 11:21 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2017-10-15 11:21 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2017-10-15 11:21 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2017-10-15 11:21 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2017-10-15 11:21 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2017-10-15 11:21 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2017-10-15 11:21 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2017-10-15 11:21 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2017-10-15 11:21 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2017-10-15 11:21 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2017-10-15 11:21 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2017-10-15 11:21 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2017-10-15 11:21 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2017-10-15 11:21 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2017-10-15 11:21 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2017-10-15 11:21 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2017-10-15 11:21 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2017-10-15 11:21 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2017-10-15 11:21 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2017-10-15 11:21 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2017-10-15 11:21 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2017-10-15 11:21 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2017-10-15 11:21 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2017-10-15 11:21 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2017-10-15 11:21 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2017-10-15 11:21 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2017-10-15 11:21 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2017-10-15 11:21 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2017-10-15 11:21 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2017-10-15 11:21 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2017-10-15 11:21 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2017-10-15 11:21 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2017-10-15 11:21 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2017-10-15 11:21 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2017-10-15 11:21 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2017-10-15 11:21 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2017-10-15 11:21 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2017-10-15 11:21 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2017-10-15 11:21 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2017-10-15 11:21 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2017-10-15 11:21 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2017-10-15 11:21 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2017-10-15 11:21 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2017-10-15 11:21 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2017-10-15 11:21 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2017-10-15 11:21 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2017-10-15 11:21 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2017-10-15 11:21 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2017-10-15 11:21 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2017-10-15 11:21 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2017-10-15 11:21 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2017-10-15 11:21 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2017-10-15 11:21 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2017-10-15 11:21 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2017-10-15 11:21 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2017-10-15 11:21 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2017-10-15 11:21 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2017-10-15 11:21 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2017-10-15 11:21 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2017-10-15 11:21 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2017-10-15 11:21 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2017-10-15 11:21 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2017-10-15 11:21 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2017-10-15 11:21 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2017-10-15 11:21 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2017-10-15 11:21 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2017-10-15 11:21 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2017-10-15 11:21 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2017-10-15 11:21 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2017-10-15 11:21 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2017-10-15 11:21 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2017-10-15 11:21 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2017-10-15 11:21 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2017-10-15 11:21 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2017-10-15 11:21 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2017-10-15 11:21 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2017-10-15 11:21 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2017-10-15 11:21 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2017-10-15 11:21 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2017-10-15 11:21 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2017-10-15 11:21 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2017-10-15 11:21 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2017-10-15 11:21 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2017-10-15 11:21 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2017-10-15 11:21 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2017-10-15 11:21 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2017-10-15 11:21 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2017-10-15 11:21 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2017-10-15 11:19 - 2017-10-27 09:33 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2017-10-15 10:34 - 2017-10-27 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine
2017-10-15 10:26 - 2017-10-15 10:21 - 000544424 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-10-15 10:12 - 2017-10-15 10:12 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
2017-10-14 23:14 - 2017-10-14 23:14 - 000000000 ____D C:\Users\Daniel\AppData\Local\DBG
2017-10-14 23:13 - 2017-10-30 20:28 - 000000000 ____D C:\ProgramData\Logishrd
2017-10-14 23:13 - 2017-10-27 17:22 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2017-10-14 23:13 - 2017-10-14 23:13 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\Corsair
2017-10-14 23:13 - 2017-10-14 23:13 - 000000000 ____D C:\Users\Daniel\AppData\Local\Logitech
2017-10-14 23:13 - 2017-10-14 23:13 - 000000000 ____D C:\Users\Daniel\AppData\Local\Corsair
2017-10-14 23:12 - 2017-10-27 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2017-10-14 23:12 - 2017-10-14 23:13 - 000000000 ____D C:\Program Files\Logitech Gaming Software
2017-10-14 23:11 - 2017-10-14 23:11 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\Logitech
2017-10-14 23:11 - 2017-10-14 23:11 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\Logishrd
2017-10-14 23:06 - 2017-10-14 23:10 - 000000000 ____D C:\Users\Daniel\Documents\mSecure
2017-10-14 23:06 - 2017-10-14 23:06 - 000000000 ____D C:\Users\Daniel\AppData\Local\mSeven_Software
2017-10-14 23:05 - 2017-10-27 09:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mSeven Software
2017-10-14 23:05 - 2017-10-14 23:05 - 000002589 _____ C:\Users\Public\Desktop\mSecure for Windows.lnk
2017-10-14 23:05 - 2017-10-14 23:05 - 000000000 ____D C:\Users\Daniel\AppData\Local\Downloaded Installations
2017-10-14 23:03 - 2017-10-27 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-10-14 23:01 - 2017-10-14 23:01 - 000000843 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2017-10-14 23:01 - 2017-10-14 23:01 - 000000793 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-10-14 22:56 - 2017-10-30 20:27 - 000000000 ____D C:\Users\Daniel\AppData\Local\Free Download Manager
2017-10-14 22:56 - 2017-10-28 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
2017-10-14 22:47 - 2017-10-27 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWorx
2017-10-14 22:47 - 2017-10-14 22:47 - 000000000 ____D C:\Users\Daniel\AppData\Local\PeerDistRepub
2017-10-14 22:47 - 2017-10-14 22:47 - 000000000 ____D C:\ProgramData\SoftPerfect
2017-10-14 22:47 - 2016-09-20 15:28 - 000072632 _____ (NetFilterSDK.com) C:\WINDOWS\system32\Drivers\networx.sys
2017-10-14 22:46 - 2017-10-27 09:36 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-10-14 22:46 - 2017-10-27 09:36 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-10-14 22:46 - 2017-10-14 22:46 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\Google
2017-10-14 22:45 - 2017-10-15 10:55 - 000000000 ____D C:\Users\Daniel\AppData\Local\Google
2017-10-14 22:45 - 2017-10-14 22:46 - 000000000 ____D C:\Program Files (x86)\Google
2017-10-14 22:43 - 2017-10-14 22:43 - 000000000 ____D C:\Users\Daniel\Documents\My Games
2017-10-14 22:42 - 2017-10-14 22:42 - 000000000 ____D C:\Users\Daniel\AppData\Local\Steam
2017-10-14 22:42 - 2017-10-14 22:42 - 000000000 ____D C:\Users\Daniel\AppData\Local\CEF
2017-10-14 22:42 - 2017-10-14 22:42 - 000000000 ____D C:\Program Files (x86)\Intel
2017-10-14 22:41 - 2017-10-30 20:27 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-10-14 22:41 - 2017-10-30 18:54 - 000000000 __SHD C:\Users\Daniel\IntelGraphicsProfiles
2017-10-14 22:41 - 2017-10-30 15:14 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\tixati
2017-10-14 22:41 - 2017-10-27 09:31 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-10-14 22:41 - 2017-10-27 09:21 - 000000000 ____D C:\Program Files\Intel
2017-10-14 22:41 - 2017-10-14 22:41 - 000000000 ____D C:\Intel
2017-10-14 22:41 - 2017-10-14 22:41 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-10-14 22:39 - 2017-10-27 09:32 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tixati
2017-10-14 22:39 - 2017-10-14 22:39 - 000000686 _____ C:\Users\Daniel\Desktop\Tixati.lnk
2017-10-14 22:38 - 2017-10-27 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-10-14 22:38 - 2017-10-14 22:38 - 000000674 _____ C:\Users\Public\Desktop\Steam.lnk
2017-10-14 22:36 - 2017-10-14 22:39 - 000000000 ____D C:\Users\Daniel\AppData\Local\PackageStaging
2017-10-14 22:35 - 2017-10-27 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-10-14 22:35 - 2017-10-14 22:37 - 000000000 ____D C:\Users\Daniel\AppData\Local\MicrosoftEdge
2017-10-14 22:34 - 2017-10-24 19:47 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-10-14 22:34 - 2017-09-14 01:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-10-14 22:34 - 2017-09-14 01:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-10-14 22:34 - 2017-09-14 01:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-10-14 22:34 - 2017-09-14 01:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-10-14 22:33 - 2017-10-14 22:33 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\ATI
2017-10-14 22:33 - 2017-10-14 22:33 - 000000000 ____D C:\Users\Daniel\AppData\Local\ATI
2017-10-14 22:33 - 2017-10-14 22:33 - 000000000 ____D C:\Users\Daniel\AppData\Local\AMDDriverProfiles
2017-10-14 22:33 - 2017-10-14 22:33 - 000000000 ____D C:\ProgramData\ATI
2017-10-14 22:33 - 2017-10-06 20:02 - 000925200 _____ (AMD) C:\WINDOWS\system32\SETE12A.tmp
2017-10-14 22:33 - 2017-10-06 20:02 - 000925200 _____ (AMD) C:\WINDOWS\system32\SETACAA.tmp
2017-10-14 22:33 - 2017-10-06 20:02 - 000925200 _____ (AMD) C:\WINDOWS\system32\SET885.tmp
2017-10-14 22:33 - 2017-10-06 20:02 - 000925200 _____ (AMD) C:\WINDOWS\system32\SET2E2B.tmp
2017-10-14 22:33 - 2017-10-06 20:02 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SET696D.tmp
2017-10-14 22:33 - 2017-10-06 20:02 - 000029712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SET6777.tmp
2017-10-14 22:33 - 2017-10-06 20:01 - 001540112 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\SET6916.tmp
2017-10-14 22:33 - 2017-10-06 20:01 - 001057808 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\SET6AB9.tmp
2017-10-14 22:33 - 2017-10-06 20:01 - 000666640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-10-14 22:31 - 2017-10-30 20:25 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-10-14 22:31 - 2017-10-15 11:44 - 000000000 ____D C:\Users\Daniel\AppData\Local\AMD
2017-10-14 22:30 - 2017-10-24 19:49 - 000000000 ____D C:\AMD
2017-10-14 22:30 - 2017-10-22 12:30 - 000000000 ____D C:\ProgramData\Package Cache
2017-10-14 22:30 - 2017-10-14 22:30 - 000000000 _____ C:\WINDOWS\ativpsrm.bin
2017-10-14 22:27 - 2017-10-27 11:29 - 000000000 ____D C:\Program Files\AMD
2017-10-14 22:24 - 2017-10-15 12:40 - 000000000 ____D C:\Users\Daniel\AppData\Local\Comms
2017-10-14 22:21 - 2017-10-27 09:39 - 000002366 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-10-14 22:21 - 2017-10-27 09:39 - 000000000 ___RD C:\Users\Daniel\OneDrive
2017-10-14 22:21 - 2017-10-27 09:32 - 000000000 ____D C:\Program Files\Common Files\logishrd
2017-10-14 22:20 - 2017-10-27 09:38 - 000000000 ____D C:\Users\Daniel\AppData\Local\ConnectedDevicesPlatform
2017-10-14 22:20 - 2017-10-27 09:37 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-14 22:20 - 2017-10-27 09:37 - 000000000 ____D C:\Users\Daniel\AppData\Local\TileDataLayer
2017-10-14 22:20 - 2017-10-15 10:31 - 000000000 ____D C:\Users\Daniel\AppData\Local\Publishers
2017-10-14 22:20 - 2017-10-14 22:20 - 000000000 ____D C:\Users\Daniel\AppData\Roaming\Adobe
2017-10-14 22:20 - 2017-10-14 22:20 - 000000000 ____D C:\Users\Daniel\AppData\Local\VirtualStore
2017-10-14 22:18 - 2017-10-14 22:18 - 000000000 ____D C:\WINDOWS\CSC
2017-10-14 22:16 - 2017-10-14 22:16 - 000000000 _____ C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-09-30 16:37 - 2017-09-30 16:37 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2017-09-30 16:37 - 2017-09-30 16:37 - 000000000 ___SD C:\WINDOWS\system32\AppV
2017-09-30 16:37 - 2017-09-30 16:37 - 000000000 ____D C:\WINDOWS\system32\hydrogen
2017-09-30 16:37 - 2017-09-30 16:37 - 000000000 ____D C:\WINDOWS\RemotePackages
2017-09-30 16:37 - 2017-09-30 16:37 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2017-09-30 16:37 - 2017-09-30 16:37 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2017-09-30 16:37 - 2017-09-29 15:43 - 000035522 _____ C:\WINDOWS\Professional.xml
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-09-30 16:36 - 2017-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-09-30 16:36 - 2017-09-30 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2017-09-30 16:36 - 2017-09-30 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2017-09-30 16:36 - 2017-09-30 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2017-09-30 16:36 - 2017-09-30 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2017-09-30 16:36 - 2017-09-30 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2017-09-30 16:36 - 2017-09-30 16:36 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2017-09-30 16:36 - 2017-09-30 16:36 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2017-09-30 16:36 - 2017-09-30 16:36 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2017-09-30 16:36 - 2017-09-30 16:36 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2017-09-30 16:36 - 2017-09-30 16:36 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2017-09-30 16:36 - 2017-09-30 16:36 - 000000000 ____D C:\WINDOWS\OCR
2017-09-30 16:36 - 2017-09-28 21:05 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostRes.dll
2017-09-30 16:36 - 2017-09-28 21:05 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncRes.dll
2017-09-30 16:36 - 2017-09-28 21:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-09-30 16:36 - 2017-09-28 21:04 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\InternetMailCsp.dll
2017-09-30 16:36 - 2017-09-28 21:04 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncProxy.dll
2017-09-30 16:36 - 2017-09-28 21:04 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InprocLogger.dll
2017-09-30 16:36 - 2017-09-28 21:04 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\EasPolicyManagerBrokerPS.dll
2017-09-30 16:36 - 2017-09-28 21:03 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\networkhelper.dll
2017-09-30 16:36 - 2017-09-28 21:03 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2017-09-30 16:36 - 2017-09-28 21:03 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostClient.dll
2017-09-30 16:36 - 2017-09-28 21:03 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSPal.dll
2017-09-30 16:36 - 2017-09-28 21:02 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-09-30 16:36 - 2017-09-28 21:02 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-09-30 16:36 - 2017-09-28 21:01 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-09-30 16:36 - 2017-09-28 21:01 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2017-09-30 16:36 - 2017-09-28 21:00 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2017-09-30 16:36 - 2017-09-28 21:00 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2017-09-30 16:36 - 2017-09-28 20:59 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2017-09-30 16:36 - 2017-09-28 20:59 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2017-09-30 16:36 - 2017-09-28 20:56 - 001777664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-09-30 16:36 - 2017-09-28 20:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncRes.dll
2017-09-30 16:36 - 2017-09-28 20:43 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncProxy.dll
2017-09-30 16:36 - 2017-09-28 20:42 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCCSEngineShared.dll
2017-09-30 16:36 - 2017-09-28 20:42 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\networkhelper.dll
2017-09-30 16:36 - 2017-09-28 20:42 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\APHostClient.dll
2017-09-30 16:36 - 2017-09-28 20:41 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2017-09-30 16:36 - 2017-09-28 20:40 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2017-09-30 16:36 - 2017-09-28 20:40 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accountaccessor.dll
2017-09-30 16:36 - 2017-09-28 20:39 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2017-09-30 16:36 - 2017-09-28 20:39 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\syncutil.dll
2017-09-30 16:36 - 2017-09-28 20:35 - 001546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-09-30 16:35 - 2017-09-30 16:35 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-09-30 16:35 - 2017-09-30 16:35 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-09-30 16:35 - 2017-09-30 16:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-09-30 16:35 - 2017-09-30 16:35 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-09-30 16:35 - 2017-09-30 16:35 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-09-30 16:35 - 2017-09-30 16:35 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2017-09-30 16:35 - 2017-09-30 16:35 - 000000000 ____D C:\WINDOWS\system32\winrm
2017-09-30 16:35 - 2017-09-30 16:35 - 000000000 ____D C:\WINDOWS\system32\WCN
2017-09-30 16:35 - 2017-09-30 16:35 - 000000000 ____D C:\WINDOWS\system32\slmgr
2017-09-30 16:35 - 2017-09-30 16:35 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-09-30 16:35 - 2017-09-30 16:35 - 000000000 ____D C:\WINDOWS\system32\0409
2017-09-30 16:35 - 2017-09-30 16:35 - 000000000 ____D C:\WINDOWS\SKB
2017-09-30 16:35 - 2017-09-30 16:35 - 000000000 ____D C:\WINDOWS\DigitalLocker
2017-09-30 16:35 - 2017-09-28 23:38 - 002035096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-09-30 16:35 - 2017-09-28 23:23 - 000285176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2017-09-30 16:35 - 2017-09-28 23:21 - 000387408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-30 16:35 - 2017-09-28 22:49 - 000250208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2017-09-30 16:35 - 2017-09-28 22:49 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpps.dll
2017-09-30 16:35 - 2017-09-28 21:05 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2017-09-30 16:35 - 2017-09-28 21:05 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2017-09-30 16:35 - 2017-09-28 21:05 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2017-09-30 16:35 - 2017-09-28 21:05 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmerror.dll
2017-09-30 16:35 - 2017-09-28 21:04 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2017-09-30 16:35 - 2017-09-28 21:03 - 008962560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2017-09-30 16:35 - 2017-09-28 21:03 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2017-09-30 16:35 - 2017-09-28 21:02 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\quickassist.exe
2017-09-30 16:35 - 2017-09-28 21:02 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\unregmp2.exe
2017-09-30 16:35 - 2017-09-28 21:00 - 013655040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-09-30 16:35 - 2017-09-28 20:45 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2017-09-30 16:35 - 2017-09-28 20:45 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2017-09-30 16:35 - 2017-09-28 20:44 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2017-09-30 16:35 - 2017-09-28 20:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmerror.dll
2017-09-30 16:35 - 2017-09-28 20:43 - 008962560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2017-09-30 16:35 - 2017-09-28 20:43 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2017-09-30 16:35 - 2017-09-28 20:42 - 000459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quickassist.exe
2017-09-30 16:35 - 2017-09-28 20:42 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2017-09-30 16:35 - 2017-09-28 20:41 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unregmp2.exe
2017-09-30 16:35 - 2017-09-28 20:38 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-09-30 16:35 - 2017-09-28 19:20 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.tlb
2017-09-30 16:35 - 2017-09-28 19:20 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\amcompat.tlb
2017-09-30 16:35 - 2017-09-28 19:03 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.tlb
2017-09-30 16:35 - 2017-09-28 19:03 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\amcompat.tlb

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-30 20:29 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2017-10-30 20:25 - 2017-09-29 10:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-10-30 19:19 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2017-10-30 19:03 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-10-29 10:00 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-28 10:39 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-28 03:01 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-10-27 17:28 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-27 11:30 - 2017-09-29 15:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-10-27 11:29 - 2017-09-29 15:49 - 000000000 ____D C:\WINDOWS\Setup
2017-10-27 11:29 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-10-27 11:29 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-10-27 11:29 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-10-27 11:29 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-10-27 11:29 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-10-27 09:48 - 2017-09-29 15:46 - 000000000 ___RD C:\WINDOWS\PrintDialog
2017-10-27 09:36 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-10-27 09:35 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\Registration
2017-10-27 09:35 - 2017-09-29 10:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-10-27 09:34 - 2017-09-29 15:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-10-27 09:32 - 2017-09-29 15:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-10-27 09:32 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-10-27 09:20 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-10-13 20:08 - 2017-09-29 15:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-10-13 20:08 - 2017-09-29 15:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-06 20:01 - 2016-10-06 15:52 - 001540112 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\SETAA36.tmp
2017-10-06 20:01 - 2016-10-06 15:52 - 001057808 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\SET6ACB.tmp
2017-09-30 16:37 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-09-30 16:37 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-09-30 16:37 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SystemApps
2017-09-30 16:37 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\en-GB
2017-09-30 16:37 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\security
2017-09-30 16:37 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\schemas
2017-09-30 16:37 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2017-09-30 16:37 - 2017-09-29 15:43 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2017-09-30 16:37 - 2017-09-29 15:43 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\baaupdate.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 002192896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 001778584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 001628056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 001419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsCpl.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsCpl.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 001185792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 001129472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 001051544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000979384 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000963992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000855560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000830872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000812576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mblctr.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000745368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000668056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000645528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000397720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrpUxNativeSnapIn.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SrpUxNativeSnapIn.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ManagedEventLogging.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\umrdp.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000256920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\svf.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000231320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000227736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuditNativeSnapIn.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuditNativeSnapIn.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CmUtil.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000203160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\hwrreg.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000183704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000171928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000147439 _____ C:\WINDOWS\SysWOW64\gpedit.msc
2017-09-30 16:37 - 2017-09-29 15:42 - 000147439 _____ C:\WINDOWS\system32\gpedit.msc
2017-09-30 16:37 - 2017-09-29 15:42 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwclientres.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000126144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000112024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvsigpext.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000107008 _____ C:\WINDOWS\system32\RDVGHelper.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\auditpolmsg.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\auditpolmsg.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmlib.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncController.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000078232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintBrmUi.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuditPolicyGPInterop.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppCore.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuditPolicyGPInterop.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAppMonitor.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CabUtil.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\RotMgr.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hwrcomp.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.EventLogMessages.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000043566 _____ C:\WINDOWS\SysWOW64\rsop.msc
2017-09-30 16:37 - 2017-09-29 15:42 - 000043566 _____ C:\WINDOWS\system32\rsop.msc
2017-09-30 16:37 - 2017-09-29 15:42 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAgentPolicyGenerator.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qwinsta.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\qprocess.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msg.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\quser.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\chgport.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tskill.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\qappsrv.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscon.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Management.WmiAccess.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsdiscon.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\rwinsta.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoff.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\chglogon.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000021912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScriptRunner.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorCustomAdbAlgorithm.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Management.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\chgusr.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppData.WinRT.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncCommon.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.WinRT.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.LocalSyncProvider.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\reset.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\change.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\query.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernSync.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevTemplateBaselineGenerator.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwstreamingux.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevTemplateConfigItemGenerator.exe
2017-09-30 16:37 - 2017-09-29 15:42 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SmbSyncProvider.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.MonitorSyncProvider.dll
2017-09-30 16:37 - 2017-09-29 15:42 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.SyncConditions.dll
2017-09-30 16:37 - 2017-09-29 15:41 - 000037272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\terminpt.sys
2017-09-30 16:37 - 2017-09-29 15:41 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpbus.sys
2017-09-30 16:36 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-09-30 16:36 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-09-30 16:36 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-09-30 16:36 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2017-09-30 16:36 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2017-09-30 16:36 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2017-09-30 16:36 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\et-EE
2017-09-30 16:36 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\es-MX
2017-09-30 16:36 - 2017-09-29 15:43 - 000803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-09-30 16:36 - 2017-09-29 15:43 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-09-30 16:36 - 2017-09-29 15:43 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveprompt.exe
2017-09-30 16:36 - 2017-09-29 15:43 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfg.exe
2017-09-30 16:36 - 2017-09-29 15:43 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2017-09-30 16:36 - 2017-09-29 15:43 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerWizardElev.exe
2017-09-30 16:36 - 2017-09-29 15:43 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerWizard.exe
2017-09-30 16:36 - 2017-09-29 15:43 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeSysprep.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 003165696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SnippingTool.exe
2017-09-30 16:36 - 2017-09-29 15:42 - 002375200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 002220952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 002035200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 001955840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 001623448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 001490840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 001314816 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 001190400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe
2017-09-30 16:36 - 2017-09-29 15:42 - 000919552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000819096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-09-30 16:36 - 2017-09-29 15:42 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-09-30 16:36 - 2017-09-29 15:42 - 000733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000727552 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCacheProvider.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvgogl32.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2017-09-30 16:36 - 2017-09-29 15:42 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000546304 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrptadm.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrptadm.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AdmTmpl.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2017-09-30 16:36 - 2017-09-29 15:42 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSh.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2017-09-30 16:36 - 2017-09-29 15:42 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppIdPolicyEngineApi.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDistSh.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2017-09-30 16:36 - 2017-09-29 15:42 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000299616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpendp.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000293272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2017-09-30 16:36 - 2017-09-29 15:42 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscobj.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddputils.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppIdPolicyEngineApi.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\srm.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srm.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmstormod.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessCsp.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000269120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpendp.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ppcsnap.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialStore.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddpchunk.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\appvetwsharedperformance.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppvClientEventLog.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationSettings.exe
2017-09-30 16:36 - 2017-09-29 15:42 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\tspubwmi.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscobj.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgmts.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmstormod.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvgocl32.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2017-09-30 16:36 - 2017-09-29 15:42 - 000182680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mavinject.exe
2017-09-30 16:36 - 2017-09-29 15:42 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistWSDDiscoProv.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinput.exe
2017-09-30 16:36 - 2017-09-29 15:42 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000171520 ____R (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.SecureAssessment.CfgProvider.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmshell.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgmts.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000158616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2017-09-30 16:36 - 2017-09-29 15:42 - 000155648 ____R (Microsoft Corporation) C:\WINDOWS\system32\SecureAssessmentHandlers.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvgu1132.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppManagementConfiguration.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000148376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mavinject.exe
2017-09-30 16:36 - 2017-09-29 15:42 - 000146389 _____ C:\WINDOWS\system32\printmanagement.msc
2017-09-30 16:36 - 2017-09-29 15:42 - 000143768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVfs.sys
2017-09-30 16:36 - 2017-09-29 15:42 - 000142744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CscMig.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.SecureAssessment.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddptrace.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000136600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipRenew.exe
2017-09-30 16:36 - 2017-09-29 15:42 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsClassExtension.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\adrclient.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppManagementConfiguration.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000126872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppVStrm.sys
2017-09-30 16:36 - 2017-09-29 15:42 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IoTAssignedAccessLockFramework.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmshell.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000120458 _____ C:\WINDOWS\system32\secpol.msc
2017-09-30 16:36 - 2017-09-29 15:42 - 000111648 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvsievaluator.exe
2017-09-30 16:36 - 2017-09-29 15:42 - 000099784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adrclient.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvgumd32.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000093592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmlib.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppVMgmtCSP.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageInspector.exe
2017-09-30 16:36 - 2017-09-29 15:42 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsign.exe
2017-09-30 16:36 - 2017-09-29 15:42 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmtrace.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dggpext.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddp_ps.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmtrace.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000063384 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsdefenderapplicationguardcsp.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistHttpTrans.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000056216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SpatialGraphFilter.sys
2017-09-30 16:36 - 2017-09-29 15:42 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DFDWiz.exe
2017-09-30 16:36 - 2017-09-29 15:42 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfdts.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.exe
2017-09-30 16:36 - 2017-09-29 15:42 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistAD.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CIWmi.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000040344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UevAgentDriver.sys
2017-09-30 16:36 - 2017-09-29 15:42 - 000040344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClientPS.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000039424 _____ C:\WINDOWS\SysWOW64\vmstaging.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.exe
2017-09-30 16:36 - 2017-09-29 15:42 - 000037784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KeyboardFilterShim.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2010CustomActions.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000034200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KeyboardFilterCore.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetppui.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\srm_ps.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000030616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2017-09-30 16:36 - 2017-09-29 15:42 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorPerformanceEvents.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32_DeviceGuard.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000027032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVClientPS.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.ProxyStub.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000022424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hvsicontainerservice.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-30 16:36 - 2017-09-29 15:42 - 000019864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVTerminator.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000017440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVTerminator.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srm_ps.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000015256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVSentinel.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000013720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVSentinel.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AgentDriverEvents.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSErrRedir.dll
2017-09-30 16:36 - 2017-09-29 15:42 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.SecureAssessment.Diagnostics.dll
2017-09-30 16:36 - 2017-09-29 15:41 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2017-09-30 16:36 - 2017-09-29 15:41 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\dsc
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\com
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\setup
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\com
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\IME
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\Help
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files\Common Files\system
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-30 16:35 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-09-30 16:35 - 2017-09-29 15:43 - 005484032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2017-09-30 16:35 - 2017-09-29 15:43 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2017-09-30 16:35 - 2017-09-29 15:42 - 006347776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2017-09-30 16:35 - 2017-09-29 15:42 - 005739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2017-09-30 16:35 - 2017-09-29 15:42 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2017-09-30 16:35 - 2017-09-29 15:41 - 001347608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-09-30 16:35 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-09-30 16:35 - 2017-09-29 10:45 - 000000000 ____D C:\WINDOWS\servicing

==================== Files in the root of some directories =======

2017-10-28 22:10 - 2017-10-28 22:10 - 000001186 _____ () C:\Users\Daniel\AppData\Local\recently-used.xbel

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


ATTENTION: ==> Could not access BCD. 

LastRegBack: 2017-10-27 09:31

==================== End of FRST.txt ============================

Thanks

Daniel

Addition.txt

[kevinf80]

Thanks for those logs Daniel, please do not post any future logs in code or quote boxes, thanks... Continue with the following:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Please open Malwarebytes Anti-Malware.   On the Settings tab > Protection Scroll to and make sure the following are selected: Scan for Rootkits Scan within Archives   Scroll further to Potential Threat Protection make sure the following are set as follows: Potentially Unwanted Programs (PUP`s) set as :- Always detect PUP`s (recommended) Potentially Unwanted Modifications (PUM`s) set as :- Alwaysdetect PUM`s (recommended)   Click on the Scan make sure Threat Scan is selected, A Threat Scan will begin. When the scan is complete if anything is found make sure that the first checkbox at the top is checked (that will automatically check all detected items), then click on the Quarantine Selected Tab If asked to restart your computer to complete the removal, please do so When complete click on Export Summary after deletion (bottom-left corner) and select Copy to Clipboard. Wait for the prompt to restart the computer to appear, then click on Yes. After the restart once you are back at your desktop, open MBAM once more to retrieve the log. To get the log from Malwarebytes do the following:   Click on the Reports tab > from main interface. Double click on the Scan log which shows the Date and time of the scan just performed. Click Export > From export you have two options: Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply   Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply… Next, Download AdwCleaner by Malwarebytes onto your Desktop. Or from this Mirror   Right-click on AdwCleaner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users) Accept the EULA (I accept), then click on Scan Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all the active processes Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply Next, Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop Ensure to get the correct version for your system.... 32 Bit version: https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en 64 Bit version: https://www.microsoft.com/downloads/en/confirmation.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window In the "Scan Type" window, select Quick Scan Perform a scan and Click Finish when the scan is done. Retrieve the MSRT log as follows, and post it in your next reply: 1) Select the Windows key and R key together to open the "Run" function 2) Type or Copy/Paste the following command to the "Run Line" and Press Enter: notepad c:\windows\debug\mrt.log The log will include log details for each time MSRT has run, we only need the most recent log by date and time.... Let me see those logs, also tell me if there are any remaining issues or concerns.... Thanks, Kevin...

 

fixlist.txt

[caspadan]

Thank you Kevin.

I will get to this this evening and let you know.

Regards

Daniel

[kevinf80]

Thanks for the update Daniel, catch up later....

Cheers,

Kevin

[caspadan]

Kevin!

You have been so helpful, and very comprehensive.  Thank you so much.

After doing the FRST fix and a reboot, I immediately noticed no explorer window open after logging onto windows.  Also no weird script or whatever running briefly in the taskbar.

All scans came back negative - nothing malicious found.  So I'm not sure If I must still post the logs, but I've attached them anyway.

And this was a recent clean install of Windows where the Malwarebytes' trial just ended about 2 days ago or something..  Probably something I installed at some stage. But it seems to be perfect now.

Thank you SO much.

 

Daniel

 

Fixlog.txt

mbam-report.txt

AdwCleaner[S0].txt

mrt.log

[kevinf80]

Yes all issues were cleared up with FRST fix, you should be good to go after the following:

Download "Delfix by Xplode" and save it to your desktop. Or use the following if first link is down: "Delfix link mirror" If your security program alerts to Delfix either, accept the alert or turn your security off. Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator Make Sure the following items are checked:   Remove disinfection tools <----- this will remove tools we may have used. Purge System Restore <--- this will remove all previous and possibly exploited restore points, a new point relative to system status at present will be created. Reset system settings <--- this will reset any system settings back to default that were changed either by us during cleansing or malware/infection Now click on "Run" and wait patiently until the tool has completed. The tool will create a log when it has completed. We don't need you to post this. Any remnant files/logs from tools we have used can be deleted… Next, Read the following links to fully understand PC Security and Best Practices, you may find them useful.... Answers to Common Security Questions and best Practices Do I need a Registry Cleaner? Take care and surf safe Kevin...

[caspadan]

Thank you again.

Everything is perfect now!

[kevinf80]

You`re very welcome, comeback anytime...

Regards,

Kevin...

[kevinf80]

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!