Solved Rundll32.exe being stoped by antivirus

Capsize · Mar 28, 2019

Hi all,

Im hoping someone can help me with this as I have hit a dead end with my capability's.
Two days ago my antivirus (Bit Defender) has been contently spamming that its stopping something from connecting. I suspect I may have downloaded something nasty by accident.
I have done a full scan with Bit Defender and Malwarebytes, both have found some issues, which they resolved, however im still getting messages from my antivirus that soemthjing is going on in the background.

Feature:
Advanced Threat Defense
Application rundll32.exe has been detected as potentially malicious and blocked. Application path: C:\Windows\SysWOW64\rundll32.exe

Can anyone help with what it might be? I have run out of ideas.
- Cap

Broni · Mar 28, 2019

Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

Capsize · Mar 29, 2019

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by Aaron (administrator) on DESKTOP-KIM1OD5 (29-03-2019 18:02:29)
Running from C:\Users\Aaron\Downloads
Loaded Profiles: Aaron (Available Profiles: Aaron)
Platform: Windows 10 Pro Version 1809 17763.379 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0339689.inf_amd64_266a640423a0bba5\B339442\atiesrxx.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0339689.inf_amd64_266a640423a0bba5\B339442\atieclxx.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(voidtools -> ) C:\Program Files (x86)\Everything\Everything.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Aaron\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Spotify AB -> Spotify Ltd) C:\Users\Aaron\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Aaron\AppData\Roaming\Spotify\Spotify.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe
(Spotify AB -> Spotify Ltd) C:\Users\Aaron\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Aaron\AppData\Roaming\Spotify\Spotify.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(voidtools -> ) C:\Program Files (x86)\Everything\Everything.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.164_none_7e114a3d4d0589d4\TiWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Everything] => C:\Program Files (x86)\Everything\Everything.exe [1710880 2019-01-26] (voidtools -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-68770294-676844702-3198948009-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3146016 2019-03-06] (Valve -> Valve Corporation)
HKU\S-1-5-21-68770294-676844702-3198948009-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-01-15] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-68770294-676844702-3198948009-1002\...\Run: [Spotify] => C:\Users\Aaron\AppData\Roaming\Spotify\Spotify.exe [25650920 2019-03-16] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-68770294-676844702-3198948009-1002\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [5650384 2019-02-16] (GlassWire -> SecureMix LLC)
GroupPolicy: Restriction - Windows Defender <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ba94f788-b762-4b5c-86fd-c3fb77261113}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ed415593-b4cf-44fb-9357-a3b992ab6110}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2019-02-01] (Bitdefender SRL -> Bitdefender)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2019-02-01] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2019-02-01] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2019-02-01] (Bitdefender SRL -> Bitdefender)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: lqdhsgjr.default
FF ProfilePath: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\lqdhsgjr.default [2019-03-29]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2018-12-19]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2019-03-06] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default [2019-03-28]
CHR Extension: (Slides) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-28]
CHR Extension: (Docs) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-28]
CHR Extension: (Google Drive) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-28]
CHR Extension: (YouTube) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-28]
CHR Extension: (Sheets) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-28]
CHR Extension: (Bitdefender Wallet) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2019-03-28]
CHR Extension: (Google Docs Offline) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-28]
CHR Extension: (Gmail) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-28]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\c0339689.inf_amd64_266a640423a0bba5\B339442\atiesrxx.exe [517248 2019-03-07] (Advanced Micro Devices, Inc. -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [779152 2019-02-01] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [779152 2019-02-01] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195320 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 D3AA93D3; C:\ProgramData\D3AA93D3\707A1874.dll [1193472 2019-03-28] () [File not signed]
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [95520 2019-02-01] (Bitdefender SRL -> Bitdefender)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-03-24] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Everything; C:\Program Files (x86)\Everything\Everything.exe [1710880 2019-01-26] (voidtools -> )
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [4461520 2019-02-16] (GlassWire -> SecureMix LLC)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [529696 2019-02-02] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1293936 2018-11-16] (Bitdefender SRL -> Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381128 2019-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 symsrv; C:\Program Files\windows nt\symsrv.exe [145168 2019-03-28] (Microsoft Corporation -> Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [114192 2019-02-01] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe [816616 2019-02-01] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830128 2019-03-15] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0339689.inf_amd64_266a640423a0bba5\B339442\atikmdag.sys [52889520 2019-03-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0339689.inf_amd64_266a640423a0bba5\B339442\atikmpag.sys [598952 2019-03-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AsrDrv102; C:\Windows\SysWOW64\Drivers\AsrDrv102.sys [22248 2019-03-25] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 AsrDrv103; C:\Windows\SysWOW64\Drivers\AsrDrv103.sys [34568 2019-03-25] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
R1 atc; C:\Windows\System32\DRIVERS\atc.sys [1423680 2019-01-21] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [107400 2018-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R2 BdDci; C:\Windows\System32\DRIVERS\bddci.sys [367096 2019-01-29] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23032 2018-04-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R0 bdprivmon; C:\Windows\System32\DRIVERS\bdprivmon.sys [45728 2018-09-17] (Bitdefender SRL -> © Bitdefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [96448 2018-04-27] (Bitdefender SRL -> BitDefender)
R3 e1dexpress; C:\Windows\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_691712a04a41c1cd\e1d68x64.sys [568960 2018-10-09] (Intel(R) INTELND1820 -> Intel Corporation)
R0 Gemma; C:\Windows\System32\DRIVERS\gemma.sys [374632 2018-11-19] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (GlassWire -> SecureMix LLC)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [201000 2018-11-20] (Bitdefender SRL -> BitDefender LLC)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [191264 2019-02-02] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 Ignis; C:\Windows\system32\DRIVERS\ignis.sys [196352 2018-10-26] (Bitdefender SRL -> Bitdefender)
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7708160 2018-09-15] (Microsoft Windows -> Intel Corporation)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [610640 2019-01-14] (Bitdefender SRL -> Bitdefender)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-29 18:02 - 2019-03-29 18:02 - 000020631 _____ C:\Users\Aaron\Downloads\FRST.txt
2019-03-29 17:57 - 2019-03-29 18:02 - 000000000 ____D C:\FRST
2019-03-29 17:55 - 2019-03-29 17:55 - 002427904 _____ (Farbar) C:\Users\Aaron\Downloads\FRST64(1).exe
2019-03-29 12:52 - 2019-03-29 12:52 - 000000000 ____D C:\Users\Aaron\AppData\Local\bdch
2019-03-29 12:52 - 2019-03-29 12:52 - 000000000 ____D C:\ProgramData\bdch
2019-03-28 17:17 - 2019-03-28 17:17 - 000000000 ____D C:\Users\Aaron\AppData\Local\GlassWire
2019-03-28 16:37 - 2019-03-28 16:37 - 000001966 _____ C:\Users\Public\Desktop\GlassWire.lnk
2019-03-28 16:37 - 2019-03-28 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GlassWire
2019-03-28 16:37 - 2019-03-28 16:37 - 000000000 ____D C:\ProgramData\GlassWire
2019-03-28 16:37 - 2019-03-28 16:37 - 000000000 ____D C:\Program Files (x86)\GlassWire
2019-03-28 16:37 - 2015-05-29 15:30 - 000008392 _____ C:\Windows\system32\Drivers\gwdrv.cat
2019-03-28 16:37 - 2015-05-29 15:15 - 000033152 _____ (SecureMix LLC) C:\Windows\system32\Drivers\gwdrv.sys
2019-03-28 16:32 - 2019-03-28 16:32 - 002434048 _____ (Farbar) C:\Users\Aaron\Downloads\FRST64.exe
2019-03-28 16:29 - 2019-03-28 16:33 - 000000000 ____D C:\Users\Aaron\Desktop\mbar
2019-03-28 16:29 - 2019-03-28 16:33 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2019-03-28 16:29 - 2019-03-28 16:29 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\631743DB.sys
2019-03-28 16:29 - 2019-03-28 16:29 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2019-03-28 16:29 - 2019-03-28 16:29 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-28 16:28 - 2019-03-28 16:29 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Aaron\Downloads\mbar-1.10.3.1001.exe
2019-03-28 16:01 - 2019-03-28 16:01 - 000042904 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP152.SYS
2019-03-28 16:00 - 2019-03-28 16:00 - 001828569 _____ C:\Users\Aaron\Downloads\ProcessExplorer.zip
2019-03-28 15:25 - 2019-03-28 15:25 - 039532768 _____ (SUPERAntiSpyware) C:\Users\Aaron\Downloads\SUPERAntiSpyware.exe
2019-03-28 15:25 - 2019-03-28 15:25 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2019-03-28 15:23 - 2019-03-28 15:23 - 000079934 _____ C:\ProgramData\dm.update.1553746980.bdinstall.bin
2019-03-28 14:59 - 2019-03-28 14:59 - 000302080 _____ C:\Users\Aaron\Downloads\connectivity_issues.exe
2019-03-28 14:41 - 2019-03-28 14:41 - 000798324 _____ C:\ProgramData\cl.1553744239.bdinstall.v2.bin
2019-03-28 14:41 - 2019-03-28 14:41 - 000101904 _____ C:\ProgramData\cl.kit.1553744239.bdinstall.v2.bin
2019-03-28 14:41 - 2019-03-28 14:41 - 000003420 _____ C:\Windows\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2019-03-28 14:38 - 2019-03-28 15:06 - 000000000 ____D C:\Program Files\Bitdefender
2019-03-28 14:38 - 2019-03-28 14:47 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\Bitdefender
2019-03-28 14:38 - 2019-03-28 14:38 - 000002421 _____ C:\Users\Public\Desktop

Capsize · Mar 29, 2019

\Bitdefender VPN.lnk
2019-03-28 14:38 - 2019-03-28 14:38 - 000002334 _____ C:\Users\Public\Desktop\Bitdefender.lnk
2019-03-28 14:38 - 2019-03-28 14:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2019-03-28 14:38 - 2019-01-29 09:39 - 000367096 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys
2019-03-28 14:38 - 2019-01-21 01:58 - 001423680 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\atc.sys
2019-03-28 14:38 - 2019-01-14 16:25 - 000610640 _____ (Bitdefender) C:\Windows\system32\Drivers\trufos.sys
2019-03-28 14:38 - 2018-11-20 10:42 - 000201000 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2019-03-28 14:38 - 2018-11-19 13:10 - 000374632 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\gemma.sys
2019-03-28 14:38 - 2018-10-26 11:57 - 000196352 _____ (Bitdefender) C:\Windows\system32\Drivers\ignis.sys
2019-03-28 14:38 - 2018-09-17 06:36 - 000045728 _____ (© Bitdefender SRL) C:\Windows\system32\Drivers\bdprivmon.sys
2019-03-28 14:38 - 2018-04-27 09:45 - 000096448 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2019-03-28 14:38 - 2018-04-19 09:37 - 000023032 _____ (Bitdefender) C:\Windows\system32\Drivers\bdelam.sys
2019-03-28 14:37 - 2019-03-28 14:38 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2019-03-28 13:52 - 2019-03-28 13:52 - 000000000 ____D C:\Users\Aaron\AppData\Local\mbam
2019-03-28 13:51 - 2019-03-28 13:51 - 062430768 _____ (Malwarebytes ) C:\Users\Aaron\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.563-1.0.9877.exe
2019-03-28 13:51 - 2019-03-28 13:51 - 000000000 ____D C:\Users\Aaron\AppData\Local\mbamtray
2019-03-28 13:49 - 2019-03-28 13:49 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\QuickScan
2019-03-28 13:15 - 2019-03-28 13:15 - 000000258 __RSH C:\Users\Aaron\ntuser.pol
2019-03-28 13:09 - 2019-03-28 13:09 - 000000000 ____D C:\ProgramData\IObit
2019-03-28 13:09 - 2019-03-28 13:09 - 000000000 ____D C:\Program Files (x86)\IObit
2019-03-28 13:00 - 2019-03-28 13:09 - 000002546 _____ C:\Users\Aaron\Desktop\Google Chrome.lnk
2019-03-28 13:00 - 2019-03-28 13:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-03-28 13:00 - 2019-03-28 13:00 - 000002478 _____ C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-28 13:00 - 2019-03-28 13:00 - 000000000 ____D C:\Users\Aaron\AppData\Local\Google
2019-03-28 12:59 - 2019-03-28 12:59 - 000000000 ____D C:\ProgramData\Jetmedia
2019-03-28 12:58 - 2019-03-28 12:59 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\Jetmedia
2019-03-28 12:58 - 2019-03-28 12:58 - 000000000 ____D C:\Users\Public\Thunder Network
2019-03-28 12:58 - 2019-03-28 12:58 - 000000000 ____D C:\ProgramData\Thunder Network
2019-03-28 12:58 - 2019-03-28 12:58 - 000000000 ____D C:\ProgramData\{E315206B-3FCF-A830-B722-B324B7C5EA75}
2019-03-28 12:58 - 2019-03-28 12:58 - 000000000 ____D C:\ProgramData\{24FE4870-57D4-6FDB-AC4A-58E3ACAD01B2}
2019-03-28 12:58 - 2019-03-28 12:58 - 000000000 ____D C:\Program Files (x86)\Wind Trade
2019-03-28 12:58 - 2019-03-28 12:58 - 000000000 ____D C:\Program Files (x86)\Jetmedia
2019-03-28 12:57 - 2019-03-29 17:42 - 000000000 __RHD C:\ProgramData\D3AA93D3
2019-03-28 12:57 - 2019-03-28 13:16 - 000000000 ____D C:\Users\Aaron\AppData\Local\App
2019-03-28 12:57 - 2019-03-28 12:58 - 000002676 __RSH C:\ProgramData\ntuser.pol
2019-03-28 12:57 - 2019-03-28 12:57 - 000000000 ____D C:\ProgramData\Jisone
2019-03-28 12:54 - 2019-03-28 12:58 - 000722944 _____ C:\Users\Aaron\AppData\Local\sha.db
2019-03-27 22:20 - 2019-03-27 22:20 - 000098234 _____ C:\Windows\uninstaller.dat
2019-03-25 08:46 - 2019-03-25 08:46 - 000034568 _____ (ASRock Incorporation) C:\Windows\SysWOW64\Drivers\AsrDrv103.sys
2019-03-25 08:46 - 2019-03-25 08:46 - 000022248 _____ (ASRock Incorporation) C:\Windows\SysWOW64\Drivers\AsrDrv102.sys
2019-03-24 20:46 - 2019-03-28 16:39 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\qBittorrent
2019-03-24 20:46 - 2019-03-24 20:46 - 023438713 _____ (The qBittorrent project) C:\Users\Aaron\Downloads\qbittorrent_4.1.5_x64_setup.exe
2019-03-24 20:46 - 2019-03-24 20:46 - 000000889 _____ C:\Users\Public\Desktop\qBittorrent.lnk
2019-03-24 20:46 - 2019-03-24 20:46 - 000000000 ____D C:\Users\Aaron\AppData\Local\qBittorrent
2019-03-24 20:46 - 2019-03-24 20:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2019-03-24 20:46 - 2019-03-24 20:46 - 000000000 ____D C:\Program Files\qBittorrent
2019-03-24 11:40 - 2019-03-24 11:40 - 000000000 ____D C:\Users\Aaron\AppData\Local\id Software
2019-03-24 11:39 - 2019-03-24 11:39 - 000000000 ____D C:\Users\Public\Documents\Steam
2019-03-24 11:39 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2019-03-24 11:39 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2019-03-24 11:39 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2019-03-24 11:39 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2019-03-24 11:39 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2019-03-24 11:39 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2019-03-24 11:39 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2019-03-24 11:39 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2019-03-24 11:39 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2019-03-24 11:39 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2019-03-24 11:39 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2019-03-24 11:39 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2019-03-24 11:39 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2019-03-24 11:39 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2019-03-24 11:39 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2019-03-24 11:39 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2019-03-24 11:39 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2019-03-24 11:39 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2019-03-24 11:39 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2019-03-24 11:39 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2019-03-24 11:39 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2019-03-24 11:39 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2019-03-24 11:39 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2019-03-24 11:39 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2019-03-24 11:39 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2019-03-24 11:39 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2019-03-24 11:39 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2019-03-24 11:39 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2019-03-24 11:39 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2019-03-24 11:39 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2019-03-24 11:39 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2019-03-24 11:39 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2019-03-24 11:39 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2019-03-24 11:39 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2019-03-24 11:39 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2019-03-24 11:39 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2019-03-24 11:39 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2019-03-24 11:39 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2019-03-24 11:39 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2019-03-24 11:39 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2019-03-24 11:39 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2019-03-24 11:39 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2019-03-24 11:39 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2019-03-24 11:39 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2019-03-24 11:39 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2019-03-24 11:39 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2019-03-24 11:39 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2019-03-24 11:39 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2019-03-24 11:39 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2019-03-24 11:39 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2019-03-24 11:39 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2019-03-24 11:39 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2019-03-24 11:39 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2019-03-24 11:39 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2019-03-24 11:39 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2019-03-24 11:39 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2019-03-24 11:39 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2019-03-24 11:39 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2019-03-24 11:39 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2019-03-24 11:39 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2019-03-24 11:39 - 2008-10-10 04:52 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2019-03-24 11:39 - 2008-10-10 04:52 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2019-03-24 11:39 - 2008-10-10 04:52 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2019-03-24 11:39 - 2008-10-10 04:52 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2019-03-24 11:39 - 2008-10-10 04:52 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2019-03-24 11:39 - 2008-10-10 04:52 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2019-03-24 11:39 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2019-03-24 11:39 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2019-03-24 11:39 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2019-03-24 11:39 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2019-03-24 11:39 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2019-03-24 11:39 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2019-03-24 11:39 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2019-03-24 11:39 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2019-03-24 11:39 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2019-03-24 11:39 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2019-03-24 11:39 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2019-03-24 11:39 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2019-03-24 11:39 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2019-03-24 11:39 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2019-03-24 11:39 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2019-03-24 11:39 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2019-03-24 11:39 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2019-03-24 11:39 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2019-03-24 11:39 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2019-03-24 11:39 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2019-03-24 11:39 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2019-03-24 11:39 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2019-03-24 11:39 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2019-03-24 11:39 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2019-03-24 11:39 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2019-03-24 11:39 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2019-03-24 11:39 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2019-03-24 11:39 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2019-03-24 11:39 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2019-03-24 11:39 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2019-03-24 11:39 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2019-03-24 11:39 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2019-03-24 11:39 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2019-03-24 11:39 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2019-03-24 11:39 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2019-03-24 11:39 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2019-03-24 11:39 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2019-03-24 11:39 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2019-03-24 11:39 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2019-03-24 11:39 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2019-03-24 11:39 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2019-03-24 11:39 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2019-03-24 11:39 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2019-03-24 11:39 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2019-03-24 11:39 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2019-03-24 11:39 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2019-03-24 11:38 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2019-03-24 11:38 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2019-03-24 11:38 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2019-03-24 11:38 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2019-03-24 11:38 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2019-03-24 11:38 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2019-03-24 11:38 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2019-03-24 11:38 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2019-03-24 11:38 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2019-03-24 11:38 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2019-03-24 11:38 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2019-03-24 11:38 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2019-03-24 11:38 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2019-03-24 11:38 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2019-03-24 11:38 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2019-03-24 11:38 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2019-03-24 11:38 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2019-03-24 11:38 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2019-03-24 11:38 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2019-03-24 11:38 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2019-03-24 11:38 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2019-03-24 11:38 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2019-03-24 11:38 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2019-03-24 11:38 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2019-03-24 11:38 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2019-03-24 11:38 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2019-03-24 11:38 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2019-03-24 11:38 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2019-03-24 11:38 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2019-03-24 11:38 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2019-03-24 11:38 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2019-03-24 11:38 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2019-03-24 11:38 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2019-03-24 11:38 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2019-03-24 11:38 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2019-03-24 11:38 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2019-03-24 11:38 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2019-03-24 11:38 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2019-03-24 11:38 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2019-03-24 11:38 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2019-03-24 11:38 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2019-03-24 11:38 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2019-03-24 11:38 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2019-03-24 11:38 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2019-03-24 11:38 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2019-03-24 11:38 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2019-03-24 11:38 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2019-03-24 11:38 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2019-03-24 11:38 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2019-03-24 11:38 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2019-03-24 11:38 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2019-03-24 11:38 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2019-03-24 11:38 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2019-03-24 11:38 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2019-03-24 11:38 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2019-03-24 11:38 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2019-03-24 11:38 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2019-03-24 11:38 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2019-03-24 11:38 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2019-03-24 11:38 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2019-03-24 11:38 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2019-03-24 11:38 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2019-03-24 11:38 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2019-03-24 11:38 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2019-03-24 11:38 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2019-03-24 11:38 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2019-03-24 11:38 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2019-03-24 11:38 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2019-03-24 11:38 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2019-03-24 11:38 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2019-03-24 11:37 - 2019-03-24 11:39 - 000000000 ____D C:\Windows\SysWOW64\directx
2019-03-24 11:37 - 2019-03-24 11:38 - 000000000 ___HD C:\Windows\msdownld.tmp
2019-03-24 11:37 - 2019-03-24 11:37 - 000292184 _____ (Microsoft Corporation) C:\Users\Aaron\Downloads\dxwebsetup.exe
2019-03-24 10:56 - 2019-03-24 10:56 - 000000000 ____D C:\Users\Aaron\AppData\LocalLow\The Fun Pimps
2019-03-24 10:55 - 2019-03-24 11:03 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\7DaysToDie
2019-03-24 10:55 - 2019-03-24 10:55 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\EasyAntiCheat
2019-03-24 10:55 - 2019-03-24 10:55 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-03-24 10:36 - 2019-03-24 10:36 - 000000222 _____ C:\Users\Aaron\Desktop\7 Days to Die.url
2019-03-24 10:19 - 2019-03-24 10:19 - 000000765 _____ C:\Users\Public\Desktop\Doom 2016 (Vulkan).lnk
2019-03-24 10:19 - 2019-03-24 10:19 - 000000753 _____ C:\Users\Public\Desktop\Doom 2016 (OpenGL).lnk
2019-03-24 10:19 - 2019-03-24 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doom 2016
2019-03-22 10:34 - 2019-03-22 17:58 - 000000000 ____D C:\Users\Aaron\Downloads\Watch Dogs 2 - Gold Edition [FitGirl Repack]
2019-03-22 10:28 - 2019-03-22 10:28 - 000000000 ____D C:\Users\Aaron\Downloads\Doom Complete Edition v6.66
2019-03-19 00:33 - 2019-03-19 00:34 - 067964979 ____R
2019-03-18 10:47 - 2019-03-18 10:48 - 066481097 _____ C:\Users\Aaron\Downloads\PolychromeRGB(v1.0.34).zip
2019-03-18 10:43 - 2019-03-18 10:43 - 000000914 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2019-03-18 10:42 - 2019-03-18 10:42 - 000000975 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2019-03-18 10:27 - 2019-03-18 10:27 - 000001390 _____ C:\Users\Public\Desktop\ASRRGBLED.lnk

Capsize · Mar 29, 2019

2019-03-18 10:27 - 2019-03-18 10:27 - 000000000 ___HD C:\Program Files (x86)\Temp
2019-03-18 10:27 - 2019-03-18 10:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2019-03-18 10:27 - 2019-03-18 10:27 - 000000000 ____D C:\Program Files (x86)\ASRock Utility
2019-03-18 10:27 - 2018-01-15 14:40 - 002856800 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2019-03-17 13:29 - 2019-03-17 13:29 - 000000000 ____D C:\Downloaded Games
2019-03-17 12:25 - 2019-03-17 12:31 - 000000000 ____D C:\Maya Projects
2019-03-17 12:24 - 2019-03-17 16:51 - 000000000 ____D C:\Assets
2019-03-17 12:22 - 2019-03-17 16:48 - 000000000 ____D C:\Tutorials
2019-03-15 15:24 - 2019-03-15 15:24 - 024616960 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 020814848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 019284480 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 012151296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 007897088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 006069760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 005436184 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 004920832 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 003744256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 003566080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 003551408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 002752360 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 002323688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 002278240 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 001969152 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 001706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 001521664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 001307648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 001294856 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 001289192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 001258808 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-03-15 15:24 - 2019-03-15 15:24 - 001200920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 001077912 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 001072720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000866152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCacheProvider.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000684032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000560128 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000421688 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000420864 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSh.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDistSh.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000263360 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCleaner.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000181248 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 026810368 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 023440896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 022114960 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 019023872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 017520640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 015224320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 012857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 009683256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 009670656 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 008875008 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 007883776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 007882240 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 007688088 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 007647256 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 007556392 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 007251456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 006548168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 006440960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 006309040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 005915936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 005588184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 005566464 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 005296640 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 004883968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 004689408 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 004588744 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 004245280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 003983360 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 003923456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 003761664 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 003729808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 003660288 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 003656192 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 003652656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 003504128 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 003427840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 003399168 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 003382272 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 003378488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 003108864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002942464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002926904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 002871312 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 002842112 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002776712 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002766648 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002720768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 002700792 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002689536 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002637312 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 002630656 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002626360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 002488320 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 002447360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002437344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002275680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002199864 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002187776 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002141184 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppAgent.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002127360 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002073240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002044416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002021584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002013696 _____ C:\Windows\system32\rdpnano.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002001408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001994760 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001969464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 001931264 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001899160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001893888 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001884672 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001860608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001844448 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001830200 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001782272 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001760768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001751352 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001742104 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001715712 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001711616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001701376 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001697744 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-03-15 15:23 - 2019-03-15 15:23 - 001672704 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001656832 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001644048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001641400 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001612600 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001604096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001590072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001572176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001563336 _____ (Microsoft Corporation) C:\Windows\system32\ttdrecordcpu.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001522488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001506816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001496064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001481488 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001479480 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001468440 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 001457544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001403920 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001360696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 001341880 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-03-15 15:23 - 2019-03-15 15:23 - 001332224 _____ (Microsoft Corporation) C:\Windows\system32\lpasvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001331536 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001296576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001272552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ttdrecordcpu.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001267712 _____ (Microsoft Corporation) C:\Windows\system32\APMon.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001259320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 001256448 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001253688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 001224704 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001221944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001221120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 001208320 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001199104 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001191512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001180248 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001179168 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 001177088 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CommonBridge.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001176064 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001131520 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001121280 _____ (Microsoft Corporation) C:\Windows\system32\ApplySettingsTemplateCatalog.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 001098128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001087800 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001078072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Services.TargetedContent.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001072640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001056272 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001054200 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 001052160 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001047040 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001043256 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 001022616 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001008128 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001001472 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2019-03-15 15:23 - 2019-03-15 15:23 - 000981816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000955392 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000926208 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000918032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000908800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2019-03-15 15:23 - 2019-03-15 15:23 - 000902144 _____ (Microsoft Corporation) C:\Windows\system32\BingOnlineServices.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000895048 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000888320 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000888120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pidgenx.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000883712 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000871792 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000865568 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000860160 _____ C:\Windows\system32\MBR2GPT.EXE
2019-03-15 15:23 - 2019-03-15 15:23 - 000850760 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000836096 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000833064 _____ C:\Windows\system32\InputHost.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000831288 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000823296 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000817464 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000808464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000790328 _____ (Microsoft Corporation) C:\Windows\system32\upshared.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000782968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000775168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000772608 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000772408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Services.TargetedContent.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000769536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000764216 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000762880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000760832 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.PrinterCustomActions.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000757664 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000745984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000743224 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000741888 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000735760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000726416 _____ (Microsoft Corporation)

Capsize · Mar 29, 2019

C:\Windows\system32\kernel32.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000714240 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000703488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000691712 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000680184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000661816 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000655160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000652824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000651576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000649528 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000649272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000646656 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000646632 _____ (Microsoft Corporation) C:\Windows\system32\msvcp_win.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000642048 _____ (Microsoft Corporation) C:\Windows\system32\SharedRealitySvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000622080 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000621568 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000619832 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000605496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000604336 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000599040 _____ (Microsoft Corporation) C:\Windows\system32\facecredentialprovider.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000591832 _____ C:\Windows\SysWOW64\InputHost.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000572416 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000566272 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000553784 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000549376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000548864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000540672 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-03-15 15:23 - 2019-03-15 15:23 - 000531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000525312 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000519992 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000511800 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000508216 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000505656 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsound.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000495104 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\ResourceMapper.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000484976 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000479232 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000474936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-03-15 15:23 - 2019-03-15 15:23 - 000463672 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000460304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000453944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000452096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000449368 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000449024 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000444728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000435712 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000419128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2019-03-15 15:23 - 2019-03-15 15:23 - 000411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000407552 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000404792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000402944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000395064 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000387832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000386872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000383288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000383288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000367616 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\DataUsageHandlers.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000359424 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000355360 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\BioCredProv.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000340480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000336744 _____ (Microsoft Corporation) C:\Windows\system32\AudioSrvPolicyManager.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000330464 _____ (Microsoft Corporation) C:\Windows\system32\ttdwriter.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000322576 _____ (Microsoft Corporation)
C:\Windows\system32\acmigration.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MbbCx.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000279376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BioCredProv.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000272648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ttdwriter.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000264192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000262456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000246584 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\smbwmiv2.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000224256 _____ (Microsoft Corporation) C:\Windows\system32\ptpprov.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000214528 _____ (Microsoft Corporation) C:\Windows\system32\srumsvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\SecureTimeAggregator.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000202552 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000196608 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000195896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000180736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumsvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000178688 _____ (Microsoft Corporation) C:\Windows\system32\winbio.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\ngctasks.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000174392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppvVemgr.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000169784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000156984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000147968 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000147256 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SpatialAudioLicenseSrv.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000138960 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000134144 _____ (Microsoft Corporation) C:\Windows\system32\DataUsageLiveTileTask.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srpapi.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winbio.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\DolbyMATEnc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000115152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000104248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bindflt.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storqosflt.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000090424 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000071184 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Common.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\UevAppMonitor.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000035640 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\SecureBioSysprep.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rfxvmt.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-03-15 15:23 - 2019-03-15 15:23 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-03-15 15:23 - 2019-03-15 15:23 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-03-15 15:23 - 2019-03-15 15:23 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-03-15 15:23 - 2019-03-15 15:23 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-03-15 15:23 - 2019-03-15 15:23 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-03-15 15:23 - 2019-03-15 15:23 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-03-15 15:23 - 2019-03-15 15:23 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-03-14 09:33 - 2019-03-14 09:33 - 000307793 _____ C:\Users\Aaron\Documents\Moonlight Cinema.pdf
2019-03-14 09:33 - 2019-03-14 09:33 - 000000000 ____D C:\Users\Aaron\AppData\LocalLow\Temp
2019-03-11 12:24 - 2019-03-11 12:43 - 000000000 ____D C:\Users\Aaron\Documents\DawnOfMan
2019-03-11 12:24 - 2019-03-11 12:24 - 000000000 ____D C:\Users\Aaron\AppData\LocalLow\Madruga Works
2019-03-11 10:03 - 2019-03-24 10:36 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-03-11 10:03 - 2019-03-11 10:03 - 000000222 _____ C:\Users\Aaron\Desktop\Dawn of Man.url
2019-03-11 09:29 - 2019-03-11 09:29 - 000003352 _____ C:\Windows\System32\Tasks\SamsungMagician
2019-03-11 09:29 - 2019-03-11 09:29 - 000000000 ____D C:\ProgramData\Samsung
2019-03-11 09:29 - 2019-03-11 09:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2019-03-11 09:29 - 2019-03-11 09:29 - 000000000 ____D C:\Program Files (x86)\Samsung
2019-03-11 09:24 - 2019-03-11 09:24 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\KSM
2019-03-11 09:23 - 2019-03-11 09:24 - 000000000 ____D C:\Program Files (x86)\Kingston_SSD_Manager
2019-03-11 09:23 - 2019-03-11 09:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingston SSD Manager
2019-03-11 09:08 - 2019-03-11 09:08 - 000000000 ____D C:\Users\Aaron\AppData\Local\DBG
2019-03-11 09:07 - 2019-03-11 09:08 - 000000000 ____D C:\Users\Aaron\Desktop\Old PSD's
2019-03-11 08:54 - 2019-03-11 08:54 - 000002684 _____ C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2019-03-11 08:53 - 2017-11-12 14:04 - 000003999 _____ C:\Users\Aaron\Documents\jesswatercolorbrush (2).abr
2019-03-11 08:53 - 2017-11-12 14:04 - 000003999 _____ C:\Users\Aaron\Documents\jesswatercolorbrush (1).abr
2019-03-11 08:50 - 2019-03-11 08:50 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\WinRAR
2019-03-11 08:49 - 2019-03-11 08:49 - 000000000 ____D C:\Program Files\WinRAR
2019-03-11 08:48 - 2019-03-11 08:48 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-03-11 08:48 - 2019-03-11 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-03-11 08:48 - 2019-03-11 08:48 - 000000000 ____D C:\Program Files\iTunes
2019-03-11 08:48 - 2019-03-11 08:48 - 000000000 ____D C:\Program Files\iPod
2019-03-11 08:47 - 2019-03-29 17:58 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\Spotify
2019-03-11 08:47 - 2019-03-29 17:42 - 000000000 ____D C:\Users\Aaron\AppData\Local\Spotify
2019-03-11 08:47 - 2019-03-11 08:47 - 000001850 _____ C:\Users\Aaron\Desktop\Spotify.lnk
2019-03-11 08:47 - 2019-03-11 08:47 - 000001836 _____ C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2019-03-11 08:47 - 2017-10-06 10:43 - 014241787 _____ C:\Users\Aaron\Documents\IMG_1807.MOV
2019-03-11 08:46 - 2019-03-11 08:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2019-03-11 08:44 - 2019-03-11 08:51 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\Apple Computer
2019-03-11 08:44 - 2019-03-11 08:46 - 000000000 ____D C:\Users\Aaron\AppData\Local\Apple Computer
2019-03-11 08:43 - 2019-03-11 08:46 - 000000000 ____D C:\Program Files\Common Files\Apple
2019-03-11 08:43 - 2019-03-11 08:43 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2019-03-11 08:43 - 2019-03-11 08:43 - 000000000 ____D C:\Windows\System32\Tasks\Apple
2019-03-11 08:43 - 2019-03-11 08:43 - 000000000 ____D C:\Users\Aaron\AppData\Local\Apple
2019-03-11 08:43 - 2019-03-11 08:43 - 000000000 ____D C:\ProgramData\Apple Computer
2019-03-11 08:43 - 2019-03-11 08:43 - 000000000 ____D C:\Program Files\Bonjour
2019-03-11 08:43 - 2019-03-11 08:43 - 000000000 ____D C:\Program Files (x86)\Bonjour
2019-03-11 08:43 - 2019-03-11 08:43 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2019-03-11 08:42 - 2019-03-11 08:43 - 000000000 ____D C:\ProgramData\Apple
2019-03-11 08:40 - 2019-03-11 08:40 - 000002729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2019-03-11 08:40 - 2019-03-11 08:40 - 000002662 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive для бизнеса.lnk
2019-03-11 08:40 - 2019-03-11 08:40 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2019-03-11 08:40 - 2019-03-11 08:40 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype для бизнеса 2016.lnk
2019-03-11 08:40 - 2019-03-11 08:40 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2019-03-11 08:40 - 2019-03-11 08:40 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-03-11 08:40 - 2019-03-11 08:40 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2019-03-11 08:40 - 2019-03-11 08:40 - 000002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2019-03-11 08:40 - 2019-03-11 08:40 - 000002628 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2019-03-11 08:40 - 2019-03-11 08:40 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Средства Microsoft Office 2016
2019-03-11 08:39 - 2019-03-11 08:39 - 000000000 ____D C:\Windows\PCHEALTH
2019-03-11 08:39 - 2019-03-11 08:39 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2019-03-11 08:39 - 2019-03-11 08:39 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2019-03-11 08:39 - 2019-03-11 08:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-03-11 08:39 - 2019-03-11 08:39 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2019-03-11 08:35 - 2019-03-11 08:40 - 000000000 ____D C:\Windows\SHELLNEW
2019-03-11 08:35 - 2019-03-11 08:39 - 000000000 ____D C:\Program Files\Microsoft Office
2019-03-11 08:35 - 2019-03-11 08:35 - 000000000 __RHD C:\MSOCache
2019-03-11 08:35 - 2019-03-11 08:35 - 000000000 ____D C:\Users\Aaron\AppData\Local\Microsoft Help
2019-03-11 08:35 - 2019-03-11 08:35 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2019-03-11 08:35 - 2019-03-11 08:35 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-03-11 08:35 - 2019-03-11 08:35 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2019-03-11 08:32 - 2019-03-11 08:32 - 000002469 _____ C:\Users\Aaron\Desktop\Grammarly.lnk
2019-03-11 08:32 - 2019-03-11 08:32 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grammarly
2019-03-11 08:32 - 2019-03-11 08:32 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\Grammarly
2019-03-11 08:32 - 2019-03-11 08:32 - 000000000 ____D C:\Users\Aaron\AppData\Local\SquirrelTemp
2019-03-11 08:32 - 2019-03-11 08:32 - 000000000 ____D C:\Users\Aaron\AppData\Local\GrammarlyForWindows
2019-03-11 08:32 - 2019-01-19 12:50 - 035947974 _____ C:\Users\Aaron\Documents\Farming Simulator eBooks.zip
2019-03-11 08:31 - 2019-03-29 08:31 - 000000000 ____D C:\Users\Aaron\Documents\Buildbox
2019-03-11 08:31 - 2018-10-06 11:23 - 001655668 _____ C:\Users\Aaron\Documents\amidst-v4-3-beta5.exe
2019-03-11 08:30 - 2017-12-07 11:07 - 008672900 _____ C:\Users\Aaron\Documents\ak90-3.19.rar
2019-03-11 08:29 - 2019-03-29 10:57 - 000000000 ____D C:\Backups
2019-03-10 12:50 - 2019-03-11 08:51 - 000000000 ____D C:\Users\Aaron\AppData\Local\PlaceholderTileLogoFolder
2019-03-10 12:50 - 2019-03-10 12:50 - 000000000 ____D C:\Users\Aaron\AppData\Local\PeerDistRepub
2019-03-10 12:49 - 2019-03-27 11:41 - 000003374 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-68770294-676844702-3198948009-1002
2019-03-10 12:49 - 2019-03-27 11:41 - 000000000 ___RD C:\Users\Aaron\OneDrive
2019-03-10 12:49 - 2019-03-10 12:49 - 000000000 ___HD C:\Users\Aaron\MicrosoftEdgeBackups
2019-03-10 12:48 - 2019-03-11 10:01 - 000000000 ____D C:\Users\Aaron\AppData\Local\MicrosoftEdge
2019-03-10 12:47 - 2019-03-29 17:29 - 000000000 ____D C:\Users\Aaron
2019-03-10 12:47 - 2019-03-28 13:07 - 000000000 ____D C:\Users\Aaron\AppData\Local\Packages
2019-03-10 12:47 - 2019-03-27 11:41 - 000002359 _____ C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-10 12:47 - 2019-03-10 12:47 - 000000020 ___SH C:\Users\Aaron\ntuser.ini
2019-03-10 12:47 - 2019-03-10 12:47 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\Adobe
2019-03-10 12:47 - 2019-03-10 12:47 - 000000000 ____D C:\Users\Aaron\AppData\Local\VirtualStore
2019-03-10 12:47 - 2019-03-10 12:47 - 000000000 ____D C:\Users\Aaron\AppData\Local\Publishers
2019-03-10 12:47 - 2019-03-10 12:47 - 000000000 ____D C:\Users\Aaron\AppData\Local\ConnectedDevicesPlatform
2019-03-10 12:47 - 2019-03-10 09:06 - 000000000 ___RD C:\Users\Aaron\3D Objects
2019-03-10 12:45 - 2019-03-10 12:45 - 000000000 ____D C:\Windows\CSC
2019-03-10 12:38 - 2019-03-10 12:38 - 000002844 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-68770294-676844702-3198948009-500
2019-03-09 21:15 - 2019-03-09 21:15 - 000000000 ____D C:\Users\Public\Documents\uPlay
2019-03-09 21:15 - 2019-03-09 21:15 - 000000000 ____D C:\Users\Aaron\Documents\My Games
2019-03-09 21:13 - 2019-03-18 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2019-03-09 21:13 - 2019-03-18 10:42 - 000000000 ____D C:\Program Files\CPUID
2019-03-09 21:08 - 2019-03-09 21:08 - 000000928 _____ C:\Users\Aaron\Desktop\Far Cry New Dawn.lnk
2019-03-09 21:08 - 2019-03-09 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry New Dawn
2019-03-09 20:59 - 2019-03-24 10:11 - 000000000 ____D C:\Games
2019-03-09 20:18 - 2019-03-09 20:18 - 011724288 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 009941504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 007724992 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 006925824 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 006132736 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 005764608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 005561856 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 005527552 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 005205464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 005130752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 005112792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 005086208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 004991096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 004702704 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 004627456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 004526080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 004298752 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 004019200 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 003952952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 003601920 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 003556352 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 003338328 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 003334144 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 003270144 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 003092480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002992640 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002986352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002929152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002879488 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002843136 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002765312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002654208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002618880 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002594872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002466304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002429752 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2019-03-09 20:18 - 2019-03-09 20:18 - 002392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002346496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002298880 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002185728 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002160160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2019-03-09 20:18 - 2019-03-09 20:18 - 002149368 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002086400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002085376 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001903616 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001819136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001749504 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001720936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001700880 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001688576 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001675712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001674480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001671864 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001671680 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001664904 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001616384 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001533440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001467560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001462272 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001446400 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001415680 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001395248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001391096 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 001387496 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001315840 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001314304 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001294848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001287776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001282640 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001279024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 001271608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001254912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001249792 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001221528 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 001209360 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001192448 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001182720 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2019-03-09 20:18 - 2019-03-09 20:18 - 001168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001166336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2019-03-09 20:18 - 2019-03-09 20:18 - 001162280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001064448 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001057976 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001057792 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 001051960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ClipSp.sys
2019-03-09 20:18 - 2019-03-09 20:18 - 001032704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001026992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001024920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001022464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.MixedRealityCapture.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001010176 _____ (Microsoft Corporation) C:\Windows\system32\refsutil.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 001005568 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000982576 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000970256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000964976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000956416 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000954368 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000953856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000949760 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.Internal.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000947200 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000927232 _____ (Microsoft Corporation) C:\Windows\system32\assignedaccessmanagersvc.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000918304 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000913920 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000901632 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000890368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000889344 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000883200 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000882688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 000875008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000870400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000864056 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 000854784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000854016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000829440 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000828936 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000822448 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000820736 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000801792 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000800256 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000799568 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000773120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000765960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000762272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000752136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2019-03-09 20:18 - 2019-03-09 20:18 - 000742912 _____ (Microsoft Corporation) C:\Windows\system32\SpaceControl.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000735232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000729088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000701440 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000700416 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000684544 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000681984 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000669184 _____ (Microsoft Corporation) C:\Windows\system32\ApplicationFrame.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000667152 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000662528 ____R (Microsoft Corporation) C:\Windows\system32\MixedRealityCapture.Pipeline.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000654848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000651304 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 000629576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000624640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessManager.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000615936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Core.TextInput.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000612368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2019-03-09 20:18 - 2019-03-09 20:18 - 000609792 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000588304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-03-09 20:18 - 2019-03-09 20:18 - 000585728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000582240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000580024 _____ (Microsoft Corporation)

Capsize · Mar 29, 2019

2019-03-28 13:55 - 2018-09-15 18:33 - 000000000 ____D C:\Program Files\windows nt
2019-03-28 13:55 - 2018-09-15 17:09 - 000065536 _____ C:\Windows\system32\config\ELAM
2019-03-28 12:57 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\system32\GroupPolicy
2019-03-24 10:55 - 2018-09-15 18:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-03-18 09:11 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-03-17 16:05 - 2017-12-28 08:24 - 000000000 ____D C:\Buildbox Everything Collection
2019-03-16 08:38 - 2018-11-15 04:06 - 000437824 _____ C:\Windows\system32\FNTCACHE.DAT
2019-03-15 21:29 - 2018-09-15 20:11 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-03-15 21:29 - 2018-09-15 18:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-03-15 21:29 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\TextInput
2019-03-15 21:29 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\system32\oobe
2019-03-15 21:29 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\system32\appraiser
2019-03-15 21:29 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\ShellExperiences
2019-03-15 21:29 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\bcastdvr
2019-03-15 15:23 - 2018-11-15 04:14 - 002865152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2019-03-11 09:47 - 2011-01-17 13:44 - 000000000 ____D C:\Users\Aaron\Documents\How to Talk to Anyone [62 Little Tricks for Big Success in Relationships]
2019-03-11 09:17 - 2017-01-04 09:31 - 000000000 ____D C:\Users\Aaron\Desktop\End Game
2019-03-11 09:14 - 2017-09-07 14:20 - 000000000 ____D C:\Users\Aaron\Desktop\Drawing Inspo
2019-03-11 09:14 - 2017-04-27 11:53 - 000000000 ___RD C:\Users\Aaron\Desktop\Deadpool Sticker App Project
2019-03-11 09:13 - 2017-04-29 13:20 - 000000000 ____D C:\Users\Aaron\Desktop\Chalkboard App Research
2019-03-11 09:10 - 2016-01-17 22:48 - 000000000 ____D C:\Users\Aaron\Desktop\!HypoJumper
2019-03-11 09:09 - 2017-12-27 08:14 - 000000000 ____D C:\Users\Aaron\Desktop\Mobile Game Design
2019-03-11 09:09 - 2016-01-17 22:48 - 000000000 ____D C:\Users\Aaron\Desktop\MED103_Ass3_Tute1_SHEDDICK_Aaron
2019-03-11 09:09 - 2016-01-17 22:48 - 000000000 ____D C:\Users\Aaron\Desktop\MED103_Ass1_Tute1_SHEDDICK_Aaron
2019-03-11 09:09 - 2016-01-17 09:16 - 000000000 ____D C:\Users\Aaron\Desktop\Minecraft Inspo
2019-03-11 09:09 - 2015-09-28 11:00 - 000000000 ____D C:\Users\Aaron\Desktop\House Design
2019-03-11 08:36 - 2018-09-15 18:31 - 000000167 _____ C:\Windows\win.ini
2019-03-11 08:35 - 2018-09-15 18:33 - 000000000 ____D C:\Program Files\Common Files\system
2019-03-10 12:41 - 2018-11-15 04:06 - 000000000 ____D C:\Windows\Panther
2019-03-10 12:37 - 2018-09-15 18:31 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2019-03-10 09:06 - 2018-11-15 04:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-03-10 00:51 - 2018-09-15 20:11 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-03-10 00:51 - 2018-09-15 20:11 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-03-10 00:51 - 2018-09-15 18:33 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2019-03-10 00:51 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-03-10 00:51 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-03-10 00:51 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\system32\migwiz
2019-03-10 00:51 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\ShellComponents
2019-03-10 00:51 - 2018-09-15 17:09 - 000000000 ____D C:\Windows\system32\Dism
2019-03-09 20:19 - 2018-09-15 17:09 - 000000000 ____D C:\Windows\servicing
2019-03-09 18:26 - 2018-09-15 20:10 - 000000000 ____D C:\Windows\OCR
2019-03-09 18:12 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\appcompat
2019-03-09 17:58 - 2018-11-15 04:12 - 000000000 ____D C:\ProgramData\Packages
2019-03-07 07:10 - 2017-05-17 13:06 - 000578992 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2019-03-07 07:10 - 2017-05-17 13:06 - 000489896 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2019-03-07 07:10 - 2017-05-17 13:06 - 000054184 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2019-03-07 07:10 - 2017-05-17 13:06 - 000051120 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 003743864 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 003372160 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 001672320 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 001218688 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000930736 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000767616 _____ (AMD) C:\Windows\system32\atieclxx.exe
2019-03-07 07:09 - 2017-05-17 13:06 - 000760752 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000561072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000500648 _____ C:\Windows\system32\dgtrayicon.exe
2019-03-07 07:09 - 2017-05-17 13:06 - 000488360 _____ C:\Windows\system32\GameManager64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000482216 _____ C:\Windows\system32\amdgfxinfo64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000476288 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000448128 _____ C:\Windows\system32\atieah64.exe
2019-03-07 07:09 - 2017-05-17 13:06 - 000391088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000390600 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000390576 _____ C:\Windows\SysWOW64\GameManager32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000361600 _____ C:\Windows\SysWOW64\atieah32.exe
2019-03-07 07:09 - 2017-05-17 13:06 - 000349104 _____ C:\Windows\system32\clinfo.exe
2019-03-07 07:09 - 2017-05-17 13:06 - 000248448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000219776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000191920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000177480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000170928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000166856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000160176 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000156320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000145832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000143784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000133032 _____ (AMD) C:\Windows\system32\atimuixx.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000131712 _____ C:\Windows\system32\atidxx64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000127920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000114328 _____ C:\Windows\SysWOW64\atidxx32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000113072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000077952 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2019-03-07 03:11 - 2017-05-17 13:05 - 000137176 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2019-03-07 03:11 - 2017-05-17 13:05 - 000116024 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2019-03-07 03:09 - 2017-05-17 13:05 - 000559672 _____ C:\Windows\system32\amdmiracast.dll
2019-03-07 03:09 - 2017-05-17 13:05 - 000199848 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2019-03-07 03:09 - 2017-05-17 13:05 - 000176736 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2019-03-07 03:09 - 2017-05-17 13:05 - 000143208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2019-03-07 03:09 - 2017-05-17 13:05 - 000137200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2019-03-07 03:09 - 2017-05-17 13:05 - 000127976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2019-03-07 03:09 - 2017-05-17 13:05 - 000115816 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2019-03-07 02:54 - 2017-04-25 20:06 - 000906872 _____ C:\Windows\SysWOW64\atiapfxx.blb
2019-03-07 02:54 - 2017-04-25 20:06 - 000906872 _____ C:\Windows\system32\atiapfxx.blb
2019-03-07 02:54 - 2017-04-25 19:56 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2019-03-07 02:54 - 2017-04-25 19:51 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2019-03-03 11:45 - 2018-09-15 18:36 - 000835480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-03-03 11:45 - 2018-09-15 18:36 - 000179608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2019-03-28 12:54 - 2019-03-28 12:58 - 000722944 _____ () C:\Users\Aaron\AppData\Local\sha.db

Some files in TEMP:
====================
2019-03-28 12:57 - 2019-03-28 12:57 - 002680832 _____ () C:\Users\Aaron\AppData\Local\Temp\regedit.exe
2019-03-28 12:58 - 2014-07-25 13:39 - 000293320 _____ (深圳市迅雷网络技术有限公司) C:\Users\Aaron\AppData\Local\Temp\xldl.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Capsize · Mar 29, 2019

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Aaron (29-03-2019 18:03:21)
Running from C:\Users\Aaron\Downloads
Windows 10 Pro Version 1809 17763.379 (X64) (2019-03-10 01:43:35)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Aaron (S-1-5-21-68770294-676844702-3198948009-1002 - Administrator - Enabled) => C:\Users\Aaron
Administrator (S-1-5-21-68770294-676844702-3198948009-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-68770294-676844702-3198948009-503 - Limited - Disabled)
Guest (S-1-5-21-68770294-676844702-3198948009-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-68770294-676844702-3198948009-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Firewall (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.2.3 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASRRGBLED v1.0.34 (HKLM-x32\...\ASRock RGB LED_is1) (Version: 1.0.34 - ASRock Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 23.0.8.134 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 23.0.19.85 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 23.0.19.85 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
CPUID HWMonitor 1.40 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.40 - CPUID, Inc.)
Doom 2016 MULTi10 - ElAmigos version 6.66 (HKLM-x32\...\{6C967A93-A95F-4F65-A33A-EC8BC8750C2D}_is1) (Version: 6.66 - Bethesda Softworks)
Everything 1.4.1.932 (x86) (HKLM-x32\...\Everything) (Version: 1.4.1.932 - David Carpenter)
Far Cry New Dawn (HKLM-x32\...\Far Cry New Dawn_is1) (Version: - )
GlassWire 2.1 (remove only) (HKLM-x32\...\GlassWire 2.1) (Version: 2.1.152 - SecureMix LLC)
Google Chrome (HKU\S-1-5-21-68770294-676844702-3198948009-1002\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Grammarly (HKU\S-1-5-21-68770294-676844702-3198948009-1002\...\GrammarlyForWindows) (Version: 1.4.23 - Grammarly)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
iTunes (HKLM\...\{6075F4D5-FEE4-4858-9F9F-0AECA2A5F673}) (Version: 12.9.3.3 - Apple Inc.)
Kingston SSD Manager version 1.1.1.8 (HKLM-x32\...\{9A5DD901-0B98-4F2B-9421-B5975014184F}_is1) (Version: 1.1.1.8 - Kingston Digital, Inc)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-68770294-676844702-3198948009-1002\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox 66.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 66.0.2 (x64 en-US)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
qBittorrent 4.1.5 (HKLM-x32\...\qBittorrent) (Version: 4.1.5 - The qBittorrent project)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.3.0.1910 - Samsung Electronics)
Spotify (HKU\S-1-5-21-68770294-676844702-3198948009-1002\...\Spotify) (Version: 1.1.2.285.ga97985ef - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Засоби перевірки правопису Microsoft Office 2016 – українська (HKLM\...\{90160000-001F-0422-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (HKLM\...\{90160000-001F-0419-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-68770294-676844702-3198948009-1002_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-02-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06A66837-E2BC-449B-84F2-DEAEEAA0C957} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe (Bitdefender SRL -> Bitdefender)
Task: {193CFD3F-AE37-43BF-AE20-950F7C6DCB02} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {4126818C-51F9-46D8-AC51-E9E8C818B645} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {4BAA4891-C885-4BF5-96DD-D9269F8A49F4} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
Task: {50EC2E3E-61F0-4193-A782-0445CD908A61} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {731F973D-4A30-4FCA-B8D1-A58780718A3E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A2BB79EA-2B6E-4EE8-9E4A-1E419CEF90D6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {B2EA4A78-FA39-4F61-B98E-BA09D1116EC6} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {C7A88110-67D9-4C59-ACB1-D7749CFB46A2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C9A8415E-ADBF-4548-BDE3-605B9346E760} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe (Bitdefender SRL -> Bitdefender)
Task: {D5F978F6-4364-4A7D-B6BD-FDF8378E952A} - \{3D49CF6C-0214-4E94-A3ED-D169A9759DC8} -> No File <==== ATTENTION
Task: {F0E8FE37-9411-4E6E-B3F5-A5D374E612C3} - \Opera scheduled Autoupdate 711520318 -> No File <==== ATTENTION
Task: {F2AD10BF-5674-442F-A76D-282D5261A813} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive для бизнеса.lnk -> C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\grv_icons.exe () <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype для бизнеса 2016.lnk -> C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\lyncicon.exe () <==== Cyrillic

ShortcutWithArgument: C:\Users\Aaron\Desktop\Google Chrome.lnk -> C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Aaron\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic

==================== Loaded Modules (Whitelisted) ==============

2019-03-28 13:00 - 2019-03-28 13:00 - 001193472 ____H () [File not signed] C:\ProgramData\D3AA93D3\707A1874.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000355328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 076171264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 003699712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 005590528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000461312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-12-21 12:51 - 2018-12-21 12:51 - 006303232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-12-21 12:51 - 2018-12-21 12:51 - 003556352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 002821632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-12-21 12:51 - 2018-12-21 12:51 - 001077248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000189952 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-02-21 10:29 - 2019-02-21 10:29 - 005786112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-12-21 12:51 - 2018-12-21 12:51 - 000323584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 001413632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-12-21 12:52 - 2018-12-21 12:52 - 002551808 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000345600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000331264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000502784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000327680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000089600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000137728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 18:31 - 2019-03-29 17:42 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-68770294-676844702-3198948009-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Aaron\Pictures\Firewatch1.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{46BFBA79-8B97-4B3B-8A16-366DA0A8C39B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{86EBB02F-DC19-434D-99A7-513D44FEA389}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E146546C-7647-4303-9E53-EBC7B901D749}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FBBFFE2F-5BB4-4EF5-B83B-CBB386BEE40B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0536B55E-D295-4F59-AEA7-A3BD02EFA18D}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{404DB66F-2809-426A-9F24-1F9237996AA7}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B43A32B7-AFD0-43AE-B54B-85DE8C39948C}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3783231B-F8EC-44CF-BAE8-354660A558B9}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4482064E-9EC3-4572-99E7-C36DAFB5832F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9FF3314D-E368-4106-AF35-A6A41C744150}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2C22D224-7CBB-4114-B067-1295B9062513}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{81AB7DD0-D4B2-4F31-A4B2-5F3A6402D224}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{74DB8C41-5069-4798-88EA-DECE2AE0D499}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BBE0F4CC-0CF0-42DD-80A0-C6CCD42810B6}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{338A2B31-78B4-4E4F-9CB7-95303C878B01}C:\users\aaron\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\aaron\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{6422FEB1-450D-4C3E-8513-5293E098D3E8}C:\users\aaron\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\aaron\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{197B298B-6466-4E68-ABF7-17011467222C}] => (Allow) C:\Users\Aaron\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{DBEED114-DAA4-477B-A1DF-081759CE281E}] => (Allow) C:\Users\Aaron\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{EEEE2DC2-E7A9-4871-9177-1338B39CFB1A}] => (Allow) C:\Users\Aaron\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{9E379208-8C90-4358-895B-10EF56E646EF}] => (Allow) C:\Users\Aaron\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{7AD88646-1411-42CA-8C21-9EA4F678DCE9}] => (Allow) C:\Users\Aaron\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{627FF6A6-AEB7-4D37-B26F-06255AC70B22}] => (Allow) C:\Users\Aaron\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{D8C853E6-D980-4F8B-83EA-3A207B65DC0D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5C1B5BD9-5F5A-4035-9E3B-81457973CA08}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{974C6777-ADA3-4957-ACF8-5921EBA7A7BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DawnOfMan\DawnOfMan.exe () [File not signed]
FirewallRules: [{94E92589-2B8C-42BD-A123-960B833B2F17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DawnOfMan\DawnOfMan.exe () [File not signed]
FirewallRules: [{1EF58BDF-0291-454F-B5BC-EA52AFDA9B9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{14C5DDF7-6284-4D2C-AEE5-EB11E69FFF49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{1ED10DAF-0DA1-4BB6-A7E3-AAA226C47F2B}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{C481D77A-0FC5-4623-A76A-0CF5A34153FF}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{150430DD-75F5-4D5E-AB4D-86185CC0050E}] => (Allow) C:\Users\Aaron\AppData\Local\Temp\download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{8EDB4DF1-FADA-4362-8B66-9412244C1343}] => (Allow) C:\Users\Aaron\AppData\Local\Temp\download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{8503442D-4324-4F27-B4BC-3289FB34BE47}] => (Allow) C:\Windows\SysWOW64\TCPSVCS.EXE (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C3C2DEFA-0705-45EE-A3B1-48E3B0C6FDC6}] => (Allow) C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{0347E0B6-C688-4683-836B-7634E8FBC5C0}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
FirewallRules: [{BE7D47D9-5D40-4D2B-8E05-67C5FB7C6555}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC)

==================== Restore Points =========================

18-03-2019 10:27:31 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123
24-03-2019 10:22:05 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
29-03-2019 03:50:17 Windows Update
29-03-2019 12:01:46 Friday 29/3/19

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/29/2019 06:02:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64(1).exe version 16.1.2019.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 264c

Start Time: 01d4e5fc7952b814

Termination Time: 4294967295

Application Path: C:\Users\Aaron\Downloads\FRST64(1).exe

Report Id: e04df607-08a9-42d7-8c98-568593fe76b7

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (03/29/2019 05:42:15 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

Error: (03/29/2019 05:30:17 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

Error: (03/29/2019 03:03:19 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

Error: (03/29/2019 11:58:58 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

Error: (03/29/2019 03:50:19 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary SASKUTIL.

System Error:
The system cannot find the file specified.
.

Error: (03/28/2019 03:38:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: setup.tmp, version: 51.1052.0.0, time stamp: 0x506a75b5
Faulting module name: botva2.dll_unloaded, version: 0.9.7.151, time stamp: 0x2a425e19
Exception code: 0xc000041d
Fault offset: 0x00005514
Faulting process id: 0x19b0
Faulting application start time: 0x01d4e51fcd09c26c
Faulting application path: C:\Users\Aaron\AppData\Local\Temp\is-HD6E0.tmp\setup.tmp
Faulting module path: botva2.dll
Report Id: 8043b484-a6bf-4a2e-8756-0104a295629f
Faulting package full name:
Faulting package-relative application ID:

Error: (03/28/2019 03:38:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: setup.tmp, version: 51.1052.0.0, time stamp: 0x506a75b5
Faulting module name: botva2.dll_unloaded, version: 0.9.7.151, time stamp: 0x2a425e19
Exception code: 0xc0000005
Fault offset: 0x00005514
Faulting process id: 0x19b0
Faulting application start time: 0x01d4e51fcd09c26c
Faulting application path: C:\Users\Aaron\AppData\Local\Temp\is-HD6E0.tmp\setup.tmp
Faulting module path: botva2.dll
Report Id: 3acaec22-ab61-4de5-81a0-39692cb65565
Faulting package full name:
Faulting package-relative application ID:

System errors:
=============
Error: (03/29/2019 06:02:01 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KIM1OD5)
Description: The server {9E175B6D-F52A-11D8-B9A5-505054503030} did not register with DCOM within the required timeout.

Error: (03/29/2019 06:00:01 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {9E175B68-F52A-11D8-B9A5-505054503030} did not register with DCOM within the required timeout.

Error: (03/29/2019 05:58:01 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KIM1OD5)
Description: The server {B52D54BB-4818-4EB9-AA80-F9EACD371DF8} did not register with DCOM within the required timeout.

Error: (03/29/2019 05:56:01 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KIM1OD5)
Description: The server {9E175B6D-F52A-11D8-B9A5-505054503030} did not register with DCOM within the required timeout.

Error: (03/29/2019 05:55:17 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KIM1OD5)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-KIM1OD5\Aaron SID (S-1-5-21-68770294-676844702-3198948009-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/29/2019 05:55:17 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KIM1OD5)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-KIM1OD5\Aaron SID (S-1-5-21-68770294-676844702-3198948009-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/29/2019 05:54:33 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KIM1OD5)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-KIM1OD5\Aaron SID (S-1-5-21-68770294-676844702-3198948009-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/29/2019 05:54:33 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KIM1OD5)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-KIM1OD5\Aaron SID (S-1-5-21-68770294-676844702-3198948009-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

CodeIntegrity:
===================================

Date: 2019-03-29 18:02:22.864
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-29 18:02:22.862
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-29 18:02:21.065
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-29 18:02:21.063
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-29 18:02:18.852
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-29 18:02:18.851
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-29 17:57:30.211
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-29 17:57:30.209
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-9700K CPU @ 3.60GHz
Percentage of memory in use: 32%
Total physical RAM: 16303.84 MB
Available physical RAM: 10967.51 MB
Total Virtual: 23983.84 MB
Available Virtual: 16168.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:837.81 GB) (Free:414.94 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Local Disk) (Fixed) (Total:222.73 GB) (Free:177.77 GB) NTFS
Drive f: (Local Disk) (Fixed) (Total:111.66 GB) (Free:111.46 GB) NTFS
Drive g: (Local Disk) (Fixed) (Total:349.67 GB) (Free:110.43 GB) NTFS
Drive h: () (Fixed) (Total:459.31 GB) (Free:263.18 GB) NTFS

\\?\Volume{7457dbb5-bc11-42c3-9f57-5a7c694c7c10}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{97bfd2d8-0000-0000-0000-20af37000000}\ () (Fixed) (Total:0.83 GB) (Free:0.45 GB) NTFS
\\?\Volume{39103875-f9a9-461e-9c27-2e4a67c759b6}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: C26DC26D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=809 GB) - (Type=05)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 97BFD2D8)
Partition 1: (Active) - (Size=222.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=852 MB) - (Type=27)

========================================================
Disk: 2 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: 213C6902)

Partition: GPT.

==================== End of Addition.txt ============================

Broni · Mar 29, 2019

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

Close all the running programs
Double click on downloaded setup.exe file to install the program.
Click on Start Scan button.
Click on another Start Scan button.
Wait until the Status box shows Scan Finished
Click on Remove Selected.
Wait until the Status box shows Deleting Finished.
Click on Report and copy/paste the content of the Notepad into your next reply.
RKreport.txt could also be found on your desktop.
If more than one log is produced post all logs.

Please download Malwarebytes to your desktop.

Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
Then click Finish.
Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
Restart your computer when prompted to do so.
The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.

Please download AdwCleaner by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8/10 users right-click and select Run As Administrator
The tool will start to update the database if one is required.
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Logfile button.
A window will open which lists the logs of your scans.
Click on the Scan tab.
Double-click the most recent scan which will be at the top of the list....the log will appear.
Review the results...see note below
After reviewing the log, click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
A copy of all logfiles are saved to C:\AdwCleaner.

-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.

Capsize · Mar 29, 2019

For RK.

RogueKiller Anti-Malware V13.1.9.0 (x64) [Mar 27 2019] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.17763) 64 bits
Started in : Normal mode
User : Aaron [Administrator]
Started from : C:\Program Files\RogueKiller\RogueKiller64.exe
Signatures : 20190326_132530, Driver : Loaded
Mode : Standard Scan, Delete -- Date : 2019/03/30 10:40:07 (Duration : 00:02:47)
Switches : -refid 3

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Suspicious.Path (Potentially Malicious)] rundll32.exe -- %programdata%\D3AA93D3\7658A24D.dll ->
[Suspicious.Path (Potentially Malicious)] 707A1874.dll -- %programdata%\D3AA93D3\707A1874.dll -> Unloaded
[Adw.Presenoker (Malicious)] HKEY_LOCAL_MACHINE\Software\Jetmedia -- -> Deleted
[Adw.Optimizer|PUP.Gen1 (Malicious)] HKEY_USERS\S-1-5-21-68770294-676844702-3198948009-1002\Software\OneSystemCare -- -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\D3AA93D3 -- [%programdata%\D3AA93D3\707A1874.dll] -> Deleted
[PUM.Proxy (Potentially Malicious)] HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer -- -> Deleted
[PUM.Proxy (Potentially Malicious)] HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer -- -> Deleted
[PUM.Proxy (Potentially Malicious)] HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer -- -> Deleted
[PUM.Proxy (Potentially Malicious)] HKEY_USERS\S-1-5-21-68770294-676844702-3198948009-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer -- -> Deleted
[PUM.Proxy (Potentially Malicious)] HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer -- -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8EDB4DF1-FADA-4362-8B66-9412244C1343} -- [%localappdata%\Temp\download\MiniThunderPlatform.exe] -> Deleted
[Suspicious.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{150430DD-75F5-4D5E-AB4D-86185CC0050E} -- [%localappdata%\Temp\download\MiniThunderPlatform.exe] -> Deleted
[PUM.Policies (Potentially Malicious)] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- -> Replaced (2)
[Adw.Presenoker (Malicious)] Jetmedia -- %_Aaron_appdata%\Jetmedia -> Deleted
[Spy.Socelars (Malicious)] App -- %localappdata%\App -> Deleted
[Adw.Presenoker (Malicious)] Jetmedia -- %programdata%\Jetmedia -> Deleted
[Adw.Xunlei (Malicious)] Thunder Network -- %programdata%\Thunder Network -> Deleted
[Adw.Presenoker (Malicious)] Jetmedia -- %programfiles(x86)%\Jetmedia -> Deleted

Capsize · Mar 29, 2019

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 3/30/19
Scan Time: 10:44 AM
Log File: 9c5579f8-527c-11e9-b56c-fc77742a723f.json

-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.563
Update Package Version: 1.0.9920
License: Trial

-System Information-
OS: Windows 10 (Build 17763.379)
CPU: x64
File System: NTFS
User: DESKTOP-KIM1OD5\Aaron

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 285026
Threats Detected: 6
Threats Quarantined: 6
Time Elapsed: 0 min, 48 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 6
Adware.Zdengo, C:\USERS\AARON\APPDATA\LOCAL\TEMP\NSK3359.TMP\HVWGHKZNTLR.DLL, Quarantined, [502], [660729],1.0.9920
Adware.Zdengo, C:\USERS\AARON\APPDATA\LOCAL\TEMP\NSO4B4B.TMP\XJZHMMOMNGO.DLL, Quarantined, [502], [660700],1.0.9920
Adware.Zdengo, C:\WINDOWS\TEMP\NSH7960.TMP\HVWGHKZNTLR.DLL, Quarantined, [502], [660729],1.0.9920
Adware.Zdengo, C:\USERS\AARON\APPDATA\LOCAL\TEMP\NSM6E05.TMP\HVWGHKZNTLR.DLL, Quarantined, [502], [660729],1.0.9920
Adware.Zdengo, C:\WINDOWS\TEMP\NSJ5A00.TMP\XJZHMMOMNGO.DLL, Quarantined, [502], [660700],1.0.9920
Adware.Zdengo, C:\WINDOWS\TEMP\NSA401B.TMP\HVWGHKZNTLR.DLL, Quarantined, [502], [660729],1.0.9920

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

-----------------------------------------------------------------
Not sure if its relevant, but as soon as I installed, it immediately blocked a outgoing connections, and still is after the scan. Report as:
Malwarebytes

-Log Details-
Protection Event Date: 3/30/19
Protection Event Time: 10:44 AM
Log File: 93fda9ec-527c-11e9-a6e9-fc77742a723f.json

-Software Information-
Version: 3.7.1.2839
Components Version: 1.0.563
Update Package Version: 1.0.9910
License: Trial

-System Information-
OS: Windows 10 (Build 17763.379)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Category: Trojan
Domain:
IP Address: 178.209.51.211
Port: [53318]
Type: Outbound
File: C:\Windows\System32\svchost.exe

(end)

Capsize · Mar 29, 2019

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-03-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-30-2019
# Duration: 00:00:04
# OS: Windows 10 Pro
# Scanned: 31953
# Detected: 7

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Adware.Heuristic C:\ProgramData\D3AA93D3
PUP.Optional.AdvancedSystemCare C:\Program Files (x86)\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.DriverAgent HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\driversupport.com
PUP.Optional.DriverAgent HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\download.driversupport.com
PUP.Optional.DriverAgent HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\driversupport.com
PUP.Optional.DriverAgent HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\download.driversupport.com
PUP.Optional.DriverAgent HKCU\Software\Microsoft\Internet Explorer\DOMStorage\driversupport.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-03-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-30-2019
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 6
# Failed: 1

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Not Deleted C:\ProgramData\D3AA93D3
Deleted C:\Program Files (x86)\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\driversupport.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\download.driversupport.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\driversupport.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\download.driversupport.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\driversupport.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2373 octets] - [30/03/2019 10:51:43]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Broni · Mar 29, 2019

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

Double click to run it.
Make sure you checkmark Addition.txt box.
Press Scan button.
Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

Capsize · Mar 30, 2019

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by Aaron (administrator) on DESKTOP-KIM1OD5 (31-03-2019 08:02:38)
Running from C:\Users\Aaron\Downloads
Loaded Profiles: Aaron (Available Profiles: Aaron)
Platform: Windows 10 Pro Version 1809 17763.379 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0339689.inf_amd64_266a640423a0bba5\B339442\atiesrxx.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(voidtools -> ) C:\Program Files (x86)\Everything\Everything.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0339689.inf_amd64_266a640423a0bba5\B339442\atieclxx.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19031.57.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Aaron\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Spotify AB -> Spotify Ltd) C:\Users\Aaron\AppData\Roaming\Spotify\Spotify.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Spotify AB -> Spotify Ltd) C:\Users\Aaron\AppData\Roaming\Spotify\Spotify.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe
(Spotify AB -> Spotify Ltd) C:\Users\Aaron\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Aaron\AppData\Roaming\Spotify\Spotify.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(voidtools -> ) C:\Program Files (x86)\Everything\Everything.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxcr.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(EasyAntiCheat Oy -> EasyAntiCheat Ltd) C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
() [File not signed] C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
(Unity Technologies SF -> ) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\UnityCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Everything] => C:\Program Files (x86)\Everything\Everything.exe [1710880 2019-01-26] (voidtools -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-68770294-676844702-3198948009-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3146016 2019-03-06] (Valve -> Valve Corporation)
HKU\S-1-5-21-68770294-676844702-3198948009-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-01-15] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-68770294-676844702-3198948009-1002\...\Run: [Spotify] => C:\Users\Aaron\AppData\Roaming\Spotify\Spotify.exe [25726696 2019-03-30] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-68770294-676844702-3198948009-1002\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [5650384 2019-02-16] (GlassWire -> SecureMix LLC)
GroupPolicy: Restriction - Windows Defender <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{51fb275c-d7e5-46c4-a1a8-9c4fa686acdb}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ba94f788-b762-4b5c-86fd-c3fb77261113}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ed415593-b4cf-44fb-9357-a3b992ab6110}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2019-02-01] (Bitdefender SRL -> Bitdefender)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2019-02-01] (Bitdefender SRL -> Bitdefender)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2019-02-01] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2019-02-01] (Bitdefender SRL -> Bitdefender)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: lqdhsgjr.default
FF ProfilePath: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\lqdhsgjr.default [2019-03-31]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2018-12-19]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2019-03-06] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default [2019-03-28]
CHR Extension: (Slides) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-28]
CHR Extension: (Docs) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-28]
CHR Extension: (Google Drive) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-28]
CHR Extension: (YouTube) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-28]
CHR Extension: (Sheets) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-28]
CHR Extension: (Bitdefender Wallet) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2019-03-28]
CHR Extension: (Google Docs Offline) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-28]
CHR Extension: (Gmail) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Aaron\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-28]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\c0339689.inf_amd64_266a640423a0bba5\B339442\atiesrxx.exe [517248 2019-03-07] (Advanced Micro Devices, Inc. -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [779152 2019-02-01] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [779152 2019-02-01] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195320 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [95520 2019-02-01] (Bitdefender SRL -> Bitdefender)
R3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-03-24] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Everything; C:\Program Files (x86)\Everything\Everything.exe [1710880 2019-01-26] (voidtools -> )
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [4461520 2019-02-16] (GlassWire -> SecureMix LLC)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [529696 2019-02-02] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1293936 2018-11-16] (Bitdefender SRL -> Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381128 2019-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 symsrv; C:\Program Files\windows nt\symsrv.exe [145168 2019-03-28] (Microsoft Corporation -> Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [114192 2019-02-01] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe [816616 2019-02-01] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830128 2019-03-15] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0339689.inf_amd64_266a640423a0bba5\B339442\atikmdag.sys [52889520 2019-03-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0339689.inf_amd64_266a640423a0bba5\B339442\atikmpag.sys [598952 2019-03-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AsrDrv102; C:\Windows\SysWOW64\Drivers\AsrDrv102.sys [22248 2019-03-25] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
S3 AsrDrv103; C:\Windows\SysWOW64\Drivers\AsrDrv103.sys [34568 2019-03-25] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
R1 atc; C:\Windows\System32\DRIVERS\atc.sys [1423680 2019-01-21] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [107400 2018-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R2 BdDci; C:\Windows\System32\DRIVERS\bddci.sys [367096 2019-01-29] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23032 2018-04-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R0 bdprivmon; C:\Windows\System32\DRIVERS\bdprivmon.sys [45728 2018-09-17] (Bitdefender SRL -> © Bitdefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [96448 2018-04-27] (Bitdefender SRL -> BitDefender)
R3 e1dexpress; C:\Windows\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_691712a04a41c1cd\e1d68x64.sys [568960 2018-10-09] (Intel(R) INTELND1820 -> Intel Corporation)
R3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [965248 2019-03-31] (EasyAntiCheat Oy -> EasyAntiCheat Oy)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R0 Gemma; C:\Windows\System32\DRIVERS\gemma.sys [374632 2018-11-19] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (GlassWire -> SecureMix LLC)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [201000 2018-11-20] (Bitdefender SRL -> BitDefender LLC)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [191264 2019-02-02] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 Ignis; C:\Windows\system32\DRIVERS\ignis.sys [196352 2018-10-26] (Bitdefender SRL -> Bitdefender)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-03-30] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-03-31] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73912 2019-03-31] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-03-30] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [114040 2019-03-31] (Malwarebytes Corporation -> Malwarebytes)
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7708160 2018-09-15] (Microsoft Windows -> Intel Corporation)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [28272 2019-03-30] (Adlice -> )
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [610640 2019-01-14] (Bitdefender SRL -> Bitdefender)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)

Capsize · Mar 30, 2019

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-31 08:00 - 2019-03-31 08:00 - 000127136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-03-31 08:00 - 2019-03-31 08:00 - 000114040 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-03-31 08:00 - 2019-03-31 08:00 - 000073912 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-03-31 07:39 - 2019-03-31 07:39 - 000019696 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_144675003676139.dll
2019-03-30 13:07 - 2019-03-30 13:07 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\CPY_SAVES
2019-03-30 13:07 - 2019-03-30 13:07 - 000000000 ____D C:\Users\Aaron\AppData\Local\NVIDIA Corporation
2019-03-30 13:07 - 2019-03-30 13:07 - 000000000 ____D C:\Users\Aaron\AppData\Local\CrashDumps
2019-03-30 11:11 - 2019-03-30 11:11 - 000001437 _____ C:\Users\Public\Desktop\Metro - Exodus.lnk
2019-03-30 10:56 - 2019-03-30 10:56 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-03-30 10:51 - 2019-03-30 10:54 - 000000000 ____D C:\AdwCleaner
2019-03-30 10:51 - 2019-03-30 10:51 - 007316688 _____ (Malwarebytes) C:\Users\Aaron\Downloads\AdwCleaner.exe
2019-03-30 10:43 - 2019-03-30 10:43 - 000005872 _____ C:\Users\Aaron\Desktop\RKreport.txt
2019-03-30 10:43 - 2019-03-30 10:43 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-03-30 10:43 - 2019-03-30 10:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-03-30 10:43 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-03-30 10:42 - 2019-03-30 10:42 - 062540088 _____ (Malwarebytes ) C:\Users\Aaron\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.563-1.0.9910.exe
2019-03-30 10:42 - 2019-03-30 10:42 - 000000000 ____D C:\Program Files\Malwarebytes
2019-03-30 10:42 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-03-30 10:34 - 2019-03-30 10:34 - 000028272 _____ C:\Windows\system32\Drivers\truesight.sys
2019-03-30 10:34 - 2019-03-30 10:34 - 000003152 _____ C:\Windows\System32\Tasks\RogueKiller Anti-Malware
2019-03-30 10:33 - 2019-03-30 19:08 - 000000000 ____D C:\ProgramData\RogueKiller
2019-03-30 10:33 - 2019-03-30 10:33 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2019-03-30 10:33 - 2019-03-30 10:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2019-03-30 10:33 - 2019-03-30 10:33 - 000000000 ____D C:\Program Files\RogueKiller
2019-03-30 10:27 - 2019-03-30 10:27 - 029873672 _____ (Adlice Software ) C:\Users\Aaron\Downloads\RogueKiller_setup_ref3.exe
2019-03-29 18:03 - 2019-03-29 18:03 - 000038576 _____ C:\Users\Aaron\Downloads\Addition.txt
2019-03-29 18:02 - 2019-03-31 08:03 - 000022474 _____ C:\Users\Aaron\Downloads\FRST.txt
2019-03-29 17:57 - 2019-03-31 08:02 - 000000000 ____D C:\FRST
2019-03-29 17:55 - 2019-03-29 17:55 - 002427904 _____ (Farbar) C:\Users\Aaron\Downloads\FRST64(1).exe
2019-03-29 12:52 - 2019-03-29 12:52 - 000000000 ____D C:\Users\Aaron\AppData\Local\bdch
2019-03-29 12:52 - 2019-03-29 12:52 - 000000000 ____D C:\ProgramData\bdch
2019-03-28 17:17 - 2019-03-28 17:17 - 000000000 ____D C:\Users\Aaron\AppData\Local\GlassWire
2019-03-28 16:37 - 2019-03-28 16:37 - 000001966 _____ C:\Users\Public\Desktop\GlassWire.lnk
2019-03-28 16:37 - 2019-03-28 16:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GlassWire
2019-03-28 16:37 - 2019-03-28 16:37 - 000000000 ____D C:\ProgramData\GlassWire
2019-03-28 16:37 - 2019-03-28 16:37 - 000000000 ____D C:\Program Files (x86)\GlassWire
2019-03-28 16:37 - 2015-05-29 15:30 - 000008392 _____ C:\Windows\system32\Drivers\gwdrv.cat
2019-03-28 16:37 - 2015-05-29 15:15 - 000033152 _____ (SecureMix LLC) C:\Windows\system32\Drivers\gwdrv.sys
2019-03-28 16:32 - 2019-03-28 16:32 - 002434048 _____ (Farbar) C:\Users\Aaron\Downloads\FRST64.exe
2019-03-28 16:29 - 2019-03-30 10:43 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-03-28 16:29 - 2019-03-30 10:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-03-28 16:29 - 2019-03-28 16:33 - 000000000 ____D C:\Users\Aaron\Desktop\mbar
2019-03-28 16:29 - 2019-03-28 16:33 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2019-03-28 16:29 - 2019-03-28 16:29 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\631743DB.sys
2019-03-28 16:28 - 2019-03-28 16:29 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Aaron\Downloads\mbar-1.10.3.1001.exe
2019-03-28 16:01 - 2019-03-28 16:01 - 000042904 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP152.SYS
2019-03-28 16:00 - 2019-03-28 16:00 - 001828569 _____ C:\Users\Aaron\Downloads\ProcessExplorer.zip
2019-03-28 15:25 - 2019-03-28 15:25 - 039532768 _____ (SUPERAntiSpyware) C:\Users\Aaron\Downloads\SUPERAntiSpyware.exe
2019-03-28 15:25 - 2019-03-28 15:25 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2019-03-28 15:23 - 2019-03-28 15:23 - 000079934 _____ C:\ProgramData\dm.update.1553746980.bdinstall.bin
2019-03-28 14:59 - 2019-03-28 14:59 - 000302080 _____ C:\Users\Aaron\Downloads\connectivity_issues.exe
2019-03-28 14:41 - 2019-03-28 14:41 - 000798324 _____ C:\ProgramData\cl.1553744239.bdinstall.v2.bin
2019-03-28 14:41 - 2019-03-28 14:41 - 000101904 _____ C:\ProgramData\cl.kit.1553744239.bdinstall.v2.bin
2019-03-28 14:41 - 2019-03-28 14:41 - 000003420 _____ C:\Windows\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2019-03-28 14:38 - 2019-03-28 15:06 - 000000000 ____D C:\Program Files\Bitdefender
2019-03-28 14:38 - 2019-03-28 14:47 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\Bitdefender
2019-03-28 14:38 - 2019-03-28 14:38 - 000002421 _____ C:\Users\Public\Desktop\Bitdefender VPN.lnk
2019-03-28 14:38 - 2019-03-28 14:38 - 000002334 _____ C:\Users\Public\Desktop\Bitdefender.lnk
2019-03-28 14:38 - 2019-03-28 14:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2019-03-28 14:38 - 2019-01-29 09:39 - 000367096 _____ (Bitdefender) C:\Windows\system32\Drivers\bddci.sys
2019-03-28 14:38 - 2019-01-21 01:58 - 001423680 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\atc.sys
2019-03-28 14:38 - 2019-01-14 16:25 - 000610640 _____ (Bitdefender) C:\Windows\system32\Drivers\trufos.sys
2019-03-28 14:38 - 2018-11-20 10:42 - 000201000 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2019-03-28 14:38 - 2018-11-19 13:10 - 000374632 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\gemma.sys
2019-03-28 14:38 - 2018-10-26 11:57 - 000196352 _____ (Bitdefender) C:\Windows\system32\Drivers\ignis.sys
2019-03-28 14:38 - 2018-09-17 06:36 - 000045728 _____ (© Bitdefender SRL) C:\Windows\system32\Drivers\bdprivmon.sys
2019-03-28 14:38 - 2018-04-27 09:45 - 000096448 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2019-03-28 14:38 - 2018-04-19 09:37 - 000023032 _____ (Bitdefender) C:\Windows\system32\Drivers\bdelam.sys
2019-03-28 14:37 - 2019-03-28 14:38 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2019-03-28 13:52 - 2019-03-28 13:52 - 000000000 ____D C:\Users\Aaron\AppData\Local\mbam
2019-03-28 13:51 - 2019-03-28 13:51 - 062430768 _____ (Malwarebytes ) C:\Users\Aaron\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.563-1.0.9877.exe
2019-03-28 13:51 - 2019-03-28 13:51 - 000000000 ____D C:\Users\Aaron\AppData\Local\mbamtray
2019-03-28 13:49 - 2019-03-28 13:49 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\QuickScan
2019-03-28 13:15 - 2019-03-28 13:15 - 000000258 __RSH C:\Users\Aaron\ntuser.pol
2019-03-28 13:09 - 2019-03-30 10:54 - 000000000 ____D C:\Program Files (x86)\IObit
2019-03-28 13:09 - 2019-03-28 13:09 - 000000000 ____D C:\ProgramData\IObit
2019-03-28 13:00 - 2019-03-28 13:09 - 000002546 _____ C:\Users\Aaron\Desktop\Google Chrome.lnk
2019-03-28 13:00 - 2019-03-28 13:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-03-28 13:00 - 2019-03-28 13:00 - 000002478 _____ C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-28 13:00 - 2019-03-28 13:00 - 000000000 ____D C:\Users\Aaron\AppData\Local\Google
2019-03-28 12:58 - 2019-03-28 12:58 - 000000000 ____D C:\Users\Public\Thunder Network
2019-03-28 12:58 - 2019-03-28 12:58 - 000000000 ____D C:\Program Files (x86)\Wind Trade
2019-03-28 12:57 - 2019-03-29 17:42 - 000000000 ____D C:\ProgramData\D3AA93D3
2019-03-28 12:57 - 2019-03-28 12:58 - 000002676 __RSH C:\ProgramData\ntuser.pol
2019-03-28 12:57 - 2019-03-28 12:57 - 000000000 ____D C:\ProgramData\Jisone
2019-03-28 12:54 - 2019-03-28 12:58 - 000722944 _____ C:\Users\Aaron\AppData\Local\sha.db
2019-03-27 22:20 - 2019-03-27 22:20 - 000098234 _____ C:\Windows\uninstaller.dat
2019-03-25 08:46 - 2019-03-25 08:46 - 000034568 _____ (ASRock Incorporation) C:\Windows\SysWOW64\Drivers\AsrDrv103.sys
2019-03-25 08:46 - 2019-03-25 08:46 - 000022248 _____ (ASRock Incorporation) C:\Windows\SysWOW64\Drivers\AsrDrv102.sys
2019-03-24 20:46 - 2019-03-28 16:39 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\qBittorrent
2019-03-24 20:46 - 2019-03-24 20:46 - 023438713 _____ (The qBittorrent project) C:\Users\Aaron\Downloads\qbittorrent_4.1.5_x64_setup.exe
2019-03-24 20:46 - 2019-03-24 20:46 - 000000889 _____ C:\Users\Public\Desktop\qBittorrent.lnk
2019-03-24 20:46 - 2019-03-24 20:46 - 000000000 ____D C:\Users\Aaron\AppData\Local\qBittorrent
2019-03-24 20:46 - 2019-03-24 20:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2019-03-24 20:46 - 2019-03-24 20:46 - 000000000 ____D C:\Program Files\qBittorrent
2019-03-24 11:40 - 2019-03-24 11:40 - 000000000 ____D C:\Users\Aaron\AppData\Local\id Software
2019-03-24 11:39 - 2019-03-24 11:39 - 000000000 ____D C:\Users\Public\Documents\Steam
2019-03-24 11:39 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2019-03-24 11:39 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2019-03-24 11:39 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2019-03-24 11:39 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2019-03-24 11:39 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2019-03-24 11:39 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2019-03-24 11:39 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2019-03-24 11:39 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2019-03-24 11:39 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2019-03-24 11:39 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2019-03-24 11:39 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2019-03-24 11:39 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2019-03-24 11:39 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2019-03-24 11:39 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2019-03-24 11:39 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2019-03-24 11:39 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2019-03-24 11:39 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2019-03-24 11:39 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2019-03-24 11:39 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2019-03-24 11:39 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2019-03-24 11:39 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2019-03-24 11:39 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2019-03-24 11:39 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2019-03-24 11:39 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2019-03-24 11:39 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2019-03-24 11:39 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2019-03-24 11:39 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2019-03-24 11:39 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2019-03-24 11:39 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2019-03-24 11:39 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2019-03-24 11:39 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2019-03-24 11:39 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2019-03-24 11:39 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2019-03-24 11:39 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2019-03-24 11:39 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2019-03-24 11:39 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2019-03-24 11:39 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2019-03-24 11:39 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2019-03-24 11:39 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2019-03-24 11:39 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2019-03-24 11:39 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2019-03-24 11:39 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2019-03-24 11:39 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2019-03-24 11:39 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2019-03-24 11:39 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2019-03-24 11:39 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2019-03-24 11:39 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2019-03-24 11:39 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2019-03-24 11:39 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2019-03-24 11:39 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2019-03-24 11:39 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2019-03-24 11:39 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2019-03-24 11:39 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2019-03-24 11:39 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2019-03-24 11:39 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2019-03-24 11:39 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2019-03-24 11:39 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2019-03-24 11:39 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2019-03-24 11:39 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2019-03-24 11:39 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2019-03-24 11:39 - 2008-10-10 04:52 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2019-03-24 11:39 - 2008-10-10 04:52 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2019-03-24 11:39 - 2008-10-10 04:52 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2019-03-24 11:39 - 2008-10-10 04:52 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2019-03-24 11:39 - 2008-10-10 04:52 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2019-03-24 11:39 - 2008-10-10 04:52 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2019-03-24 11:39 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2019-03-24 11:39 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2019-03-24 11:39 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2019-03-24 11:39 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2019-03-24 11:39 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2019-03-24 11:39 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2019-03-24 11:39 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2019-03-24 11:39 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2019-03-24 11:39 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2019-03-24 11:39 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2019-03-24 11:39 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2019-03-24 11:39 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2019-03-24 11:39 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2019-03-24 11:39 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2019-03-24 11:39 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2019-03-24 11:39 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2019-03-24 11:39 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2019-03-24 11:39 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2019-03-24 11:39 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2019-03-24 11:39 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2019-03-24 11:39 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2019-03-24 11:39 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2019-03-24 11:39 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2019-03-24 11:39 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2019-03-24 11:39 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2019-03-24 11:39 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2019-03-24 11:39 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2019-03-24 11:39 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2019-03-24 11:39 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2019-03-24 11:39 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2019-03-24 11:39 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2019-03-24 11:39 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2019-03-24 11:39 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2019-03-24 11:39 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2019-03-24 11:39 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2019-03-24 11:39 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2019-03-24 11:39 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2019-03-24 11:39 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2019-03-24 11:39 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2019-03-24 11:39 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2019-03-24 11:39 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2019-03-24 11:39 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2019-03-24 11:39 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2019-03-24 11:39 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2019-03-24 11:39 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2019-03-24 11:39 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2019-03-24 11:38 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2019-03-24 11:38 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2019-03-24 11:38 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2019-03-24 11:38 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2019-03-24 11:38 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2019-03-24 11:38 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2019-03-24 11:38 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2019-03-24 11:38 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2019-03-24 11:38 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2019-03-24 11:38 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2019-03-24 11:38 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2019-03-24 11:38 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2019-03-24 11:38 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2019-03-24 11:38 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2019-03-24 11:38 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2019-03-24 11:38 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2019-03-24 11:38 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2019-03-24 11:38 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2019-03-24 11:38 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2019-03-24 11:38 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2019-03-24 11:38 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2019-03-24 11:38 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2019-03-24 11:38 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2019-03-24 11:38 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2019-03-24 11:38 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2019-03-24 11:38 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2019-03-24 11:38 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2019-03-24 11:38 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2019-03-24 11:38 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2019-03-24 11:38 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2019-03-24 11:38 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2019-03-24 11:38 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2019-03-24 11:38 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2019-03-24 11:38 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2019-03-24 11:38 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2019-03-24 11:38 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2019-03-24 11:38 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2019-03-24 11:38 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2019-03-24 11:38 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2019-03-24 11:38 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2019-03-24 11:38 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2019-03-24 11:38 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2019-03-24 11:38 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2019-03-24 11:38 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2019-03-24 11:38 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2019-03-24 11:38 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2019-03-24 11:38 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2019-03-24 11:38 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2019-03-24 11:38 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2019-03-24 11:38 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2019-03-24 11:38 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2019-03-24 11:38 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2019-03-24 11:38 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2019-03-24 11:38 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2019-03-24 11:38 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2019-03-24 11:38 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2019-03-24 11:38 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2019-03-24 11:38 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2019-03-24 11:38 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2019-03-24 11:38 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2019-03-24 11:38 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2019-03-24 11:38 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2019-03-24 11:38 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2019-03-24 11:38 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2019-03-24 11:38 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2019-03-24 11:38 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2019-03-24 11:38 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2019-03-24 11:38 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2019-03-24 11:38 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2019-03-24 11:38 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2019-03-24 11:37 - 2019-03-30 13:07 - 000000000 ____D C:\Windows\SysWOW64\directx
2019-03-24 11:37 - 2019-03-30 13:06 - 000000000 ___HD C:\Windows\msdownld.tmp
2019-03-24 11:37 - 2019-03-24 11:37 - 000292184 _____ (Microsoft Corporation) C:\Users\Aaron\Downloads\dxwebsetup.exe
2019-03-24 10:56 - 2019-03-24 10:56 - 000000000 ____D C:\Users\Aaron\AppData\LocalLow\The Fun Pimps
2019-03-24 10:55 - 2019-03-24 11:03 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\7DaysToDie
2019-03-24 10:55 - 2019-03-24 10:55 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\EasyAntiCheat
2019-03-24 10:55 - 2019-03-24 10:55 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2019-03-24 10:36 - 2019-03-24 10:36 - 000000222 _____ C:\Users\Aaron\Desktop\7 Days to Die.url
2019-03-24 10:19 - 2019-03-24 10:19 - 000000765 _____ C:\Users\Public\Desktop\Doom 2016 (Vulkan).lnk
2019-03-24 10:19 - 2019-03-24 10:19 - 000000753 _____ C:\Users\Public\Desktop\Doom 2016 (OpenGL).lnk
2019-03-24 10:19 - 2019-03-24 10:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doom 2016
2019-03-22 10:34 - 2019-03-22 17:58 - 000000000 ____D C:\Users\Aaron\Downloads\Watch Dogs 2 - Gold Edition [FitGirl Repack]
2019-03-22 10:28 - 2019-03-22 10:28 - 000000000 ____D C:\Users\Aaron\Downloads\Doom Complete Edition v6.66
2019-03-18 10:47 - 2019-03-18 10:48 - 066481097 _____ C:\Users\Aaron\Downloads\PolychromeRGB(v1.0.34).zip
2019-03-18 10:43 - 2019-03-18 10:43 - 000000914 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2019-03-18 10:42 - 2019-03-18 10:42 - 000000975 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2019-03-18 10:27 - 2019-03-18 10:27 - 000001390 _____ C:\Users\Public\Desktop\ASRRGBLED.lnk
2019-03-18 10:27 - 2019-03-18 10:27 - 000000000 ___HD C:\Program Files (x86)\Temp
2019-03-18 10:27 - 2019-03-18 10:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2019-03-18 10:27 - 2019-03-18 10:27 - 000000000 ____D C:\Program Files (x86)\ASRock Utility
2019-03-18 10:27 - 2018-01-15 14:40 - 002856800 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2019-03-17 13:29 - 2019-03-17 13:29 - 000000000 ____D C:\Downloaded Games
2019-03-17 12:25 - 2019-03-17 12:31 - 000000000 ____D C:\Maya Projects
2019-03-17 12:24 - 2019-03-17 16:51 - 000000000 ____D C:\Assets
2019-03-17 12:22 - 2019-03-17 16:48 - 000000000 ____D C:\Tutorials
2019-03-15 15:24 - 2019-03-15 15:24 - 024616960 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 020814848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 019284480 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 012151296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 007897088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 006069760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 005436184 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 004920832 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 003744256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 003566080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 003551408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 002752360 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 002323688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 002278240 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 001969152 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 001706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 001521664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 001307648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 001294856 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 001289192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 001258808 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-03-15 15:24 - 2019-03-15 15:24 - 001200920 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 001077912 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 001072720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000866152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCacheProvider.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000684032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfh264enc.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000560128 _____ (Microsoft Corporation) C:\Windows\system32\mfh264enc.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000421688 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000420864 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSh.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDistSh.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000263360 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCleaner.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000224768 _____ (Microsoft Corporation) C:\Windows\system32\PeerDist.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PeerDist.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000181248 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistWSDDiscoProv.dll
2019-03-15 15:24 - 2019-03-15 15:24 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 026810368 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 023440896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 022114960 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 019023872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 017520640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 015224320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 012857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 009683256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 009670656 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 008875008 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 007883776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 007882240 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 007688088 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 007647256 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 007556392 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 007251456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 006548168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 006440960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 006309040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 005915936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 005588184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 005566464 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 005296640 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 004883968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 004689408 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 004588744 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 004245280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 003983360 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 003923456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 003761664 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 003729808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 003660288 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 003656192 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 003652656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 003504128 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 003427840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 003399168 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 003382272 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 003378488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 003108864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002942464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002926904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 002871312 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 002842112 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002776712 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002766648 _____ (Microsoft Corporation) C:\Windows\system32\UpdateAgent.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002720768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 002700792 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002689536 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002637312 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 002630656 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002626360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 002488320 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 002447360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapRouter.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002437344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002275680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002199864 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems64.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002187776 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002141184 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.ModernAppAgent.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002127360 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002073240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002044416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002021584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 002013696 _____ C:\Windows\system32\rdpnano.dll

Capsize · Mar 30, 2019

2019-03-15 15:23 - 2019-03-15 15:23 - 002001408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapGeocoder.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001994760 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001969464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 001931264 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001899160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001893888 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001884672 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001860608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001844448 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001830200 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001782272 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001760768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001751352 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001742104 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001715712 _____ (Microsoft Corporation) C:\Windows\system32\ISM.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001711616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001701376 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001697744 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-03-15 15:23 - 2019-03-15 15:23 - 001672704 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001656832 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001644048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001641400 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001612600 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001604096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001590072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001572176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001563336 _____ (Microsoft Corporation) C:\Windows\system32\ttdrecordcpu.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001522488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppVEntSubsystems32.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001506816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001496064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001481488 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001479480 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001468440 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 001457544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D12.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001403920 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001360696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 001341880 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-03-15 15:23 - 2019-03-15 15:23 - 001332224 _____ (Microsoft Corporation) C:\Windows\system32\lpasvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001331536 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001296576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001272552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ttdrecordcpu.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001267712 _____ (Microsoft Corporation) C:\Windows\system32\APMon.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001259320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 001256448 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001253688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 001224704 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001221944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001221120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 001208320 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001199104 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001191512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001180248 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001179168 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 001177088 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.CommonBridge.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001176064 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001131520 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001121280 _____ (Microsoft Corporation) C:\Windows\system32\ApplySettingsTemplateCatalog.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 001098128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001087800 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001078072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Services.TargetedContent.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001072640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001056272 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001054200 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 001052160 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001047040 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001043256 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 001022616 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001008128 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 001001472 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2019-03-15 15:23 - 2019-03-15 15:23 - 000981816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refsv1.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000955392 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000926208 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000918032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000908800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2019-03-15 15:23 - 2019-03-15 15:23 - 000902144 _____ (Microsoft Corporation) C:\Windows\system32\BingOnlineServices.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000895048 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000888320 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000888120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pidgenx.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000883712 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000871792 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000865568 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000860160 _____ C:\Windows\system32\MBR2GPT.EXE
2019-03-15 15:23 - 2019-03-15 15:23 - 000850760 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000836096 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000833064 _____ C:\Windows\system32\InputHost.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000831288 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000823296 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000817464 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000808464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000790328 _____ (Microsoft Corporation) C:\Windows\system32\upshared.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000782968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000775168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000772608 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000772408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Services.TargetedContent.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000769536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000764216 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000762880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000760832 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.PrinterCustomActions.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000757664 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000745984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000743224 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000741888 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000735760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000726416 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingOnlineServices.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000714240 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000703488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000691712 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000680184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000661816 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000655160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000652824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000651576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000649528 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000649272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000646656 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000646632 _____ (Microsoft Corporation) C:\Windows\system32\msvcp_win.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000642048 _____ (Microsoft Corporation) C:\Windows\system32\SharedRealitySvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000622080 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000621568 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000619832 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000605496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000604336 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000599040 _____ (Microsoft Corporation) C:\Windows\system32\facecredentialprovider.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000591832 _____ C:\Windows\SysWOW64\InputHost.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\PlayToManager.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000572416 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000566272 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000553784 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000549376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000548864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000540672 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-03-15 15:23 - 2019-03-15 15:23 - 000531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000525312 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000519992 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000511800 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000508216 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000505656 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsound.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000495104 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\ResourceMapper.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000484976 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_enclave.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000479232 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000474936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-03-15 15:23 - 2019-03-15 15:23 - 000463672 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000460304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Picker.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000453944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000452096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000449368 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000449024 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000444728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000435712 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000419128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2019-03-15 15:23 - 2019-03-15 15:23 - 000411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToManager.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000407552 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000404792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000402944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000395064 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000387832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000386872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000383288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000383288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000367616 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\DataUsageHandlers.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000359424 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000355360 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000348160 _____ (Microsoft Corporation) C:\Windows\system32\BioCredProv.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000340480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000336744 _____ (Microsoft Corporation) C:\Windows\system32\AudioSrvPolicyManager.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Picker.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000330464 _____ (Microsoft Corporation) C:\Windows\system32\ttdwriter.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000322576 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\MbbCx.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000279376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BioCredProv.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000272648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ttdwriter.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000264192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000262456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000246584 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\smbwmiv2.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000224256 _____ (Microsoft Corporation) C:\Windows\system32\ptpprov.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000214528 _____ (Microsoft Corporation) C:\Windows\system32\srumsvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\SecureTimeAggregator.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000202552 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000196608 _____ (Microsoft Corporation) C:\Windows\system32\smartscreenps.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000195896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000180736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srumsvc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000178688 _____ (Microsoft Corporation) C:\Windows\system32\winbio.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000177664 _____ (Microsoft Corporation) C:\Windows\system32\ngctasks.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000174392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AppvVemgr.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\SpatialAudioLicenseSrv.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000169784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000156984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000147968 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000147256 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SpatialAudioLicenseSrv.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000138960 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000134144 _____ (Microsoft Corporation) C:\Windows\system32\DataUsageLiveTileTask.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\smartscreenps.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srpapi.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winbio.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\DolbyMATEnc.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000115152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wldp.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000104248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bindflt.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000096256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000095544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storqosflt.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000090424 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000071184 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Uev.Common.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\UevAppMonitor.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000035640 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2019-03-15 15:23 - 2019-03-15 15:23 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\SecureBioSysprep.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2019-03-15 15:23 - 2019-03-15 15:23 - 000032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rfxvmt.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-03-15 15:23 - 2019-03-15 15:23 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-03-15 15:23 - 2019-03-15 15:23 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-03-15 15:23 - 2019-03-15 15:23 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-03-15 15:23 - 2019-03-15 15:23 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-03-15 15:23 - 2019-03-15 15:23 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-03-15 15:23 - 2019-03-15 15:23 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-03-15 15:23 - 2019-03-15 15:23 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-03-15 15:23 - 2019-03-15 15:23 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-03-14 09:33 - 2019-03-14 09:33 - 000307793 _____ C:\Users\Aaron\Documents\Moonlight Cinema.pdf
2019-03-14 09:33 - 2019-03-14 09:33 - 000000000 ____D C:\Users\Aaron\AppData\LocalLow\Temp
2019-03-11 12:24 - 2019-03-11 12:43 - 000000000 ____D C:\Users\Aaron\Documents\DawnOfMan
2019-03-11 12:24 - 2019-03-11 12:24 - 000000000 ____D C:\Users\Aaron\AppData\LocalLow\Madruga Works
2019-03-11 10:03 - 2019-03-24 10:36 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-03-11 10:03 - 2019-03-11 10:03 - 000000222 _____ C:\Users\Aaron\Desktop\Dawn of Man.url
2019-03-11 09:29 - 2019-03-11 09:29 - 000003352 _____ C:\Windows\System32\Tasks\SamsungMagician
2019-03-11 09:29 - 2019-03-11 09:29 - 000000000 ____D C:\ProgramData\Samsung
2019-03-11 09:29 - 2019-03-11 09:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2019-03-11 09:29 - 2019-03-11 09:29 - 000000000 ____D C:\Program Files (x86)\Samsung
2019-03-11 09:24 - 2019-03-11 09:24 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\KSM
2019-03-11 09:23 - 2019-03-11 09:24 - 000000000 ____D C:\Program Files (x86)\Kingston_SSD_Manager
2019-03-11 09:23 - 2019-03-11 09:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingston SSD Manager
2019-03-11 09:08 - 2019-03-11 09:08 - 000000000 ____D C:\Users\Aaron\AppData\Local\DBG
2019-03-11 09:07 - 2019-03-11 09:08 - 000000000 ____D C:\Users\Aaron\Desktop\Old PSD's
2019-03-11 08:54 - 2019-03-11 08:54 - 000002684 _____ C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2019-03-11 08:53 - 2017-11-12 14:04 - 000003999 _____ C:\Users\Aaron\Documents\jesswatercolorbrush (2).abr
2019-03-11 08:53 - 2017-11-12 14:04 - 000003999 _____ C:\Users\Aaron\Documents\jesswatercolorbrush (1).abr
2019-03-11 08:50 - 2019-03-11 08:50 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\WinRAR
2019-03-11 08:49 - 2019-03-11 08:49 - 000000000 ____D C:\Program Files\WinRAR
2019-03-11 08:48 - 2019-03-11 08:48 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2019-03-11 08:48 - 2019-03-11 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2019-03-11 08:48 - 2019-03-11 08:48 - 000000000 ____D C:\Program Files\iTunes
2019-03-11 08:48 - 2019-03-11 08:48 - 000000000 ____D C:\Program Files\iPod
2019-03-11 08:47 - 2019-03-31 07:28 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\Spotify
2019-03-11 08:47 - 2019-03-30 11:07 - 000000000 ____D C:\Users\Aaron\AppData\Local\Spotify
2019-03-11 08:47 - 2019-03-11 08:47 - 000001850 _____ C:\Users\Aaron\Desktop\Spotify.lnk
2019-03-11 08:47 - 2019-03-11 08:47 - 000001836 _____ C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2019-03-11 08:47 - 2017-10-06 10:43 - 014241787 _____ C:\Users\Aaron\Documents\IMG_1807.MOV
2019-03-11 08:46 - 2019-03-11 08:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2019-03-11 08:44 - 2019-03-11 08:51 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\Apple Computer
2019-03-11 08:44 - 2019-03-11 08:46 - 000000000 ____D C:\Users\Aaron\AppData\Local\Apple Computer
2019-03-11 08:43 - 2019-03-11 08:46 - 000000000 ____D C:\Program Files\Common Files\Apple
2019-03-11 08:43 - 2019-03-11 08:43 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2019-03-11 08:43 - 2019-03-11 08:43 - 000000000 ____D C:\Windows\System32\Tasks\Apple
2019-03-11 08:43 - 2019-03-11 08:43 - 000000000 ____D C:\Users\Aaron\AppData\Local\Apple
2019-03-11 08:43 - 2019-03-11 08:43 - 000000000 ____D C:\ProgramData\Apple Computer
2019-03-11 08:43 - 2019-03-11 08:43 - 000000000 ____D C:\Program Files\Bonjour
2019-03-11 08:43 - 2019-03-11 08:43 - 000000000 ____D C:\Program Files (x86)\Bonjour
2019-03-11 08:43 - 2019-03-11 08:43 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2019-03-11 08:42 - 2019-03-11 08:43 - 000000000 ____D C:\ProgramData\Apple
2019-03-11 08:40 - 2019-03-11 08:40 - 000002729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2019-03-11 08:40 - 2019-03-11 08:40 - 000002662 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive для бизнеса.lnk
2019-03-11 08:40 - 2019-03-11 08:40 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2019-03-11 08:40 - 2019-03-11 08:40 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype для бизнеса 2016.lnk
2019-03-11 08:40 - 2019-03-11 08:40 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2019-03-11 08:40 - 2019-03-11 08:40 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-03-11 08:40 - 2019-03-11 08:40 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2019-03-11 08:40 - 2019-03-11 08:40 - 000002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2019-03-11 08:40 - 2019-03-11 08:40 - 000002628 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2019-03-11 08:40 - 2019-03-11 08:40 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Средства Microsoft Office 2016
2019-03-11 08:39 - 2019-03-11 08:39 - 000000000 ____D C:\Windows\PCHEALTH
2019-03-11 08:39 - 2019-03-11 08:39 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2019-03-11 08:39 - 2019-03-11 08:39 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2019-03-11 08:39 - 2019-03-11 08:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-03-11 08:39 - 2019-03-11 08:39 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2019-03-11 08:35 - 2019-03-11 08:40 - 000000000 ____D C:\Windows\SHELLNEW
2019-03-11 08:35 - 2019-03-11 08:39 - 000000000 ____D C:\Program Files\Microsoft Office
2019-03-11 08:35 - 2019-03-11 08:35 - 000000000 __RHD C:\MSOCache
2019-03-11 08:35 - 2019-03-11 08:35 - 000000000 ____D C:\Users\Aaron\AppData\Local\Microsoft Help
2019-03-11 08:35 - 2019-03-11 08:35 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2019-03-11 08:35 - 2019-03-11 08:35 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-03-11 08:35 - 2019-03-11 08:35 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2019-03-11 08:32 - 2019-03-11 08:32 - 000002469 _____ C:\Users\Aaron\Desktop\Grammarly.lnk
2019-03-11 08:32 - 2019-03-11 08:32 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grammarly
2019-03-11 08:32 - 2019-03-11 08:32 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\Grammarly
2019-03-11 08:32 - 2019-03-11 08:32 - 000000000 ____D C:\Users\Aaron\AppData\Local\SquirrelTemp
2019-03-11 08:32 - 2019-03-11 08:32 - 000000000 ____D C:\Users\Aaron\AppData\Local\GrammarlyForWindows
2019-03-11 08:32 - 2019-01-19 12:50 - 035947974 _____ C:\Users\Aaron\Documents\Farming Simulator eBooks.zip
2019-03-11 08:31 - 2019-03-29 08:31 - 000000000 ____D C:\Users\Aaron\Documents\Buildbox
2019-03-11 08:31 - 2018-10-06 11:23 - 001655668 _____ C:\Users\Aaron\Documents\amidst-v4-3-beta5.exe
2019-03-11 08:30 - 2017-12-07 11:07 - 008672900 _____ C:\Users\Aaron\Documents\ak90-3.19.rar
2019-03-11 08:29 - 2019-03-29 10:57 - 000000000 ____D C:\Backups
2019-03-10 12:50 - 2019-03-11 08:51 - 000000000 ____D C:\Users\Aaron\AppData\Local\PlaceholderTileLogoFolder
2019-03-10 12:50 - 2019-03-10 12:50 - 000000000 ____D C:\Users\Aaron\AppData\Local\PeerDistRepub
2019-03-10 12:49 - 2019-03-27 11:41 - 000003374 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-68770294-676844702-3198948009-1002
2019-03-10 12:49 - 2019-03-27 11:41 - 000000000 ___RD C:\Users\Aaron\OneDrive
2019-03-10 12:49 - 2019-03-10 12:49 - 000000000 ___HD C:\Users\Aaron\MicrosoftEdgeBackups
2019-03-10 12:48 - 2019-03-11 10:01 - 000000000 ____D C:\Users\Aaron\AppData\Local\MicrosoftEdge
2019-03-10 12:47 - 2019-03-29 17:29 - 000000000 ____D C:\Users\Aaron
2019-03-10 12:47 - 2019-03-28 13:07 - 000000000 ____D C:\Users\Aaron\AppData\Local\Packages
2019-03-10 12:47 - 2019-03-27 11:41 - 000002359 _____ C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

Capsize · Mar 30, 2019

2019-03-10 12:47 - 2019-03-10 12:47 - 000000020 ___SH C:\Users\Aaron\ntuser.ini
2019-03-10 12:47 - 2019-03-10 12:47 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\Adobe
2019-03-10 12:47 - 2019-03-10 12:47 - 000000000 ____D C:\Users\Aaron\AppData\Local\VirtualStore
2019-03-10 12:47 - 2019-03-10 12:47 - 000000000 ____D C:\Users\Aaron\AppData\Local\Publishers
2019-03-10 12:47 - 2019-03-10 12:47 - 000000000 ____D C:\Users\Aaron\AppData\Local\ConnectedDevicesPlatform
2019-03-10 12:47 - 2019-03-10 09:06 - 000000000 ___RD C:\Users\Aaron\3D Objects
2019-03-10 12:45 - 2019-03-10 12:45 - 000000000 ____D C:\Windows\CSC
2019-03-10 12:38 - 2019-03-10 12:38 - 000002844 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-68770294-676844702-3198948009-500
2019-03-09 21:15 - 2019-03-09 21:15 - 000000000 ____D C:\Users\Public\Documents\uPlay
2019-03-09 21:15 - 2019-03-09 21:15 - 000000000 ____D C:\Users\Aaron\Documents\My Games
2019-03-09 21:13 - 2019-03-18 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2019-03-09 21:13 - 2019-03-18 10:42 - 000000000 ____D C:\Program Files\CPUID
2019-03-09 21:08 - 2019-03-09 21:08 - 000000928 _____ C:\Users\Aaron\Desktop\Far Cry New Dawn.lnk
2019-03-09 21:08 - 2019-03-09 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry New Dawn
2019-03-09 20:59 - 2019-03-30 11:11 - 000000000 ____D C:\Games
2019-03-09 20:18 - 2019-03-09 20:18 - 011724288 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 009941504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 007724992 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 006925824 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 006132736 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 005764608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 005561856 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 005527552 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 005205464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 005130752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 005112792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 005086208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 004991096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 004702704 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 004627456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 004526080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 004298752 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 004019200 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 003952952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 003601920 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 003556352 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 003338328 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 003334144 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 003270144 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 003092480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002992640 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002986352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002929152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002879488 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002843136 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002765312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002654208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002618880 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002594872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002466304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002429752 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2019-03-09 20:18 - 2019-03-09 20:18 - 002392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002346496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002298880 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002185728 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002160160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2019-03-09 20:18 - 2019-03-09 20:18 - 002149368 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002086400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 002085376 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001903616 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001819136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001749504 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001720936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001700880 _____ (Microsoft Corporation) C:\Windows\system32\ContentDeliveryManager.Utilities.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001688576 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001675712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001674480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001671864 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001671680 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001664904 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001616384 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001533440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001467560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001462272 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001446400 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001415680 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001395248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001391096 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 001387496 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001315840 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001314304 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001294848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001287776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001282640 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001279024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 001271608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001254912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001249792 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001221528 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 001209360 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001192448 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001182720 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2019-03-09 20:18 - 2019-03-09 20:18 - 001168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001166336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscui.cpl
2019-03-09 20:18 - 2019-03-09 20:18 - 001162280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001110528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001064448 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001057976 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001057792 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 001051960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ClipSp.sys
2019-03-09 20:18 - 2019-03-09 20:18 - 001032704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 001026992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll

Capsize · Mar 30, 2019

C:\Windows\system32\DisplayManager.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpdxm.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000166400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscinterop.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSrv.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 000164344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2019-03-09 20:18 - 2019-03-09 20:18 - 000164288 _____ (Microsoft Corporation) C:\Windows\system32\vertdll.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000159744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredui.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000155648 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000151872 _____ (Microsoft Corporation) C:\Windows\system32\rmclient.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\container.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\CastingShellExt.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000148480 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 000146888 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000140808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2019-03-09 20:18 - 2019-03-09 20:18 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintWorkflowService.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000137216 _____ (Microsoft Corporation) C:\Windows\system32\SpaceAgent.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 000134144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CastingShellExt.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000132104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2019-03-09 20:18 - 2019-03-09 20:18 - 000129024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spopk.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000125440 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000122368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DisplayManager.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000121872 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2019-03-09 20:18 - 2019-03-09 20:18 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000114856 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSup.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000114344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rmclient.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2019-03-09 20:18 - 2019-03-09 20:18 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000098816 ____R (Microsoft Corporation) C:\Windows\system32\MixedRealityCapture.Broker.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000097592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2019-03-09 20:18 - 2019-03-09 20:18 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpshell.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000094224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fileinfo.sys
2019-03-09 20:18 - 2019-03-09 20:18 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\provdatastore.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\nlahc.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\PktMon.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2019-03-09 20:18 - 2019-03-09 20:18 - 000091424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CompPkgSup.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2019-03-09 20:18 - 2019-03-09 20:18 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcnfs.sys
2019-03-09 20:18 - 2019-03-09 20:18 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 000083472 _____ (Microsoft Corporation) C:\Windows\system32\vid.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 000080400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2019-03-09 20:18 - 2019-03-09 20:18 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\ProvSysprep.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nslookup.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmi.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000075776 _____ (Microsoft Corporation) C:\Windows\system32\SMSRouter.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000074424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WindowsTrustedRT.sys
2019-03-09 20:18 - 2019-03-09 20:18 - 000071168 _____ (Microsoft Corporation) C:\Windows\system32\fdBth.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsiwmi.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\umpo-overrides.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdBth.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000058880 _____ (Microsoft Corporation)
C:\Windows\SysWOW64\offreg.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000055608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\iorate.sys
2019-03-09 20:18 - 2019-03-09 20:18 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mmcss.sys
2019-03-09 20:18 - 2019-03-09 20:18 - 000047136 _____ (Microsoft Corporation) C:\Windows\system32\browser_broker.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\lpkinstall.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\npmproxy.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000039304 _____ (Microsoft Corporation) C:\Windows\system32\NtlmShared.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wpnsruprov.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\perfts.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 000033056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NtlmShared.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2019-03-09 20:18 - 2019-03-09 20:18 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfts.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2019-03-09 20:18 - 2019-03-09 20:18 - 000000072 _____ C:\Windows\system32\edgehtmlpluginpolicy.bin
2019-03-09 20:16 - 2019-03-15 15:22 - 000000000 ____D C:\Windows\system32\MRT
2019-03-09 20:16 - 2019-03-15 15:21 - 127411920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-03-09 20:00 - 2019-03-09 20:00 - 000000000 ____D C:\Users\Aaron\AppData\LocalLow\AMD
2019-03-09 20:00 - 2019-03-09 20:00 - 000000000 ____D C:\Users\Aaron\AppData\Local\Steam
2019-03-09 20:00 - 2019-03-09 20:00 - 000000000 ____D C:\Users\Aaron\AppData\Local\CEF
2019-03-09 19:59 - 2019-03-31 07:37 - 000000000 ____D C:\Program Files (x86)\Steam
2019-03-09 19:59 - 2019-03-09 19:59 - 000001028 _____ C:\Users\Public\Desktop\Steam.lnk
2019-03-09 19:59 - 2019-03-09 19:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2019-03-09 18:12 - 2019-03-09 18:12 - 000000000 ____D C:\Users\Aaron\AppData\Local\Comms
2019-03-09 18:10 - 2019-03-30 22:05 - 000000000 ____D C:\Users\Aaron\AppData\Local\Everything
2019-03-09 18:10 - 2019-03-30 10:55 - 000003696 _____ C:\bdlog.txt
2019-03-09 18:08 - 2019-03-29 11:11 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\vlc
2019-03-09 18:08 - 2019-03-09 18:08 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-03-09 18:08 - 2019-03-09 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-03-09 18:08 - 2019-03-09 18:08 - 000000000 ____D C:\Program Files\VideoLAN
2019-03-09 18:06 - 2019-03-31 08:01 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\Everything
2019-03-09 18:06 - 2019-03-09 18:06 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Everything
2019-03-09 18:06 - 2019-03-09 18:06 - 000000000 ____D C:\Program Files (x86)\Everything
2019-03-09 18:04 - 2019-03-09 18:04 - 000000000 ____D C:\ProgramData\Bitdefender Device Management
2019-03-09 18:03 - 2019-03-09 18:03 - 000000000 ____D C:\ProgramData\Gemma
2019-03-09 18:03 - 2019-03-09 18:03 - 000000000 ____D C:\ProgramData\Atc
2019-03-09 18:02 - 2019-03-28 14:38 - 000000000 ____D C:\ProgramData\Bitdefender
2019-03-09 18:02 - 2019-03-09 18:02 - 000003802 _____ C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2019-03-09 18:02 - 2019-03-09 18:02 - 000000000 ____D C:\Windows\system32\elambkup
2019-03-09 18:02 - 2019-03-09 18:02 - 000000000 ____D C:\ProgramData\BDLogging
2019-03-09 18:02 - 2007-04-11 12:11 - 000511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2019-03-09 18:00 - 2019-03-09 18:04 - 000000000 ____D C:\Program Files\Bitdefender Agent
2019-03-09 18:00 - 2019-03-09 18:00 - 000102864 _____ C:\ProgramData\agent.1552114845.bdinstall.v2.bin
2019-03-09 18:00 - 2019-03-09 18:00 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2019-03-09 17:57 - 2019-03-31 07:28 - 000000000 ____D C:\Users\Aaron\AppData\LocalLow\Mozilla
2019-03-09 17:57 - 2019-03-29 18:43 - 000000000 ____D C:\Movies
2019-03-09 17:57 - 2019-03-28 16:33 - 000000000 ____D C:\Torrent Downloads
2019-03-09 17:57 - 2019-03-28 13:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-09 17:57 - 2019-03-28 13:01 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-03-09 17:57 - 2019-03-09 17:57 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-03-09 17:57 - 2019-03-09 17:57 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\Mozilla
2019-03-09 17:57 - 2019-03-09 17:57 - 000000000 ____D C:\Users\Aaron\AppData\Local\Mozilla
2019-03-09 17:57 - 2019-03-09 17:57 - 000000000 ____D C:\ProgramData\Mozilla
2019-03-09 17:56 - 2019-03-31 07:28 - 000000000 ____D C:\Users\Aaron\AppData\Local\D3DSCache
2019-03-09 17:54 - 2019-03-31 07:28 - 000003112 _____ C:\Windows\System32\Tasks\AMDLinkUpdate
2019-03-09 17:54 - 2019-03-09 17:54 - 000003198 _____ C:\Windows\System32\Tasks\ModifyLinkUpdate
2019-03-09 17:54 - 2019-03-09 17:54 - 000003074 _____ C:\Windows\System32\Tasks\StartDVR
2019-03-09 17:54 - 2019-03-09 17:54 - 000000000 ____D C:\Users\Aaron\AppData\Local\AMD
2019-03-09 17:54 - 2019-03-09 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2019-03-09 17:54 - 2019-03-09 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2019-03-09 17:54 - 2019-03-09 17:54 - 000000000 ____D C:\Program Files (x86)\AMD
2019-03-09 17:53 - 2019-03-09 17:53 - 000000000 ____D C:\Users\Aaron\AppData\Roaming\ATI
2019-03-09 17:53 - 2019-03-09 17:53 - 000000000 ____D C:\Users\Aaron\AppData\Local\ATI
2019-03-09 17:53 - 2019-03-09 17:53 - 000000000 ____D C:\ProgramData\ATI
2019-03-09 17:53 - 2019-03-09 17:53 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2019-03-09 17:52 - 2019-03-24 10:22 - 000000000 ____D C:\ProgramData\Package Cache
2019-03-09 17:52 - 2019-03-09 17:54 - 000003160 _____ C:\Windows\System32\Tasks\StartCN
2019-03-09 17:52 - 2019-03-09 17:52 - 000000000 ____D C:\Users\Aaron\AppData\Local\RadeonInstaller
2019-03-09 17:51 - 2019-03-30 10:55 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-03-09 17:51 - 2019-03-09 17:54 - 000000000 ____D C:\Program Files\AMD
2019-03-09 17:51 - 2019-03-09 17:54 - 000000000 ____D C:\AMD
2019-03-09 17:51 - 2019-03-09 17:51 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2019-03-07 07:09 - 2019-03-07 07:09 - 001595824 _____ (AMD) C:\Windows\system32\coinst_18.50.dll
2019-03-07 07:09 - 2019-03-07 07:09 - 001218688 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2019-03-07 07:09 - 2019-03-07 07:09 - 000185776 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2019-03-07 07:09 - 2019-03-07 07:09 - 000162224 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2019-03-07 07:09 - 2019-03-07 07:09 - 000027408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2019-03-07 07:09 - 2019-03-07 07:09 - 000027408 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2019-03-07 02:54 - 2019-03-07 02:54 - 000125488 _____ C:\Windows\system32\kapp_ci.sbin
2019-03-07 02:54 - 2019-03-07 02:54 - 000121168 _____ C:\Windows\system32\kapp_si.sbin
2019-03-07 02:54 - 2019-03-07 02:54 - 000034450 _____ C:\Windows\system32\AMDKernelEvents.man

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-31 07:59 - 2018-09-15 18:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-03-30 19:32 - 2018-11-15 04:06 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-03-30 19:20 - 2018-09-15 18:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-03-30 19:20 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\AppReadiness
2019-03-30 11:02 - 2018-11-15 04:16 - 000795988 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-30 11:02 - 2018-09-15 18:31 - 000000000 ____D C:\Windows\INF
2019-03-30 10:55 - 2018-11-15 04:07 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-30 10:55 - 2018-09-15 17:09 - 000524288 _____ C:\Windows\system32\config\BBI
2019-03-30 10:43 - 2018-09-15 18:33 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-03-29 19:48 - 2018-09-15 18:23 - 000000000 ____D C:\Windows\CbsTemp
2019-03-29 12:48 - 2013-08-31 15:09 - 000000000 ____D C:\Users\Aaron\Desktop\!Got To Sought!
2019-03-28 13:55 - 2018-09-15 18:33 - 000000000 ____D C:\Program Files\windows nt
2019-03-28 13:55 - 2018-09-15 17:09 - 000065536 _____ C:\Windows\system32\config\ELAM
2019-03-28 12:57 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\system32\GroupPolicy
2019-03-24 10:55 - 2018-09-15 18:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-03-18 09:11 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-03-17 16:05 - 2017-12-28 08:24 - 000000000 ____D C:\Buildbox Everything Collection
2019-03-16 08:38 - 2018-11-15 04:06 - 000437824 _____ C:\Windows\system32\FNTCACHE.DAT
2019-03-15 21:29 - 2018-09-15 20:11 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-03-15 21:29 - 2018-09-15 18:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-03-15 21:29 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\TextInput
2019-03-15 21:29 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\system32\oobe
2019-03-15 21:29 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\system32\appraiser
2019-03-15 21:29 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\ShellExperiences
2019-03-15 21:29 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\bcastdvr
2019-03-15 15:23 - 2018-11-15 04:14 - 002865152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2019-03-11 09:47 - 2011-01-17 13:44 - 000000000 ____D C:\Users\Aaron\Documents\How to Talk to Anyone [62 Little Tricks for Big Success in Relationships]
2019-03-11 09:17 - 2017-01-04 09:31 - 000000000 ____D C:\Users\Aaron\Desktop\End Game
2019-03-11 09:14 - 2017-09-07 14:20 - 000000000 ____D C:\Users\Aaron\Desktop\Drawing Inspo
2019-03-11 09:14 - 2017-04-27 11:53 - 000000000 ___RD C:\Users\Aaron\Desktop\Deadpool Sticker App Project
2019-03-11 09:13 - 2017-04-29 13:20 - 000000000 ____D C:\Users\Aaron\Desktop\Chalkboard App Research
2019-03-11 09:10 - 2016-01-17 22:48 - 000000000 ____D C:\Users\Aaron\Desktop\!HypoJumper
2019-03-11 09:09 - 2017-12-27 08:14 - 000000000 ____D C:\Users\Aaron\Desktop\Mobile Game Design
2019-03-11 09:09 - 2016-01-17 22:48 - 000000000 ____D C:\Users\Aaron\Desktop\MED103_Ass3_Tute1_SHEDDICK_Aaron
2019-03-11 09:09 - 2016-01-17 22:48 - 000000000 ____D C:\Users\Aaron\Desktop\MED103_Ass1_Tute1_SHEDDICK_Aaron
2019-03-11 09:09 - 2016-01-17 09:16 - 000000000 ____D C:\Users\Aaron\Desktop\Minecraft Inspo
2019-03-11 09:09 - 2015-09-28 11:00 - 000000000 ____D C:\Users\Aaron\Desktop\House Design
2019-03-11 08:36 - 2018-09-15 18:31 - 000000167 _____ C:\Windows\win.ini
2019-03-11 08:35 - 2018-09-15 18:33 - 000000000 ____D C:\Program Files\Common Files\system
2019-03-10 12:41 - 2018-11-15 04:06 - 000000000 ____D C:\Windows\Panther
2019-03-10 12:37 - 2018-09-15 18:31 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2019-03-10 09:06 - 2018-11-15 04:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-03-10 00:51 - 2018-09-15 20:11 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-03-10 00:51 - 2018-09-15 20:11 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-03-10 00:51 - 2018-09-15 18:33 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2019-03-10 00:51 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\SysWOW64\oobe
2019-03-10 00:51 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-03-10 00:51 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\system32\migwiz
2019-03-10 00:51 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\ShellComponents
2019-03-10 00:51 - 2018-09-15 17:09 - 000000000 ____D C:\Windows\system32\Dism
2019-03-09 20:19 - 2018-09-15 17:09 - 000000000 ____D C:\Windows\servicing
2019-03-09 18:26 - 2018-09-15 20:10 - 000000000 ____D C:\Windows\OCR
2019-03-09 18:12 - 2018-09-15 18:33 - 000000000 ____D C:\Windows\appcompat
2019-03-09 17:58 - 2018-11-15 04:12 - 000000000 ____D C:\ProgramData\Packages
2019-03-07 07:10 - 2017-05-17 13:06 - 000578992 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2019-03-07 07:10 - 2017-05-17 13:06 - 000489896 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2019-03-07 07:10 - 2017-05-17 13:06 - 000054184 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2019-03-07 07:10 - 2017-05-17 13:06 - 000051120 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 003743864 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 003372160 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 001672320 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 001218688 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000930736 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000767616 _____ (AMD) C:\Windows\system32\atieclxx.exe
2019-03-07 07:09 - 2017-05-17 13:06 - 000760752 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000561072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000500648 _____ C:\Windows\system32\dgtrayicon.exe
2019-03-07 07:09 - 2017-05-17 13:06 - 000488360 _____ C:\Windows\system32\GameManager64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000482216 _____ C:\Windows\system32\amdgfxinfo64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000476288 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000448128 _____ C:\Windows\system32\atieah64.exe
2019-03-07 07:09 - 2017-05-17 13:06 - 000391088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000390600 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000390576 _____ C:\Windows\SysWOW64\GameManager32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000361600 _____ C:\Windows\SysWOW64\atieah32.exe
2019-03-07 07:09 - 2017-05-17 13:06 - 000349104 _____ C:\Windows\system32\clinfo.exe
2019-03-07 07:09 - 2017-05-17 13:06 - 000248448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000219776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000191920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000177480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000170928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000166856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000160176 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000156320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000145832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000143784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000133032 _____ (AMD) C:\Windows\system32\atimuixx.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000131712 _____ C:\Windows\system32\atidxx64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000127920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdxc64.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000114328 _____ C:\Windows\SysWOW64\atidxx32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000113072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdxc32.dll
2019-03-07 07:09 - 2017-05-17 13:06 - 000077952 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ati2erec.dll
2019-03-07 03:11 - 2017-05-17 13:05 - 000137176 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2019-03-07 03:11 - 2017-05-17 13:05 - 000116024 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2019-03-07 03:09 - 2017-05-17 13:05 - 000559672 _____ C:\Windows\system32\amdmiracast.dll
2019-03-07 03:09 - 2017-05-17 13:05 - 000199848 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2019-03-07 03:09 - 2017-05-17 13:05 - 000176736 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2019-03-07 03:09 - 2017-05-17 13:05 - 000143208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2019-03-07 03:09 - 2017-05-17 13:05 - 000137200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2019-03-07 03:09 - 2017-05-17 13:05 - 000127976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2019-03-07 03:09 - 2017-05-17 13:05 - 000115816 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2019-03-07 02:54 - 2017-04-25 20:06 - 000906872 _____ C:\Windows\SysWOW64\atiapfxx.blb
2019-03-07 02:54 - 2017-04-25 20:06 - 000906872 _____ C:\Windows\system32\atiapfxx.blb
2019-03-07 02:54 - 2017-04-25 19:56 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2019-03-07 02:54 - 2017-04-25 19:51 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2019-03-03 11:45 - 2018-09-15 18:36 - 000835480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-03-03 11:45 - 2018-09-15 18:36 - 000179608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2019-03-28 12:54 - 2019-03-28 12:58 - 000722944 _____ () C:\Users\Aaron\AppData\Local\sha.db

Some files in TEMP:
====================
2019-03-28 12:58 - 2014-07-25 13:39 - 000293320 _____ (深圳市迅雷网络技术有限公司) C:\Users\Aaron\AppData\Local\Temp\xldl.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Capsize · Mar 30, 2019

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Aaron (31-03-2019 08:03:47)
Running from C:\Users\Aaron\Downloads
Windows 10 Pro Version 1809 17763.379 (X64) (2019-03-10 01:43:35)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Aaron (S-1-5-21-68770294-676844702-3198948009-1002 - Administrator - Enabled) => C:\Users\Aaron
Administrator (S-1-5-21-68770294-676844702-3198948009-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-68770294-676844702-3198948009-503 - Limited - Disabled)
Guest (S-1-5-21-68770294-676844702-3198948009-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-68770294-676844702-3198948009-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Firewall (Enabled) {362C5A58-E860-6396-9204-BEEEF20CA463}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.2.3 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASRRGBLED v1.0.34 (HKLM-x32\...\ASRock RGB LED_is1) (Version: 1.0.34 - ASRock Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 23.0.8.134 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 23.0.19.85 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 23.0.19.85 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
CPUID HWMonitor 1.40 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.40 - CPUID, Inc.)
Doom 2016 MULTi10 - ElAmigos version 6.66 (HKLM-x32\...\{6C967A93-A95F-4F65-A33A-EC8BC8750C2D}_is1) (Version: 6.66 - Bethesda Softworks)
Everything 1.4.1.932 (x86) (HKLM-x32\...\Everything) (Version: 1.4.1.932 - David Carpenter)
Far Cry New Dawn (HKLM-x32\...\Far Cry New Dawn_is1) (Version: - )
GlassWire 2.1 (remove only) (HKLM-x32\...\GlassWire 2.1) (Version: 2.1.152 - SecureMix LLC)
Google Chrome (HKU\S-1-5-21-68770294-676844702-3198948009-1002\...\Google Chrome) (Version: 72.0.3626.121 - Google Inc.)
Grammarly (HKU\S-1-5-21-68770294-676844702-3198948009-1002\...\GrammarlyForWindows) (Version: 1.4.23 - Grammarly)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.)
iTunes (HKLM\...\{6075F4D5-FEE4-4858-9F9F-0AECA2A5F673}) (Version: 12.9.3.3 - Apple Inc.)
Kingston SSD Manager version 1.1.1.8 (HKLM-x32\...\{9A5DD901-0B98-4F2B-9421-B5975014184F}_is1) (Version: 1.1.1.8 - Kingston Digital, Inc)
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Metro: Exodus (HKLM-x32\...\Metro: Exodus_is1) (Version: - )
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-68770294-676844702-3198948009-1002\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox 66.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 66.0.2 (x64 en-US)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
qBittorrent 4.1.5 (HKLM-x32\...\qBittorrent) (Version: 4.1.5 - The qBittorrent project)
RogueKiller version 13.1.9.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 13.1.9.0 - Adlice Software)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.3.0.1910 - Samsung Electronics)
Spotify (HKU\S-1-5-21-68770294-676844702-3198948009-1002\...\Spotify) (Version: 1.1.3.259.g8172f63a - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Засоби перевірки правопису Microsoft Office 2016 – українська (HKLM\...\{90160000-001F-0422-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (HKLM\...\{90160000-001F-0419-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-68770294-676844702-3198948009-1002_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-02-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06A66837-E2BC-449B-84F2-DEAEEAA0C957} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe (Bitdefender SRL -> Bitdefender)
Task: {193CFD3F-AE37-43BF-AE20-950F7C6DCB02} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {4126818C-51F9-46D8-AC51-E9E8C818B645} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {459AFD4F-EA42-4F94-AC88-EB01383324F5} - System32\Tasks\RogueKiller Anti-Malware => C:\Program Files\RogueKiller\RogueKiller64.exe (Adlice -> )
Task: {4BAA4891-C885-4BF5-96DD-D9269F8A49F4} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
Task: {50EC2E3E-61F0-4193-A782-0445CD908A61} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6D8FB416-4E6D-412A-A63D-81ABAB5655B3} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
Task: {731F973D-4A30-4FCA-B8D1-A58780718A3E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A2BB79EA-2B6E-4EE8-9E4A-1E419CEF90D6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.)
Task: {B2EA4A78-FA39-4F61-B98E-BA09D1116EC6} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {C7A88110-67D9-4C59-ACB1-D7749CFB46A2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C9A8415E-ADBF-4548-BDE3-605B9346E760} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe (Bitdefender SRL -> Bitdefender)
Task: {D5F978F6-4364-4A7D-B6BD-FDF8378E952A} - \{3D49CF6C-0214-4E94-A3ED-D169A9759DC8} -> No File <==== ATTENTION
Task: {F0E8FE37-9411-4E6E-B3F5-A5D374E612C3} - \Opera scheduled Autoupdate 711520318 -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive для бизнеса.lnk -> C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\grv_icons.exe () <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype для бизнеса 2016.lnk -> C:\Windows\Installer\{90160000-0011-0000-1000-0000000FF1CE}\lyncicon.exe () <==== Cyrillic

ShortcutWithArgument: C:\Users\Aaron\Desktop\Google Chrome.lnk -> C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Aaron\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic

==================== Loaded Modules (Whitelisted) ==============

2018-12-21 12:52 - 2018-12-21 12:52 - 000355328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 003699712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 076171264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 005590528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000461312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-12-21 12:51 - 2018-12-21 12:51 - 006303232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-12-21 12:51 - 2018-12-21 12:51 - 003556352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-12-21 12:51 - 2018-12-21 12:51 - 001077248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 002821632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-02-21 10:29 - 2019-02-21 10:29 - 005786112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000189952 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-12-21 12:51 - 2018-12-21 12:51 - 000323584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 001413632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-12-21 12:52 - 2018-12-21 12:52 - 002551808 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000345600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000331264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000502784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000327680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000089600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-12-21 12:52 - 2018-12-21 12:52 - 000137728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 000086016 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtWinExtras\qml_winextras.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 000037888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\Private\dialogsprivateplugin.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\folderlistmodel\qmlfolderlistmodelplugin.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt\labs\settings\qmlsettingsplugin.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-03-30 10:42 - 2019-03-13 09:22 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 18:31 - 2019-03-31 07:29 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-68770294-676844702-3198948009-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Aaron\Pictures\Firewatch1.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{46BFBA79-8B97-4B3B-8A16-366DA0A8C39B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{86EBB02F-DC19-434D-99A7-513D44FEA389}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E146546C-7647-4303-9E53-EBC7B901D749}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FBBFFE2F-5BB4-4EF5-B83B-CBB386BEE40B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0536B55E-D295-4F59-AEA7-A3BD02EFA18D}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{404DB66F-2809-426A-9F24-1F9237996AA7}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B43A32B7-AFD0-43AE-B54B-85DE8C39948C}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3783231B-F8EC-44CF-BAE8-354660A558B9}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4482064E-9EC3-4572-99E7-C36DAFB5832F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9FF3314D-E368-4106-AF35-A6A41C744150}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2C22D224-7CBB-4114-B067-1295B9062513}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{81AB7DD0-D4B2-4F31-A4B2-5F3A6402D224}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{74DB8C41-5069-4798-88EA-DECE2AE0D499}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BBE0F4CC-0CF0-42DD-80A0-C6CCD42810B6}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{338A2B31-78B4-4E4F-9CB7-95303C878B01}C:\users\aaron\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\aaron\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{6422FEB1-450D-4C3E-8513-5293E098D3E8}C:\users\aaron\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\aaron\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{197B298B-6466-4E68-ABF7-17011467222C}] => (Allow) C:\Users\Aaron\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{DBEED114-DAA4-477B-A1DF-081759CE281E}] => (Allow) C:\Users\Aaron\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{EEEE2DC2-E7A9-4871-9177-1338B39CFB1A}] => (Allow) C:\Users\Aaron\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{9E379208-8C90-4358-895B-10EF56E646EF}] => (Allow) C:\Users\Aaron\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{7AD88646-1411-42CA-8C21-9EA4F678DCE9}] => (Allow) C:\Users\Aaron\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{627FF6A6-AEB7-4D37-B26F-06255AC70B22}] => (Allow) C:\Users\Aaron\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{D8C853E6-D980-4F8B-83EA-3A207B65DC0D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{5C1B5BD9-5F5A-4035-9E3B-81457973CA08}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{974C6777-ADA3-4957-ACF8-5921EBA7A7BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DawnOfMan\DawnOfMan.exe () [File not signed]
FirewallRules: [{94E92589-2B8C-42BD-A123-960B833B2F17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DawnOfMan\DawnOfMan.exe () [File not signed]
FirewallRules: [{1EF58BDF-0291-454F-B5BC-EA52AFDA9B9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{14C5DDF7-6284-4D2C-AEE5-EB11E69FFF49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe () [File not signed]
FirewallRules: [{1ED10DAF-0DA1-4BB6-A7E3-AAA226C47F2B}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{C481D77A-0FC5-4623-A76A-0CF5A34153FF}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{8503442D-4324-4F27-B4BC-3289FB34BE47}] => (Allow) C:\Windows\SysWOW64\TCPSVCS.EXE (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C3C2DEFA-0705-45EE-A3B1-48E3B0C6FDC6}] => (Allow) C:\Users\Aaron\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{0347E0B6-C688-4683-836B-7634E8FBC5C0}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
FirewallRules: [{BE7D47D9-5D40-4D2B-8E05-67C5FB7C6555}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe (GlassWire -> SecureMix LLC)
FirewallRules: [TCP Query User{916DAAAF-9626-4769-8DCD-8740D1A7986C}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [File not signed]
FirewallRules: [UDP Query User{96925035-8590-4579-A7DA-81998662D9CD}C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe () [File not signed]

==================== Restore Points =========================

18-03-2019 10:27:31 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123
24-03-2019 10:22:05 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
29-03-2019 03:50:17 Windows Update
29-03-2019 12:01:46 Friday 29/3/19

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/30/2019 01:07:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: setup.tmp, version: 51.1052.0.0, time stamp: 0x506a75b5
Faulting module name: botva2.dll_unloaded, version: 0.9.7.151, time stamp: 0x2a425e19
Exception code: 0xc000041d
Fault offset: 0x00005514
Faulting process id: 0x1668
Faulting application start time: 0x01d4e68c774d34e1
Faulting application path: C:\Users\Aaron\AppData\Local\Temp\is-OD32R.tmp\setup.tmp
Faulting module path: botva2.dll
Report Id: 86073ed9-06bd-414f-9891-2a81f25bf33e
Faulting package full name:
Faulting package-relative application ID:

Error: (03/30/2019 01:07:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: setup.tmp, version: 51.1052.0.0, time stamp: 0x506a75b5
Faulting module name: botva2.dll_unloaded, version: 0.9.7.151, time stamp: 0x2a425e19
Exception code: 0xc0000005
Fault offset: 0x00005514
Faulting process id: 0x1668
Faulting application start time: 0x01d4e68c774d34e1
Faulting application path: C:\Users\Aaron\AppData\Local\Temp\is-OD32R.tmp\setup.tmp
Faulting module path: botva2.dll
Report Id: cd3a23f6-a190-4ea6-a226-e568f17f6132
Faulting package full name:
Faulting package-relative application ID:

Error: (03/30/2019 10:57:39 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

Error: (03/29/2019 06:02:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64(1).exe version 16.1.2019.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 264c

Start Time: 01d4e5fc7952b814

Termination Time: 4294967295

Application Path: C:\Users\Aaron\Downloads\FRST64(1).exe

Report Id: e04df607-08a9-42d7-8c98-568593fe76b7

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (03/29/2019 05:42:15 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

Error: (03/29/2019 05:30:17 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

Error: (03/29/2019 03:03:19 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

Error: (03/29/2019 11:58:58 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe

System errors:
=============
Error: (03/31/2019 08:04:16 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KIM1OD5)
Description: The server {9E175B6D-F52A-11D8-B9A5-505054503030} did not register with DCOM within the required timeout.

Error: (03/31/2019 08:04:07 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KIM1OD5)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-KIM1OD5\Aaron SID (S-1-5-21-68770294-676844702-3198948009-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/31/2019 08:04:07 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-KIM1OD5)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-KIM1OD5\Aaron SID (S-1-5-21-68770294-676844702-3198948009-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/31/2019 08:02:16 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KIM1OD5)
Description: The server {E48EDA45-43C6-48E0-9323-A7B2067D9CD5} did not register with DCOM within the required timeout.

Error: (03/31/2019 08:00:16 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KIM1OD5)
Description: The server {9E175B6D-F52A-11D8-B9A5-505054503030} did not register with DCOM within the required timeout.

Error: (03/31/2019 07:58:16 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KIM1OD5)
Description: The server {9E175B6D-F52A-11D8-B9A5-505054503030} did not register with DCOM within the required timeout.

Error: (03/31/2019 07:56:16 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KIM1OD5)
Description: The server {9E175B6D-F52A-11D8-B9A5-505054503030} did not register with DCOM within the required timeout.

Error: (03/31/2019 07:54:16 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KIM1OD5)
Description: The server {9E175B6D-F52A-11D8-B9A5-505054503030} did not register with DCOM within the required timeout.

CodeIntegrity:
===================================

Date: 2019-03-31 08:03:55.817
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-31 08:03:55.816
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-31 08:03:55.362
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-31 08:03:55.361
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-03-31 08:03:12.926
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2019-03-31 08:03:12.925
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2019-03-31 08:01:29.105
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2019-03-31 08:01:29.104
Description:
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-9700K CPU @ 3.60GHz
Percentage of memory in use: 60%
Total physical RAM: 16303.84 MB
Available physical RAM: 6479.87 MB
Total Virtual: 23983.84 MB
Available Virtual: 8994.95 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:837.81 GB) (Free:365.25 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Local Disk) (Fixed) (Total:222.73 GB) (Free:177.77 GB) NTFS
Drive f: (Local Disk) (Fixed) (Total:111.66 GB) (Free:111.46 GB) NTFS
Drive g: (Local Disk) (Fixed) (Total:349.67 GB) (Free:110.43 GB) NTFS
Drive h: () (Fixed) (Total:459.31 GB) (Free:263.18 GB) NTFS

\\?\Volume{7457dbb5-bc11-42c3-9f57-5a7c694c7c10}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{97bfd2d8-0000-0000-0000-20af37000000}\ () (Fixed) (Total:0.83 GB) (Free:0.45 GB) NTFS
\\?\Volume{39103875-f9a9-461e-9c27-2e4a67c759b6}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: C26DC26D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=809 GB) - (Type=05)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 97BFD2D8)
Partition 1: (Active) - (Size=222.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=852 MB) - (Type=27)

========================================================
Disk: 2 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: 213C6902)

Partition: GPT.

==================== End of Addition.txt ============================

Broni · Mar 31, 2019

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Capsize · Apr 2, 2019

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Aaron (03-04-2019 12:26:05) Run:1
Running from C:\Users\Aaron\Desktop
Loaded Profiles: Aaron (Available Profiles: Aaron)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
2019-03-28 12:54 - 2019-03-28 12:58 - 000722944 _____ () C:\Users\Aaron\AppData\Local\sha.db
2019-03-28 12:58 - 2014-07-25 13:39 - 000293320 _____ (深圳市迅雷网络技术有限公司) C:\Users\Aaron\AppData\Local\Temp\xldl.dll
Task: {D5F978F6-4364-4A7D-B6BD-FDF8378E952A} - \{3D49CF6C-0214-4E94-A3ED-D169A9759DC8} -> No File <==== ATTENTION
Task: {F0E8FE37-9411-4E6E-B3F5-A5D374E612C3} - \Opera scheduled Autoupdate 711520318 -> No File <==== ATTENTION
FirewallRules: [{197B298B-6466-4E68-ABF7-17011467222C}] => (Allow) C:\Users\Aaron\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{DBEED114-DAA4-477B-A1DF-081759CE281E}] => (Allow) C:\Users\Aaron\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{EEEE2DC2-E7A9-4871-9177-1338B39CFB1A}] => (Allow) C:\Users\Aaron\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{9E379208-8C90-4358-895B-10EF56E646EF}] => (Allow) C:\Users\Aaron\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{7AD88646-1411-42CA-8C21-9EA4F678DCE9}] => (Allow) C:\Users\Aaron\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{627FF6A6-AEB7-4D37-B26F-06255AC70B22}] => (Allow) C:\Users\Aaron\AppData\Roaming\uTorrent\uTorrent.exe No File

*****************

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Users\Aaron\AppData\Local\sha.db => moved successfully
C:\Users\Aaron\AppData\Local\Temp\xldl.dll => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5F978F6-4364-4A7D-B6BD-FDF8378E952A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5F978F6-4364-4A7D-B6BD-FDF8378E952A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3D49CF6C-0214-4E94-A3ED-D169A9759DC8}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F0E8FE37-9411-4E6E-B3F5-A5D374E612C3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0E8FE37-9411-4E6E-B3F5-A5D374E612C3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 711520318" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{197B298B-6466-4E68-ABF7-17011467222C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DBEED114-DAA4-477B-A1DF-081759CE281E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EEEE2DC2-E7A9-4871-9177-1338B39CFB1A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9E379208-8C90-4358-895B-10EF56E646EF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7AD88646-1411-42CA-8C21-9EA4F678DCE9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{627FF6A6-AEB7-4D37-B26F-06255AC70B22}" => removed successfully

The system needed a reboot.

==== End of Fixlog 12:26:05 ====

Broni · Apr 4, 2019

Last scans...

Download Security Check from here or here and save it to your Desktop.

Double-click SecurityCheck.exe
Follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
Make sure the following options are checked:

Internet Services
Windows Firewall
System Restore
Security Center
Windows Update
Windows Defender
Other Services

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

Download Sophos Free Virus Removal Tool and save it to your desktop.

Double click the icon and select Run
Click Next
Select I accept the terms in this license agreement, then click Next twice
Click Install
Click Finish to launch the program
Once the virus database has been updated click Start Scanning
If any threats are found click Details, then View log file... (bottom left hand corner)
Copy and paste the results in your reply
Close the Notepad document, close the Threat Details screen, then click Start cleanup
Click Exit to close the program

Capsize · Apr 7, 2019

Results of screen317's Security Check version 1.014 --- 12/23/15
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
Malwarebytes
Bitdefender Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Google Chrome (72.0.3626.121)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Bitdefender Bitdefender Security vsserv.exe
Bitdefender Bitdefender Device Management DevMgmtService.exe
Bitdefender Bitdefender Security bdservicehost.exe
Bitdefender Bitdefender Security updatesrv.exe
Bitdefender Agent ProductAgentService.exe
Common Files Bitdefender SetupInformation Bitdefender RedLine\bdredline.exe
Bitdefender Bitdefender Security bdagent.exe
Bitdefender Bitdefender Security bdwtxcr.exe
Bitdefender Bitdefender Security bdwtxag.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

Capsize · Apr 7, 2019

Farbar Service Scanner Version: 27-01-2016
Ran by Aaron (administrator) on 07-04-2019 at 20:16:46
Running from "C:\Users\Aaron\Downloads"
Microsoft Windows 10 Pro (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Policy:
========================

Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed

**** End of log ****

Broni · Apr 8, 2019

Sophos?

Solved Rundll32.exe being stoped by antivirus

Posts: 21 +0

Posts: 56,041 +516

Posts: 21 +0

Posts: 21 +0

Posts: 21 +0

Posts: 21 +0

Posts: 21 +0

Posts: 21 +0

Posts: 56,041 +516

Posts: 21 +0

Posts: 21 +0

Posts: 21 +0

Posts: 56,041 +516

Posts: 21 +0

Posts: 21 +0

Posts: 21 +0

Posts: 21 +0

Posts: 21 +0

Posts: 21 +0

Posts: 56,041 +516

Attachments

Posts: 21 +0

Posts: 56,041 +516

Posts: 21 +0

Posts: 21 +0

Posts: 56,041 +516

Similar threads