Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.11.2018
Ran by f (administrator) on DESKTOP-IHEBHBU (23-11-2018 14:26:13)
Running from C:\Users\f\Downloads
Loaded Profiles: f (Available Profiles: f & b & c & a & d)
Platform: Windows 10 Enterprise Evaluation Version 1703 15063.1418 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Microsoft Corporation) C:\Windows\System32\wlms\wlms.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(BitTorrent Inc.) C:\Users\f\AppData\Roaming\uTorrent Web\utweb.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe\HxAccounts.exe
() G:\Epic Games\Fortnite\FortniteGame\Binaries\Win64\FortniteLauncher.exe
(BattlEye Innovations) G:\Epic Games\Fortnite\FortniteGame\Binaries\Win64\FortniteClient-Win64-Shipping_BE.exe
() C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
(Epic Games, Inc.) G:\Epic Games\Fortnite\FortniteGame\Binaries\Win64\FortniteClient-Win64-Shipping.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18382304 2017-11-22] (Realtek Semiconductor)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (CANON INC.)
HKU\S-1-5-21-3065739905-2526270316-2055778871-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [34917264 2018-11-19] (Epic Games, Inc.)
HKU\S-1-5-21-3065739905-2526270316-2055778871-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3131680 2018-11-09] (Valve Corporation)
HKU\S-1-5-21-3065739905-2526270316-2055778871-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7407392 2018-11-22] (Lavasoft)
HKU\S-1-5-21-3065739905-2526270316-2055778871-1001\...\Run: [utweb] => C:\Users\f\AppData\Roaming\uTorrent Web\utweb.exe [5456560 2018-09-06] (BitTorrent Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{421c5acc-19f2-4830-b6b7-ace2c54b6d80}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-3065739905-2526270316-2055778871-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10420__181101
SearchScopes: HKU\S-1-5-21-3065739905-2526270316-2055778871-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10420__181101&q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
FireFox:
========
FF DefaultProfile: u245qrzg.default
FF ProfilePath: C:\Users\f\AppData\Roaming\Mozilla\Firefox\Profiles\u245qrzg.default [2018-11-23]
FF Homepage: Mozilla\Firefox\Profiles\u245qrzg.default -> chrome://speeddial/content/speeddial.xul
FF NewTab: Mozilla\Firefox\Profiles\u245qrzg.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10420__181101
FF Extension: (FireGestures) - C:\Users\f\AppData\Roaming\Mozilla\Firefox\Profiles\u245qrzg.default\Extensions\firegestures@xuldev.org.xpi [2018-11-11] [Legacy]
FF Extension: (Speed Dial) - C:\Users\f\AppData\Roaming\Mozilla\Firefox\Profiles\u245qrzg.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2018-11-11] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\f\AppData\Roaming\Mozilla\Firefox\Profiles\u245qrzg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-11-15]
FF Extension: (Google Code Correction) - C:\Users\f\AppData\Roaming\Mozilla\Firefox\Profiles\u245qrzg.default\features\{dcb8fdb2-700d-45e0-a163-b0e6ef4c41a9}\google-code-correction@mozilla.org.xpi [2018-11-10] [Legacy]
FF Extension: (Telemetry coverage) - C:\Users\f\AppData\Roaming\Mozilla\Firefox\Profiles\u245qrzg.default\features\{dcb8fdb2-700d-45e0-a163-b0e6ef4c41a9}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-11-10] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_153.dll [2018-11-21] ()
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_153.dll [2018-11-21] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7356680 2018-10-03] ()
R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [153736 2016-06-02] (CANON INC.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2018-09-14] (EasyAntiCheat Ltd)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397472 2018-03-15] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2018-11-01] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2018-06-07] (Microsoft Corporation)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25888 2018-11-22] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-22] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-10-22] (Microsoft Corporation)
R2 WLMS; C:\Windows\system32\wlms\wlms.exe [26112 2017-03-18] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [34696 2017-10-10] (Advanced Micro Devices, Inc)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [33144 2017-10-16] (Advanced Micro Devices, Inc)
R3 AMDPCIDev; C:\Windows\System32\drivers\AMDPCIDev.sys [31584 2018-01-02] (Advanced Micro Devices)
R0 amdpsp; C:\Windows\System32\drivers\amdpsp.sys [137104 2017-11-08] (Advanced Micro Devices, Inc. )
R3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [2551864 2018-11-23] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_708ec8f9a4d134c6\nvlddmkm.sys [17544792 2018-04-12] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1010648 2017-10-20] (Realtek )
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46184 2018-10-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [328696 2018-10-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-23 14:26 - 2018-11-23 14:26 - 000011451 _____ C:\Users\f\Downloads\FRST.txt
2018-11-23 14:26 - 2018-11-23 14:26 - 000000000 ____D C:\FRST
2018-11-23 14:25 - 2018-11-23 14:25 - 002416640 _____ (Farbar) C:\Users\f\Downloads\FRST64.exe
2018-11-23 14:19 - 2018-11-23 14:19 - 000000000 ____D C:\rsit
2018-11-23 14:19 - 2018-11-23 14:19 - 000000000 ____D C:\Program Files\trend micro
2018-11-23 13:53 - 2018-11-23 13:53 - 001222144 _____ C:\Users\f\Downloads\RSITx64.exe
2018-11-22 18:26 - 2018-11-22 18:26 - 000000048 _____ C:\Users\f\Documents\superpasword.txt
2018-11-20 13:58 - 2018-11-20 13:58 - 000000000 ____D C:\Users\d\AppData\Local\MicrosoftEdge
2018-11-19 18:43 - 2018-11-19 18:43 - 000000000 ____D C:\Users\d\Documents\My Games
2018-11-19 18:43 - 2018-11-19 18:43 - 000000000 ____D C:\Users\d\Documents\CPY_SAVES
2018-11-18 05:22 - 2018-11-18 05:22 - 000000000 ____D C:\Users\d\Documents\Rockstar Games
2018-11-18 05:22 - 2018-11-18 05:22 - 000000000 ____D C:\Users\d\AppData\Local\Rockstar Games
2018-11-17 02:50 - 2018-11-17 03:13 - 000000000 ____D C:\Users\f\Documents\regsdfg
2018-11-17 01:42 - 2018-11-17 01:49 - 000000000 ____D C:\Users\d\AppData\Roaming\vlc
2018-11-16 16:20 - 2018-11-16 16:20 - 000000000 ____D C:\Users\d\AppData\Local\DBG
2018-11-16 16:20 - 2018-11-16 16:20 - 000000000 ____D C:\Users\d\AppData\Local\CrashReportClient
2018-11-15 06:37 - 2018-11-15 06:37 - 000000000 ____D C:\Users\f\AppData\Roaming\slobs-plugins
2018-11-14 03:25 - 2018-11-14 03:25 - 000000000 ____D C:\Users\d\AppData\Roaming\slobs-plugins
2018-11-14 03:25 - 2018-11-14 03:25 - 000000000 ____D C:\Users\d\AppData\Roaming\obs-studio-node-server
2018-11-14 03:23 - 2018-11-15 04:49 - 000000000 ____D C:\Users\d\AppData\Roaming\slobs-client
2018-11-14 03:23 - 2018-11-14 03:23 - 000000000 ____D C:\Users\d\AppData\Roaming\Streamlabs OBS
2018-11-12 11:03 - 2018-11-12 11:03 - 000000000 ____D C:\Users\d\AppData\Local\Comms
2018-11-12 11:01 - 2018-11-12 11:01 - 000000000 ____D C:\Users\d\AppData\Local\Speech Graphics
2018-11-12 10:59 - 2018-11-12 10:59 - 000000000 ___HD C:\Users\d\Ap
2018-11-12 10:53 - 2018-11-12 10:53 - 000000000 ____D C:\Users\d\AppData\Local\NVIDIA Corporation
2018-11-12 10:52 - 2018-11-12 10:52 - 000000000 ____D C:\Users\d\AppData\Roaming\EasyAntiCheat
2018-11-12 10:52 - 2018-11-12 10:52 - 000000000 ____D C:\Users\d\AppData\Local\FortniteGame
2018-11-12 10:48 - 2018-11-19 16:56 - 000000000 ____D C:\Users\d\AppData\Roaming\Canon
2018-11-12 10:48 - 2018-11-13 10:48 - 000003370 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3065739905-2526270316-2055778871-1005
2018-11-12 10:48 - 2018-11-13 10:48 - 000002355 _____ C:\Users\d\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-12 10:48 - 2018-11-13 10:48 - 000000000 ___RD C:\Users\d\OneDrive
2018-11-12 10:48 - 2018-11-12 10:48 - 000000000 ____D C:\Users\d\AppData\Local\UnrealEngineLauncher
2018-11-12 10:48 - 2018-11-12 10:48 - 000000000 ____D C:\Users\d\AppData\Local\UnrealEngine
2018-11-12 10:48 - 2018-11-12 10:48 - 000000000 ____D C:\Users\d\AppData\Local\EpicGamesLauncher
2018-11-12 10:48 - 2018-11-12 10:48 - 000000000 ____D C:\Users\d\AppData\Local\CEF
2018-11-12 10:47 - 2018-11-22 03:03 - 000000000 ____D C:\Users\d
2018-11-12 10:47 - 2018-11-22 01:29 - 000000000 ____D C:\Users\d\AppData\LocalLow\Mozilla
2018-11-12 10:47 - 2018-11-13 10:46 - 000000000 ____D C:\Users\d\AppData\Local\Packages
2018-11-12 10:47 - 2018-11-12 10:47 - 000000020 ___SH C:\Users\d\ntuser.ini
2018-11-12 10:47 - 2018-11-12 10:47 - 000000000 ____D C:\Users\d\AppData\Roaming\Mozilla
2018-11-12 10:47 - 2018-11-12 10:47 - 000000000 ____D C:\Users\d\AppData\Roaming\Adobe
2018-11-12 10:47 - 2018-11-12 10:47 - 000000000 ____D C:\Users\d\AppData\Local\VirtualStore
2018-11-12 10:47 - 2018-11-12 10:47 - 000000000 ____D C:\Users\d\AppData\Local\TileDataLayer
2018-11-12 10:47 - 2018-11-12 10:47 - 000000000 ____D C:\Users\d\AppData\Local\Publishers
2018-11-12 10:47 - 2018-11-12 10:47 - 000000000 ____D C:\Users\d\AppData\Local\Mozilla
2018-11-12 10:47 - 2018-11-12 10:47 - 000000000 ____D C:\Users\d\AppData\Local\ConnectedDevicesPlatform
2018-11-12 10:40 - 2018-11-12 10:40 - 000003370 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3065739905-2526270316-2055778871-1004
2018-11-12 10:39 - 2018-11-12 10:40 - 000002355 _____ C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-12 10:39 - 2018-11-12 10:40 - 000000000 ___RD C:\Users\a\OneDrive
2018-11-12 10:39 - 2018-11-12 10:39 - 000000000 ____D C:\Users\a\AppData\Roaming\Mozilla
2018-11-12 10:39 - 2018-11-12 10:39 - 000000000 ____D C:\Users\a\AppData\Roaming\Canon
2018-11-12 10:39 - 2018-11-12 10:39 - 000000000 ____D C:\Users\a\AppData\LocalLow\Mozilla
2018-11-12 10:39 - 2018-11-12 10:39 - 000000000 ____D C:\Users\a\AppData\Local\UnrealEngineLauncher
2018-11-12 10:39 - 2018-11-12 10:39 - 000000000 ____D C:\Users\a\AppData\Local\UnrealEngine
2018-11-12 10:39 - 2018-11-12 10:39 - 000000000 ____D C:\Users\a\AppData\Local\Mozilla
2018-11-12 10:39 - 2018-11-12 10:39 - 000000000 ____D C:\Users\a\AppData\Local\EpicGamesLauncher
2018-11-12 10:39 - 2018-11-12 10:39 - 000000000 ____D C:\Users\a\AppData\Local\CEF
2018-11-12 10:38 - 2018-11-12 10:47 - 000000000 ____D C:\Users\a
2018-11-12 10:38 - 2018-11-12 10:40 - 000000000 ____D C:\Users\a\AppData\Local\Packages
2018-11-12 10:38 - 2018-11-12 10:38 - 000000020 ___SH C:\Users\a\ntuser.ini
2018-11-12 10:38 - 2018-11-12 10:38 - 000000000 ____D C:\Users\a\AppData\Roaming\Adobe
2018-11-12 10:38 - 2018-11-12 10:38 - 000000000 ____D C:\Users\a\AppData\Local\VirtualStore
2018-11-12 10:38 - 2018-11-12 10:38 - 000000000 ____D C:\Users\a\AppData\Local\TileDataLayer
2018-11-12 10:38 - 2018-11-12 10:38 - 000000000 ____D C:\Users\a\AppData\Local\Publishers
2018-11-12 10:38 - 2018-11-12 10:38 - 000000000 ____D C:\Users\a\AppData\Local\ConnectedDevicesPlatform
2018-11-12 08:42 - 2018-11-12 08:42 - 000000000 ___HD C:\Users\c\Ap
2018-11-12 08:39 - 2018-11-12 08:39 - 000000000 ____D C:\Users\c\AppData\Local\Comms
2018-11-12 08:37 - 2018-11-12 08:37 - 000000000 ____D C:\Users\c\AppData\Local\MicrosoftEdge
2018-11-12 08:36 - 2018-11-12 08:36 - 000000000 ____D C:\Users\c\AppData\Local\NVIDIA Corporation
2018-11-12 08:35 - 2018-11-12 08:35 - 000000000 ____D C:\Users\c\AppData\Roaming\EasyAntiCheat
2018-11-12 08:35 - 2018-11-12 08:35 - 000000000 ____D C:\Users\c\AppData\Local\FortniteGame
2018-11-12 08:27 - 2018-11-12 08:27 - 000000314 _____ C:\Users\c\Desktop\Fortnite.url
2018-11-12 08:26 - 2018-11-12 09:26 - 000000000 ____D C:\Users\c\AppData\LocalLow\Mozilla
2018-11-12 08:26 - 2018-11-12 08:26 - 000000000 ____D C:\Users\c\AppData\Roaming\Mozilla
2018-11-12 08:26 - 2018-11-12 08:26 - 000000000 ____D C:\Users\c\AppData\Local\Mozilla
2018-11-12 08:24 - 2018-11-12 08:24 - 000003370 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3065739905-2526270316-2055778871-1003
2018-11-12 08:23 - 2018-11-12 09:59 - 000000000 ____D C:\Users\c
2018-11-12 08:23 - 2018-11-12 08:53 - 000000000 ____D C:\Users\c\AppData\Local\Packages
2018-11-12 08:23 - 2018-11-12 08:53 - 000000000 ____D C:\Users\c\AppData\Local\ConnectedDevicesPlatform
2018-11-12 08:23 - 2018-11-12 08:24 - 000002355 _____ C:\Users\c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-12 08:23 - 2018-11-12 08:24 - 000000000 ___RD C:\Users\c\OneDrive
2018-11-12 08:23 - 2018-11-12 08:23 - 000000020 ___SH C:\Users\c\ntuser.ini
2018-11-12 08:23 - 2018-11-12 08:23 - 000000000 ____D C:\Users\c\AppData\Roaming\Canon
2018-11-12 08:23 - 2018-11-12 08:23 - 000000000 ____D C:\Users\c\AppData\Roaming\Adobe
2018-11-12 08:23 - 2018-11-12 08:23 - 000000000 ____D C:\Users\c\AppData\Local\VirtualStore
2018-11-12 08:23 - 2018-11-12 08:23 - 000000000 ____D C:\Users\c\AppData\Local\UnrealEngineLauncher
2018-11-12 08:23 - 2018-11-12 08:23 - 000000000 ____D C:\Users\c\AppData\Local\UnrealEngine
2018-11-12 08:23 - 2018-11-12 08:23 - 000000000 ____D C:\Users\c\AppData\Local\TileDataLayer
2018-11-12 08:23 - 2018-11-12 08:23 - 000000000 ____D C:\Users\c\AppData\Local\Publishers
2018-11-12 08:23 - 2018-11-12 08:23 - 000000000 ____D C:\Users\c\AppData\Local\EpicGamesLauncher
2018-11-12 08:23 - 2018-11-12 08:23 - 000000000 ____D C:\Users\c\AppData\Local\CEF
2018-11-11 05:09 - 2018-11-11 05:09 - 000000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2018-11-11 05:09 - 2018-11-11 05:09 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-11-11 04:52 - 2018-11-11 04:52 - 038652496 _____ (Mozilla) C:\Users\f\Downloads\Firefox%20Setup%2056.0.2.exe
2018-11-10 15:09 - 2018-11-10 15:09 - 000000000 ____D C:\Users\f\AppData\Roaming\FastStone
2018-11-10 00:54 - 2018-11-10 00:54 - 000000000 ____D C:\Users\b\AppData\Roaming\Macromedia
2018-11-10 00:31 - 2018-11-12 10:00 - 000000000 ____D C:\Users\b\Desktop\pornhub
2018-11-10 00:26 - 2018-11-10 00:26 - 039358112 _____ (Mozilla) C:\Users\b\Downloads\Firefox Setup 56.0.1.exe
2018-11-09 07:54 - 2018-11-09 07:54 - 000000000 ____D C:\Users\f\AppData\Local\Rekenwonder_Software
2018-11-09 07:50 - 2018-11-09 07:51 - 000000000 ____D C:\Users\f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Junction Link Magic
2018-11-09 07:50 - 2018-11-09 07:50 - 000000000 ____D C:\Program Files\Rekenwonder Software
2018-11-09 07:49 - 2018-11-09 07:49 - 000348981 _____ ( ) C:\Users\b\Downloads\linkmagic2(1).exe
2018-11-09 07:14 - 2018-11-09 07:14 - 000000000 ____D C:\Users\b\AppData\Roaming\FastStone
2018-11-09 07:11 - 2018-11-09 07:11 - 000001196 _____ C:\Users\Public\Desktop\FastStone Image Viewer.lnk
2018-11-09 07:11 - 2018-11-09 07:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
2018-11-09 07:11 - 2018-11-09 07:11 - 000000000 ____D C:\Program Files (x86)\FastStone Image Viewer
2018-11-09 07:10 - 2018-11-09 07:10 - 006996237 _____ C:\Users\b\Downloads\FSViewerSetup67.exe
2018-11-08 11:10 - 2018-11-08 11:10 - 000348981 _____ ( ) C:\Users\b\Downloads\linkmagic2.exe
2018-11-07 11:17 - 2018-10-10 00:17 - 007910048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-11-07 11:17 - 2018-10-10 00:16 - 000627184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2018-11-07 11:17 - 2018-10-10 00:16 - 000367608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2018-11-07 11:17 - 2018-10-10 00:05 - 001618880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-11-07 11:17 - 2018-10-09 23:59 - 000115208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinelsa.dll
2018-11-07 11:17 - 2018-10-09 23:58 - 006768896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-07 11:17 - 2018-10-09 23:56 - 000124648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-11-07 11:17 - 2018-10-09 23:44 - 020525568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2018-11-07 11:17 - 2018-10-09 23:44 - 013849600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2018-11-07 11:17 - 2018-10-09 23:44 - 002949120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2018-11-07 11:17 - 2018-10-09 23:44 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-11-07 11:17 - 2018-10-09 23:43 - 002199552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2018-11-07 11:17 - 2018-10-09 23:42 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-11-07 11:17 - 2018-10-09 23:41 - 012264448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-11-07 11:17 - 2018-10-09 23:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2018-11-07 11:17 - 2018-10-09 23:39 - 019356672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-11-07 11:17 - 2018-10-09 23:39 - 000588800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2018-11-07 11:17 - 2018-10-09 23:39 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2018-11-07 11:17 - 2018-10-09 23:37 - 001233408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2018-11-07 11:17 - 2018-10-09 23:37 - 000397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-11-07 11:17 - 2018-10-09 23:35 - 006257664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2018-11-07 11:17 - 2018-10-09 23:34 - 002341376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2018-11-07 11:17 - 2018-10-09 23:33 - 004558848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2018-11-07 11:17 - 2018-10-09 23:33 - 001627648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-11-07 11:17 - 2018-10-09 21:14 - 000804288 _____ C:\Windows\SysWOW64\locale.nls
2018-11-07 11:17 - 2018-10-09 21:14 - 000804288 _____ C:\Windows\system32\locale.nls
2018-11-07 11:16 - 2018-10-10 05:58 - 000017806 ____R C:\Windows\system32\CaptureToast.hcp
2018-11-07 11:16 - 2018-10-10 05:57 - 000125015 ____R C:\Windows\system32\CaptureCountdown.hcp
2018-11-07 11:16 - 2018-10-10 05:57 - 000119017 ____R C:\Windows\system32\CaptureBrackets.hcp
2018-11-07 11:16 - 2018-10-10 05:53 - 001161216 ____R (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.Internal.Capture.UX.dll
2018-11-07 11:16 - 2018-10-10 00:29 - 001610744 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-11-07 11:16 - 2018-10-10 00:29 - 000309752 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-11-07 11:16 - 2018-10-10 00:29 - 000144888 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-11-07 11:16 - 2018-10-10 00:28 - 000451896 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-11-07 11:16 - 2018-10-10 00:28 - 000069944 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2018-11-07 11:16 - 2018-10-10 00:27 - 002868728 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-11-07 11:16 - 2018-10-10 00:27 - 000966968 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
2018-11-07 11:16 - 2018-10-10 00:27 - 000823096 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
2018-11-07 11:16 - 2018-10-10 00:27 - 000792376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-11-07 11:16 - 2018-10-10 00:27 - 000751168 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2018-11-07 11:16 - 2018-10-10 00:27 - 000689656 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-11-07 11:16 - 2018-10-10 00:27 - 000612152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-11-07 11:16 - 2018-10-10 00:27 - 000480760 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2018-11-07 11:16 - 2018-10-10 00:27 - 000077112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2018-11-07 11:16 - 2018-10-10 00:27 - 000035128 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2018-11-07 11:16 - 2018-10-10 00:26 - 001199416 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2018-11-07 11:16 - 2018-10-10 00:26 - 001039160 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2018-11-07 11:16 - 2018-10-10 00:26 - 000445752 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-11-07 11:16 - 2018-10-10 00:24 - 000137016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-11-07 11:16 - 2018-10-10 00:23 - 008320824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-11-07 11:16 - 2018-10-10 00:23 - 001930728 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-11-07 11:16 - 2018-10-10 00:22 - 000170808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-11-07 11:16 - 2018-10-10 00:21 - 000528376 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2018-11-07 11:16 - 2018-10-10 00:21 - 000182008 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-11-07 11:16 - 2018-10-10 00:19 - 000741888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2018-11-07 11:16 - 2018-10-10 00:19 - 000666120 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll
2018-11-07 11:16 - 2018-10-10 00:18 - 000872568 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2018-11-07 11:16 - 2018-10-10 00:18 - 000643800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-11-07 11:16 - 2018-10-10 00:18 - 000545784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2018-11-07 11:16 - 2018-10-10 00:18 - 000128544 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2018-11-07 11:16 - 2018-10-10 00:17 - 000094712 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2018-11-07 11:16 - 2018-10-10 00:15 - 000058584 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-11-07 11:16 - 2018-10-09 23:49 - 023689728 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2018-11-07 11:16 - 2018-10-09 23:33 - 003665408 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2018-11-07 11:16 - 2018-10-09 23:32 - 017373184 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2018-11-07 11:16 - 2018-10-09 23:32 - 000123392 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-11-07 11:16 - 2018-10-09 23:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2018-11-07 11:16 - 2018-10-09 23:31 - 002199552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2018-11-07 11:16 - 2018-10-09 23:30 - 013429760 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-11-07 11:16 - 2018-10-09 23:30 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2018-11-07 11:16 - 2018-10-09 23:30 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2018-11-07 11:16 - 2018-10-09 23:30 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2018-11-07 11:16 - 2018-10-09 23:30 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-11-07 11:16 - 2018-10-09 23:30 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-11-07 11:16 - 2018-10-09 23:29 - 000379392 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2018-11-07 11:16 - 2018-10-09 23:29 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2018-11-07 11:16 - 2018-10-09 23:28 - 023700992 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-11-07 11:16 - 2018-10-09 23:28 - 000457728 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2018-11-07 11:16 - 2018-10-09 23:28 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-11-07 11:16 - 2018-10-09 23:27 - 001580544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2018-11-07 11:16 - 2018-10-09 23:27 - 000613376 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2018-11-07 11:16 - 2018-10-09 23:26 - 001803264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-11-07 11:16 - 2018-10-09 23:25 - 008166912 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2018-11-07 11:16 - 2018-10-09 23:25 - 004208640 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2018-11-07 11:16 - 2018-10-09 23:25 - 000487424 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-11-07 11:16 - 2018-10-09 23:23 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-11-07 11:16 - 2018-10-09 23:22 - 002830848 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2018-11-07 11:16 - 2018-10-09 23:22 - 002449408 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-11-07 11:16 - 2018-10-09 23:22 - 002052608 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2018-11-07 11:16 - 2018-10-09 23:22 - 001886720 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2018-11-07 11:16 - 2018-10-09 23:22 - 001886720 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2018-11-07 11:16 - 2018-10-09 23:21 - 005557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2018-11-07 11:16 - 2018-10-09 23:21 - 002516992 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2018-11-07 11:16 - 2018-10-09 23:21 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2018-11-07 11:16 - 2018-10-09 23:20 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2018-11-07 11:16 - 2018-10-09 23:19 - 000985600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2018-11-07 11:16 - 2018-10-09 23:17 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2018-11-07 11:16 - 2018-10-09 23:16 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2018-11-07 11:16 - 2018-10-09 23:16 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2018-11-06 12:16 - 2018-11-06 12:16 - 000000000 ____D C:\Users\b\AppData\Roaming\slobs-plugins
2018-11-04 06:36 - 2018-11-04 06:36 - 000001265 _____ C:\Users\b\Desktop\PhotoStage Slideshow Producer.lnk
2018-11-04 06:36 - 2018-11-04 06:36 - 000001251 _____ C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoStage Slideshow Producer.lnk
2018-11-03 00:53 - 2018-11-06 14:26 - 000000000 ____D C:\Windows\System32\Tasks\NCH Software
2018-11-03 00:53 - 2018-11-04 06:36 - 000002239 _____ C:\Users\b\Desktop\NCH Suite.lnk
2018-11-03 00:53 - 2018-11-04 06:36 - 000000000 ____D C:\Users\b\AppData\Roaming\NCH Software
2018-11-03 00:53 - 2018-11-04 06:36 - 000000000 ____D C:\ProgramData\NCH Software
2018-11-03 00:53 - 2018-11-03 17:09 - 000001247 _____ C:\Users\b\Desktop\Pixillion Image Converter.lnk
2018-11-03 00:53 - 2018-11-03 17:09 - 000001233 _____ C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pixillion Image Converter.lnk
2018-11-03 00:53 - 2018-11-03 00:53 - 000002169 _____ C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk
2018-11-03 00:44 - 2018-11-03 00:44 - 000916512 _____ (NCH Software) C:\Users\b\Downloads\pixpsetup.exe
2018-11-02 07:46 - 2018-11-02 07:46 - 000000000 ____D C:\Users\b\Documents\Rockstar Games
2018-11-02 07:46 - 2018-11-02 07:46 - 000000000 ____D C:\Users\b\AppData\Local\Rockstar Games
2018-11-02 02:50 - 2018-11-22 05:32 - 000281688 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2018-11-02 02:50 - 2018-11-02 02:50 - 000000000 ____D C:\Users\f\AppData\Local\PunkBuster
2018-11-02 02:49 - 2018-11-02 02:49 - 000000000 ____D C:\ProgramData\Orbit
2018-11-01 17:04 - 2018-11-22 05:32 - 000281688 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2018-11-01 17:04 - 2018-11-20 12:46 - 000281688 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2018-11-01 17:04 - 2018-11-01 17:04 - 000076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2018-11-01 17:04 - 2018-11-01 17:04 - 000000725 _____ C:\Users\f\Desktop\Far Cry 3.lnk
2018-11-01 17:04 - 2018-11-01 17:04 - 000000000 ____D C:\Users\f\AppData\Roaming\Far Cry 3
2018-11-01 17:04 - 2018-11-01 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2018-11-01 17:04 - 2018-07-07 08:23 - 003190168 ____R C:\Windows\SysWOW64\pb.exe
2018-11-01 15:12 - 2018-11-01 15:12 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2018-11-01 15:11 - 2018-11-01 15:11 - 000000000 ____D C:\Program Files\Rockstar Games
2018-11-01 14:50 - 2018-11-01 14:50 - 000000407 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
2018-11-01 14:50 - 2018-11-01 14:50 - 000000407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto V.lnk
2018-11-01 14:48 - 2018-11-01 14:48 - 000000000 ____D C:\Users\f\Documents\Rockstar Games
2018-11-01 14:48 - 2018-11-01 14:48 - 000000000 ____D C:\Users\f\AppData\Local\Rockstar Games
2018-11-01 14:47 - 2018-11-01 14:47 - 000000000 ____D C:\ProgramData\Steam
2018-11-01 14:47 - 2018-11-01 14:47 - 000000000 ____D C:\ProgramData\Socialclub
2018-11-01 14:07 - 2010-06-02 03:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2018-11-01 14:07 - 2010-06-02 03:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2018-11-01 14:07 - 2010-02-04 09:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2018-11-01 14:07 - 2010-02-04 09:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2018-11-01 14:07 - 2010-02-04 09:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2018-11-01 14:07 - 2010-02-04 09:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2018-11-01 14:07 - 2010-02-04 09:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2018-11-01 14:07 - 2010-02-04 09:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2018-11-01 14:07 - 2009-09-04 16:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2018-11-01 14:07 - 2009-09-04 16:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2018-11-01 14:07 - 2009-09-04 16:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2018-11-01 14:07 - 2009-09-04 16:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2018-11-01 14:07 - 2009-09-04 16:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2018-11-01 14:07 - 2009-09-04 16:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2018-11-01 14:07 - 2009-09-04 16:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2018-11-01 14:07 - 2009-09-04 16:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2018-11-01 14:07 - 2009-09-04 16:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2018-11-01 14:07 - 2009-09-04 16:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2018-11-01 14:07 - 2009-09-04 16:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2018-11-01 14:07 - 2009-09-04 16:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2018-11-01 14:07 - 2009-09-04 16:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2018-11-01 14:07 - 2009-09-04 16:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2018-11-01 14:07 - 2009-09-04 16:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2018-11-01 14:07 - 2009-09-04 16:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2018-11-01 14:07 - 2009-03-16 13:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2018-11-01 14:07 - 2009-03-16 13:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2018-11-01 14:07 - 2009-03-16 13:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2018-11-01 14:07 - 2009-03-16 13:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2018-11-01 14:07 - 2009-03-16 13:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2018-11-01 14:07 - 2009-03-16 13:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2018-11-01 14:07 - 2009-03-09 14:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2018-11-01 14:07 - 2009-03-09 14:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2018-11-01 14:07 - 2009-03-09 14:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2018-11-01 14:07 - 2009-03-09 14:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2018-11-01 14:07 - 2009-03-09 14:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2018-11-01 14:07 - 2009-03-09 14:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2018-11-01 14:07 - 2008-10-27 09:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2018-11-01 14:07 - 2008-10-27 09:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2018-11-01 14:07 - 2008-10-27 09:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2018-11-01 14:07 - 2008-10-27 09:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2018-11-01 14:07 - 2008-10-27 09:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2018-11-01 14:07 - 2008-10-27 09:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2018-11-01 14:07 - 2008-10-27 09:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2018-11-01 14:07 - 2008-10-27 09:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2018-11-01 14:07 - 2008-10-10 03:52 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2018-11-01 14:07 - 2008-10-10 03:52 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2018-11-01 14:07 - 2008-10-10 03:52 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2018-11-01 14:07 - 2008-10-10 03:52 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2018-11-01 14:07 - 2008-10-10 03:52 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2018-11-01 14:07 - 2008-10-10 03:52 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2018-11-01 14:06 - 2008-07-31 09:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2018-11-01 14:06 - 2008-07-31 09:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2018-11-01 14:06 - 2008-07-31 09:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2018-11-01 14:06 - 2008-07-31 09:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2018-11-01 14:06 - 2008-07-31 09:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2018-11-01 14:06 - 2008-07-31 09:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2018-11-01 14:06 - 2008-07-10 10:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2018-11-01 14:06 - 2008-07-10 10:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2018-11-01 14:06 - 2008-07-10 10:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2018-11-01 14:06 - 2008-07-10 10:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2018-11-01 14:06 - 2008-07-10 10:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2018-11-01 14:06 - 2008-07-10 10:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2018-11-01 14:06 - 2008-05-30 13:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2018-11-01 14:06 - 2008-05-30 13:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2018-11-01 14:06 - 2008-05-30 13:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2018-11-01 14:06 - 2008-05-30 13:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2018-11-01 14:06 - 2008-05-30 13:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2018-11-01 14:06 - 2008-05-30 13:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2018-11-01 14:06 - 2008-05-30 13:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2018-11-01 14:06 - 2008-05-30 13:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2018-11-01 14:06 - 2008-05-30 13:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2018-11-01 14:06 - 2008-05-30 13:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2018-11-01 14:06 - 2008-05-30 13:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2018-11-01 14:06 - 2008-05-30 13:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2018-11-01 14:06 - 2008-05-30 13:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2018-11-01 14:06 - 2008-05-30 13:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2018-11-01 14:06 - 2008-03-05 15:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2018-11-01 14:06 - 2008-03-05 15:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2018-11-01 14:06 - 2008-03-05 15:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2018-11-01 14:06 - 2008-03-05 15:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2018-11-01 14:06 - 2008-03-05 15:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2018-11-01 14:06 - 2008-03-05 15:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2018-11-01 14:06 - 2008-03-05 14:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2018-11-01 14:06 - 2008-03-05 14:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2018-11-01 14:06 - 2008-03-05 14:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2018-11-01 14:06 - 2008-03-05 14:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2018-11-01 14:06 - 2008-02-05 22:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2018-11-01 14:06 - 2008-02-05 22:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2018-11-01 14:06 - 2007-10-22 02:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2018-11-01 14:06 - 2007-10-22 02:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2018-11-01 14:06 - 2007-10-22 02:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2018-11-01 14:06 - 2007-10-22 02:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2018-11-01 14:06 - 2007-10-12 14:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2018-11-01 14:06 - 2007-10-12 14:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2018-11-01 14:06 - 2007-10-12 14:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2018-11-01 14:06 - 2007-10-12 14:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2018-11-01 14:06 - 2007-10-02 08:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2018-11-01 14:06 - 2007-10-02 08:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2018-11-01 14:06 - 2007-07-19 23:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2018-11-01 14:06 - 2007-07-19 23:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2018-11-01 14:06 - 2007-07-19 17:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2018-11-01 14:06 - 2007-07-19 17:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2018-11-01 14:06 - 2007-07-19 17:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2018-11-01 14:06 - 2007-07-19 17:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2018-11-01 14:06 - 2007-07-19 17:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2018-11-01 14:06 - 2007-07-19 17:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2018-11-01 14:06 - 2007-06-20 19:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2018-11-01 14:06 - 2007-06-20 19:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2018-11-01 14:06 - 2007-05-16 15:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2018-11-01 14:06 - 2007-05-16 15:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2018-11-01 14:06 - 2007-05-16 15:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2018-11-01 14:06 - 2007-05-16 15:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2018-11-01 14:06 - 2007-05-16 15:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2018-11-01 14:06 - 2007-05-16 15:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2018-11-01 14:06 - 2007-04-04 17:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2018-11-01 14:06 - 2007-04-04 17:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2018-11-01 14:06 - 2007-03-15 15:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2018-11-01 14:06 - 2007-03-15 15:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2018-11-01 14:06 - 2007-03-12 15:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2018-11-01 14:06 - 2007-03-12 15:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2018-11-01 14:06 - 2007-03-12 15:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2018-11-01 14:06 - 2007-03-12 15:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2018-11-01 14:06 - 2007-03-05 11:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2018-11-01 14:06 - 2007-03-05 11:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2018-11-01 14:06 - 2007-01-24 14:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2018-11-01 14:06 - 2007-01-24 14:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2018-11-01 14:06 - 2006-12-08 11:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2018-11-01 14:06 - 2006-12-08 11:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2018-11-01 14:06 - 2006-11-29 12:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2018-11-01 14:06 - 2006-11-29 12:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2018-11-01 14:06 - 2006-11-29 12:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2018-11-01 14:06 - 2006-11-29 12:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2018-11-01 14:06 - 2006-09-28 15:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2018-11-01 14:06 - 2006-09-28 15:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2018-11-01 14:06 - 2006-09-28 15:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2018-11-01 14:06 - 2006-09-28 15:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2018-11-01 14:06 - 2006-07-28 08:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2018-11-01 14:06 - 2006-07-28 08:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2018-11-01 14:06 - 2006-07-28 08:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2018-11-01 14:06 - 2006-07-28 08:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2018-11-01 14:06 - 2006-05-31 06:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2018-11-01 14:06 - 2006-05-31 06:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2018-11-01 14:06 - 2006-03-31 11:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2018-11-01 14:06 - 2006-03-31 11:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2018-11-01 14:06 - 2006-03-31 11:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2018-11-01 14:06 - 2006-03-31 11:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2018-11-01 14:06 - 2006-03-31 11:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2018-11-01 14:06 - 2006-03-31 11:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2018-11-01 14:06 - 2006-02-03 07:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2018-11-01 14:06 - 2006-02-03 07:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2018-11-01 14:06 - 2006-02-03 07:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2018-11-01 14:06 - 2006-02-03 07:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2018-11-01 14:06 - 2006-02-03 07:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2018-11-01 14:06 - 2006-02-03 07:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2018-11-01 14:06 - 2005-12-05 17:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2018-11-01 14:06 - 2005-12-05 17:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2018-11-01 14:06 - 2005-07-22 18:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2018-11-01 14:06 - 2005-07-22 18:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2018-11-01 14:06 - 2005-05-26 14:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2018-11-01 14:06 - 2005-05-26 14:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2018-11-01 14:06 - 2005-03-18 16:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2018-11-01 14:06 - 2005-03-18 16:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2018-11-01 14:06 - 2005-02-05 18:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2018-11-01 14:06 - 2005-02-05 18:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2018-11-01 13:50 - 2018-11-01 14:07 - 000000000 ____D C:\Windows\SysWOW64\directx
2018-11-01 13:05 - 2018-11-01 13:20 - 000000000 ____D C:\Users\f\Downloads\TES V Skyrim repack Mr DJ
2018-11-01 13:05 - 2018-11-01 13:06 - 001390150 _____ C:\Users\f\Downloads\The Elder Scrolls V Skyrim Legendary Edition repack Mr DJ.zip.part
2018-11-01 13:05 - 2018-11-01 13:05 - 020880832 _____ (BitTorrent, Inc.) C:\Users\f\Downloads\utweb_installer(1).exe
2018-11-01 13:05 - 2018-11-01 13:05 - 000000000 _____ C:\Users\f\Downloads\The Elder Scrolls V Skyrim Legendary Edition repack Mr DJ.zip
2018-11-01 13:02 - 2018-11-23 14:14 - 000000000 ____D C:\Users\f\AppData\Roaming\uTorrent Web
2018-11-01 13:02 - 2018-11-01 13:02 - 000001859 _____ C:\Users\f\Desktop\uTorrent Web.lnk
2018-11-01 13:02 - 2018-11-01 13:02 - 000001845 _____ C:\Users\f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
2018-11-01 13:02 - 2018-11-01 13:02 - 000000000 ____D C:\Users\f\AppData\Roaming\Lavasoft
2018-11-01 13:02 - 2018-11-01 13:02 - 000000000 ____D C:\Users\f\AppData\Local\Lavasoft
2018-11-01 13:02 - 2018-11-01 13:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-11-01 13:02 - 2018-11-01 13:02 - 000000000 ____D C:\ProgramData\Lavasoft
2018-11-01 13:02 - 2018-11-01 13:02 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2018-11-01 12:36 - 2018-11-01 12:37 - 020880832 _____ (BitTorrent, Inc.) C:\Users\f\Downloads\utweb_installer.exe
2018-11-01 10:22 - 2018-11-01 10:22 - 000000000 ____D C:\Users\b\AppData\Local\Speech Graphics
2018-11-01 09:18 - 2018-11-01 09:18 - 000000000 ____D C:\Users\f\AppData\Local\Speech Graphics
2018-11-01 08:46 - 2018-11-01 08:46 - 000665048 _____ (Mc & RENOX technologies - www.mcrenox.com.ar) C:\Users\f\Downloads\Bmp2Jpg.exe
2018-11-01 08:44 - 2018-11-01 08:44 - 000086763 _____ C:\Users\f\Documents\IMG_20181101_0001.pdf
2018-10-31 15:15 - 2018-10-31 15:16 - 000006087 _____ C:\Users\f\Downloads\Fallout 4.zip
2018-10-26 01:52 - 2018-10-26 01:52 - 000000000 ____D C:\Users\f\AppData\Local\DBG
2018-10-26 01:52 - 2018-10-26 01:52 - 000000000 ____D C:\Users\f\AppData\Local\CrashReportClient
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-23 13:43 - 2018-09-14 17:15 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-11-23 09:47 - 2018-09-14 17:18 - 000000000 ____D C:\Users\f
2018-11-23 09:45 - 2018-09-14 18:40 - 000000000 ____D C:\Users\f\AppData\LocalLow\Mozilla
2018-11-23 09:44 - 2018-09-27 05:38 - 000000000 ____D C:\Program Files (x86)\Steam
2018-11-23 02:15 - 2018-09-15 19:19 - 000000000 ____D C:\Users\b
2018-11-23 02:15 - 2018-09-14 18:51 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-22 23:04 - 2017-03-18 13:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-22 23:04 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\AppReadiness
2018-11-22 22:59 - 2018-09-15 19:19 - 000000000 ____D C:\Users\b\AppData\LocalLow\Mozilla
2018-11-22 22:28 - 2018-09-18 10:03 - 000000000 ____D C:\Users\f\AppData\Roaming\slobs-client
2018-11-22 18:42 - 2018-09-15 19:19 - 000000000 ____D C:\ProgramData\Packages
2018-11-22 18:42 - 2018-09-14 17:18 - 000000000 ____D C:\Users\f\AppData\Local\Packages
2018-11-22 16:10 - 2018-09-14 17:21 - 001501562 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-22 16:04 - 2018-09-14 17:15 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-22 00:14 - 2017-03-18 03:40 - 002359296 _____ C:\Windows\system32\config\BBI
2018-11-21 10:45 - 2018-09-30 12:54 - 000004638 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-11-21 10:45 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-11-21 10:45 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\system32\Macromed
2018-11-20 14:22 - 2017-03-18 12:51 - 000000000 ____D C:\Windows\CbsTemp
2018-11-16 13:35 - 2017-03-18 13:06 - 000834960 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-11-16 13:35 - 2017-03-18 13:06 - 000179600 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-14 04:06 - 2018-09-14 21:31 - 000000000 ____D C:\Windows\system32\MRT
2018-11-14 04:05 - 2018-09-14 21:31 - 137810048 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-11-14 03:24 - 2018-09-18 10:03 - 000001964 _____ C:\Users\Public\Desktop\Streamlabs OBS.lnk
2018-11-14 03:24 - 2018-09-18 10:02 - 000000000 ____D C:\Program Files\Streamlabs OBS
2018-11-13 10:32 - 2018-09-30 12:54 - 000004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-11-12 10:47 - 2018-09-14 17:18 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-12 10:01 - 2018-09-14 17:18 - 000000000 ____D C:\Users\f\AppData\Local\ConnectedDevicesPlatform
2018-11-09 07:48 - 2018-09-14 19:08 - 000000000 ___DL C:\Program Files\Epic Games
2018-11-08 20:23 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\rescache
2018-11-08 10:27 - 2018-09-15 19:20 - 000003370 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3065739905-2526270316-2055778871-1002
2018-11-08 10:27 - 2018-09-15 19:20 - 000002355 _____ C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-08 10:27 - 2018-09-15 19:20 - 000000000 ___RD C:\Users\b\OneDrive
2018-11-08 08:02 - 2018-09-14 18:42 - 000003370 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3065739905-2526270316-2055778871-1001
2018-11-08 08:02 - 2018-09-14 17:20 - 000002355 _____ C:\Users\f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-08 08:02 - 2018-09-14 17:20 - 000000000 ___RD C:\Users\f\OneDrive
2018-11-07 21:30 - 2017-03-18 13:01 - 000000000 ____D C:\Windows\INF
2018-11-07 21:08 - 2018-09-14 17:15 - 000386216 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-07 14:07 - 2017-03-18 18:36 - 000000000 ____D C:\Windows\HoloShell
2018-11-07 14:07 - 2017-03-18 13:03 - 000000000 ___SD C:\Windows\SysWOW64\F12
2018-11-07 14:07 - 2017-03-18 13:03 - 000000000 ___SD C:\Windows\system32\F12
2018-11-06 20:58 - 2018-09-23 07:12 - 000000000 ____D C:\Users\b\AppData\Roaming\vlc
2018-11-06 13:21 - 2018-09-23 07:15 - 000000000 ____D C:\Users\b\AppData\Roaming\slobs-client
2018-11-05 14:35 - 2018-09-18 10:11 - 000000000 ____D C:\Users\f\AppData\Roaming\vlc
2018-11-03 02:44 - 2018-10-02 09:50 - 000000000 ____D C:\Users\f\Documents\My Games
2018-11-01 13:02 - 2018-09-14 18:05 - 000000000 ____D C:\ProgramData\Package Cache
2018-11-01 08:44 - 2018-10-19 07:13 - 000000000 ___HD C:\ProgramData\CanonIJMIG
2018-11-01 08:44 - 2018-09-26 08:50 - 000000000 ____D C:\Users\f\AppData\Roaming\Canon
2018-11-01 08:44 - 2018-09-26 08:00 - 000000000 ____D C:\ProgramData\CanonIJPLM
Some files in TEMP:
====================
2018-09-14 19:00 - 2018-03-23 15:05 - 000374152 _____ (NVIDIA Corporation) C:\Users\f\AppData\Local\Temp\nvStInst.exe
2018-11-22 01:20 - 2018-11-22 01:20 - 000000000 _____ () C:\Users\f\AppData\Local\Temp\wcupdater.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-11-22 01:37
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.11.2018
Ran by f (23-11-2018 14:26:42)
Running from C:\Users\f\Downloads
Windows 10 Enterprise Evaluation Version 1703 15063.1418 (X64) (2018-09-15 01:17:09)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
a (S-1-5-21-3065739905-2526270316-2055778871-1004 - Limited - Enabled) => C:\Users\a
Administrator (S-1-5-21-3065739905-2526270316-2055778871-500 - Administrator - Disabled)
b (S-1-5-21-3065739905-2526270316-2055778871-1002 - Limited - Enabled) => C:\Users\b
c (S-1-5-21-3065739905-2526270316-2055778871-1003 - Limited - Enabled) => C:\Users\c
d (S-1-5-21-3065739905-2526270316-2055778871-1005 - Limited - Enabled) => C:\Users\d
DefaultAccount (S-1-5-21-3065739905-2526270316-2055778871-503 - Limited - Disabled)
f (S-1-5-21-3065739905-2526270316-2055778871-1001 - Administrator - Enabled) => C:\Users\f
Guest (S-1-5-21-3065739905-2526270316-2055778871-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Advanced Micro Devices, Inc.) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS5000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5000_series) (Version: 1.02 - Canon Inc.)
Canon TS5000 series On-screen Manual (HKLM-x32\...\Canon TS5000 series On-screen Manual) (Version: 1.1.0 - Canon Inc.)
Canon TS5000 series User Registration (HKLM-x32\...\Canon TS5000 series User Registration) (Version: - Canon Inc.)
Epic Games Launcher (HKLM-x32\...\{E7B62E3F-0F70-4119-89A2-28DE1C3873CC}) (Version: 1.1.163.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Far Cry 3 (HKLM-x32\...\Far Cry 3_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky)
Far Cry 5 (HKLM-x32\...\{73B938C4-0DDA-448D-8E46-87401EA87339}_is1) (Version: - Ubisoft)
FastStone Image Viewer 6.7 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.7 - FastStone Soft)
Grand Theft Auto V (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Junction Link Magic 2.0 (HKLM\...\Junction Link Magic_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 6.1.2.1 (HKLM\...\{E5FC66AA-995A-488A-BEBE-8B5C351F939A}) (Version: 6.1.2.1 - The Document Foundation)
Microsoft OneDrive (HKU\S-1-5-21-3065739905-2526270316-2055778871-1001\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 56.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 56.0.2 (x64 en-US)) (Version: 56.0.2 - Mozilla)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
NVIDIA Graphics Driver 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8308 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.11.3 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.11.3 - General Workings, Inc.)
uTorrent Web (HKU\S-1-5-21-3065739905-2526270316-2055778871-1001\...\utweb) (Version: 0.18.2 - BitTorrent, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Web Companion (HKLM-x32\...\{433ce21a-0d85-4b63-80e8-49a76a598721}) (Version: 4.4.1950.3825 - Lavasoft)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-07-22] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-23] (NVIDIA Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {086016BB-7D21-49B7-92FB-84ADC2726057} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-21] (Adobe Systems Incorporated)
Task: {164AD942-9EDD-432A-A8F5-4AA7E2A05162} - System32\Tasks\S-1-5-21-3065739905-2526270316-2055778871-1002\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [2018-06-07] (Microsoft Corporation)
Task: {270A0F8A-CA67-43C0-98F0-44925CB98D77} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [2018-11-21] (Adobe Systems Incorporated)
Task: {29233D35-4A94-46CB-B8B6-053D7E16D8F8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-22] (Microsoft Corporation)
Task: {AFB3E9BC-2420-4985-8E75-D0A3674C0098} - System32\Tasks\NCH Software\PhotoStageSevenDays => C:\Users\b\AppData\Roaming\NCH Software\Program Files\PhotoStage\PhotoStage.exe [2018-10-27] (NCH Software)
Task: {B7854007-458D-406A-8145-3021BEDC7579} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-22] (Microsoft Corporation)
Task: {E4CADA93-80A3-4DC4-B387-7886646CB17E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-22] (Microsoft Corporation)
Task: {F79721E3-189F-48D1-A197-4B7BC43F5CB1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-22] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-09-26 08:00 - 2018-03-15 19:06 - 000397472 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2018-11-01 17:04 - 2018-11-01 17:04 - 000076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2018-11-01 13:02 - 2018-11-22 01:20 - 000025888 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
2018-11-01 13:02 - 2018-11-22 01:20 - 000017696 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dll
2018-11-01 13:02 - 2018-11-22 01:20 - 000037664 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dll
2018-09-14 18:51 - 2018-03-23 15:02 - 000135136 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-18 12:58 - 2017-03-18 12:58 - 000138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
2018-09-14 21:28 - 2018-08-28 14:58 - 001730560 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-09-14 18:50 - 2018-09-14 18:50 - 098275328 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2018-09-14 18:50 - 2018-09-14 18:50 - 003922432 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2018-09-14 18:50 - 2018-09-14 18:50 - 000092672 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2018-11-13 09:53 - 2018-11-13 09:53 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-11-13 09:53 - 2018-11-13 09:53 - 066031104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-09-14 19:29 - 2018-09-14 19:32 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-11-09 06:31 - 2018-11-09 06:31 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-11-09 06:31 - 2018-11-09 06:31 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-09 06:31 - 2018-11-09 06:31 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-09-14 19:29 - 2018-09-14 19:32 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-09-14 19:29 - 2018-09-14 19:32 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-09-14 19:29 - 2018-09-14 19:32 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-11-13 09:53 - 2018-11-13 09:53 - 014097920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-09 06:31 - 2018-11-09 06:31 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-11-13 09:53 - 2018-11-13 09:53 - 002863616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-09-14 19:29 - 2018-09-14 19:32 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-09-14 19:29 - 2018-09-14 19:32 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-14 19:29 - 2018-09-14 19:32 - 000043008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-11-09 06:31 - 2018-11-09 06:31 - 001410560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-09-14 19:29 - 2018-09-14 19:31 - 000621568 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Lumia.AppTk.SceneGraph.dll
2018-11-13 09:53 - 2018-11-13 09:53 - 000280576 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Photos.Viewer.Plugins.Native.dll
2018-09-14 19:29 - 2018-09-14 19:31 - 001007104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\IPP_UWP.dll
2018-11-09 06:31 - 2018-11-09 06:31 - 000655872 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.dll
2018-11-13 09:53 - 2018-11-13 09:53 - 000146432 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\SKU.dll
2018-11-05 21:32 - 2018-11-05 21:32 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-05 21:32 - 2018-11-05 21:32 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-05 21:32 - 2018-11-05 21:32 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-11-19 11:51 - 2018-11-19 11:52 - 001434192 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2018-09-14 19:31 - 2018-09-14 19:31 - 004601048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-21 18:02 - 2018-11-21 18:02 - 000175504 _____ () C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\FortniteLauncher.exe
2018-11-01 13:02 - 2018-11-22 01:20 - 000120608 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll
2018-11-01 13:02 - 2018-11-22 01:20 - 000105248 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2018-11-01 13:02 - 2018-11-22 01:20 - 000373536 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2018-11-01 13:02 - 2018-11-22 01:20 - 000059168 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2018-11-01 13:02 - 2018-11-22 01:20 - 000067360 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Events.dll
2018-11-01 13:02 - 2018-11-22 01:20 - 000084256 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll
2018-11-01 13:02 - 2018-11-22 01:20 - 000057632 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll
2018-09-06 12:29 - 2018-09-06 12:29 - 000852992 _____ () C:\Users\f\AppData\Roaming\uTorrent Web\avformat-57.dll
2018-09-06 12:29 - 2018-09-06 12:29 - 000465408 _____ () C:\Users\f\AppData\Roaming\uTorrent Web\avutil-55.dll
2018-09-06 12:29 - 2018-09-06 12:29 - 001276928 _____ () C:\Users\f\AppData\Roaming\uTorrent Web\avcodec-57.dll
2018-09-06 12:29 - 2018-09-06 12:29 - 000152064 _____ () C:\Users\f\AppData\Roaming\uTorrent Web\swresample-2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WLMS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WLMS => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3065739905-2526270316-2055778871-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3065739905-2526270316-2055778871-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 13:03 - 2017-03-18 13:01 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3065739905-2526270316-2055778871-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{0C109CF1-8AFE-4C53-B079-573C9D44209F}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{C6BE873B-4F68-4292-82CB-EE3753128A0A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{E5CA1703-B2ED-4B5B-9294-25913CDDDD57}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{F56CFA73-342E-4639-9BDC-5DF3992A6C73}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{91E6FB69-D43B-447B-8813-588502395B0B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{299FF594-DCF2-4DAF-B54C-05AA55138101}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E4808B92-D930-4402-9F36-4A3BC0DAAC8E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{67F86432-762E-4D7B-8428-E4AAA41454C0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{400D6A1C-E195-4F5F-9677-2CC30E1D3A5E}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{3E51EB97-79FA-4B14-9B4E-AFDF45B70065}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{B4A767CA-716E-4512-A6EA-E9A80A121D1C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{A4A05BB3-796D-44AB-97AC-14E1EB178235}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{726406D2-9F1A-49A2-AD1F-6997D6EC8462}] => (Allow) C:\Users\f\AppData\Roaming\uTorrent Web\utweb.exe
FirewallRules: [{0C793826-B823-4604-AF73-8B04C3950E9A}] => (Allow) C:\Users\f\AppData\Roaming\uTorrent Web\utweb.exe
FirewallRules: [TCP Query User{200B58F2-67B8-4167-B8C9-32FEAA00F993}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{D9C70745-859F-410D-AF04-ED9F8AFE91EA}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe
FirewallRules: [{A17DDE6C-3237-4419-BF6B-C79E1F1C3558}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{757EC86E-1649-4081-8350-157E9963A2C0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3CEF8A37-2E67-4014-95D8-592FBF58ED18}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F8093EA1-64CA-4F7A-B2F5-365AF5B59759}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{F2ADC9C6-3F97-477E-A521-8062113C3EBA}D:\far cry 3\bin\farcry3.exe] => (Allow) D:\far cry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{23A61D73-CF97-444E-9DB5-F0671F7B513C}D:\far cry 3\bin\farcry3.exe] => (Allow) D:\far cry 3\bin\farcry3.exe
FirewallRules: [{0F5CB047-4595-48B9-A566-51F0ECA975E7}] => (Allow) D:\S_Lib\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{27122836-ED76-4F2A-82B8-E3909A6E03BE}] => (Allow) D:\S_Lib\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{658897EC-524B-484F-B4BA-A0729A4FB026}] => (Allow) D:\S_Lib\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{5DDF9BC0-039A-4535-AB75-0C140CAF6DE3}] => (Allow) D:\S_Lib\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [TCP Query User{A8A96ED7-B375-48E2-A8C3-F1BF924C1DCD}G:\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) G:\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{8A03E6D3-264E-4821-924B-3FA9778D1E1F}G:\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) G:\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{46A423C2-983A-405D-8971-93FEAE6634FC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{211C1693-523C-4048-AD05-1605C0F822DE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4529AD1F-AE1F-4289-94F1-F800CD74A3DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{508EC6A0-9135-488C-860B-7E081428ACBA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E6BB5B4A-3070-4CAC-9FA7-A3EB6B677479}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{84615963-0651-440B-83F0-6414F2786D3E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{0D9996D4-B9FE-4F47-8A70-E2FA16F20582}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E9397D84-ED43-4757-BF66-8C85167E9487}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{50A8C53F-4CDD-475D-8147-7DBC035B74AE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{60677F0E-A8F5-407D-BC1A-3C065B2A7135}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/21/2018 05:58:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-IHEBHBU)
Description: Activation of app Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (11/21/2018 05:58:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-IHEBHBU)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (11/12/2018 08:53:54 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-IHEBHBU)
Description: Microsoft.VCLibs.140.00_8wekyb3d8bbwe3
Error: (11/12/2018 08:53:54 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-IHEBHBU)
Description: Microsoft.VCLibs.140.00.UWPDesktop_8wekyb3d8bbwe3
Error: (11/12/2018 08:53:54 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-IHEBHBU)
Description: Microsoft.Services.Store.Engagement_8wekyb3d8bbwe3
Error: (11/12/2018 08:53:54 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-IHEBHBU)
Description: Microsoft.NET.Native.Runtime.1.7_8wekyb3d8bbwe3
Error: (11/12/2018 08:53:54 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-IHEBHBU)
Description: Microsoft.NET.Native.Runtime.1.6_8wekyb3d8bbwe3
Error: (11/12/2018 08:53:54 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-IHEBHBU)
Description: Microsoft.NET.Native.Runtime.1.4_8wekyb3d8bbwe3
System errors:
=============
Error: (11/23/2018 01:45:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-IHEBHBU)
Description: The server {417976B7-917D-4F1E-8F14-C18FCCB0B3A8} did not register with DCOM within the required timeout.
Error: (11/23/2018 12:34:05 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-IHEBHBU)
Description: The server {417976B7-917D-4F1E-8F14-C18FCCB0B3A8} did not register with DCOM within the required timeout.
Error: (11/23/2018 11:28:50 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-IHEBHBU)
Description: The server {417976B7-917D-4F1E-8F14-C18FCCB0B3A8} did not register with DCOM within the required timeout.
Error: (11/23/2018 10:32:50 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-IHEBHBU)
Description: The server {417976B7-917D-4F1E-8F14-C18FCCB0B3A8} did not register with DCOM within the required timeout.
Error: (11/23/2018 09:45:47 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-IHEBHBU)
Description: The server {417976B7-917D-4F1E-8F14-C18FCCB0B3A8} did not register with DCOM within the required timeout.
Error: (11/23/2018 09:43:43 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/23/2018 09:43:43 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/23/2018 01:13:05 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-IHEBHBU)
Description: The server {417976B7-917D-4F1E-8F14-C18FCCB0B3A8} did not register with DCOM within the required timeout.
Windows Defender:
===================================
Date: 2018-11-21 17:38:18.805
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6D27DBA5-743F-47A9-89D8-B7CFFCC8CB87}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-11-16 13:46:33.295
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {BD3D9493-E8C4-4B01-A626-8A29E7A1A5F4}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-10-31 18:34:05.403
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {653FF973-69CD-433B-875A-6C404839C69D}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-10-30 15:40:42.843
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {0A747F80-3557-4493-8123-8BD92385F646}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-10-29 04:09:21.739
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {19235212-65CC-458F-A9EB-766C73BA9E70}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-11-16 13:21:39.972
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.281.239.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15400.5
Error code: 0x80244022
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===================================
Date: 2018-09-25 15:28:35.407
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-09-25 15:28:35.406
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-09-15 00:13:08.835
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-09-15 00:13:08.833
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD Ryzen 5 1600 Six-Core Processor
Percentage of memory in use: 78%
Total physical RAM: 8124.79 MB
Available physical RAM: 1745.67 MB
Total Virtual: 12732.79 MB
Available Virtual: 2441.57 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.3 GB) (Free:37.09 GB) NTFS
Drive d: (win1) (Fixed) (Total:976.07 GB) (Free:279.97 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:232.77 GB) (Free:232.77 GB) FAT32
Drive f: (New Volume) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
Drive g: (win2) (Fixed) (Total:488.28 GB) (Free:334.16 GB) NTFS
Drive h: (win3) (Fixed) (Total:398.17 GB) (Free:286.8 GB) NTFS
Drive j: () (Removable) (Total:14.83 GB) (Free:14.52 GB) FAT32
\\?\Volume{135cad82-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.13 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 135CAD82)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: 02CDF59B)
Partition: GPT.
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 4DBF4705)
Partition 1: (Not Active) - (Size=500 MB) - (Type=05)
Partition 2: (Active) - (Size=976.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=398.2 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Protective MBR) (Size: 14.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
kontrola logu někdo mi neustále hackuje steam účet
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu někdo mi neustále hackuje steam účet
Zdravím!
PC je buď firemní, nebo nemáte legální oper. systém. Verze Enterprise není na běžném trhu k dispozici.
PC je buď firemní, nebo nemáte legální oper. systém. Verze Enterprise není na běžném trhu k dispozici.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: kontrola logu někdo mi neustále hackuje steam účet
to je zkušební verze kterou vždy po půl roce přeinstaluju. tuhle mám nainstalovanou přes dva měsíceRudy píše:Zdravím!
PC je buď firemní, nebo nemáte legální oper. systém. Verze Enterprise není na běžném trhu k dispozici.
-
Rudy
- Site Admin
- Příspěvky: 119426
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu někdo mi neustále hackuje steam účet
Takže nelegál. Zkušební verze je na stanovenou dobu a po té se buď legalizuje koupením licence, nebo odinstaluje.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?