VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.11.2018
Ran by f (administrator) on DESKTOP-IHEBHBU (23-11-2018 14:26:13)
Running from C:\Users\f\Downloads
Loaded Profiles: f (Available Profiles: f & b & c & a & d)
Platform: Windows 10 Enterprise Evaluation Version 1703 15063.1418 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Microsoft Corporation) C:\Windows\System32\wlms\wlms.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(BitTorrent Inc.) C:\Users\f\AppData\Roaming\uTorrent Web\utweb.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe\HxAccounts.exe
() G:\Epic Games\Fortnite\FortniteGame\Binaries\Win64\FortniteLauncher.exe
(BattlEye Innovations) G:\Epic Games\Fortnite\FortniteGame\Binaries\Win64\FortniteClient-Win64-Shipping_BE.exe
() C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
(Epic Games, Inc.) G:\Epic Games\Fortnite\FortniteGame\Binaries\Win64\FortniteClient-Win64-Shipping.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18382304 2017-11-22] (Realtek Semiconductor)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (CANON INC.)
HKU\S-1-5-21-3065739905-2526270316-2055778871-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [34917264 2018-11-19] (Epic Games, Inc.)
HKU\S-1-5-21-3065739905-2526270316-2055778871-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3131680 2018-11-09] (Valve Corporation)
HKU\S-1-5-21-3065739905-2526270316-2055778871-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7407392 2018-11-22] (Lavasoft)
HKU\S-1-5-21-3065739905-2526270316-2055778871-1001\...\Run: [utweb] => C:\Users\f\AppData\Roaming\uTorrent Web\utweb.exe [5456560 2018-09-06] (BitTorrent Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{421c5acc-19f2-4830-b6b7-ace2c54b6d80}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-3065739905-2526270316-2055778871-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10420__181101
SearchScopes: HKU\S-1-5-21-3065739905-2526270316-2055778871-1001 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10420__181101&q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)

FireFox:
========
FF DefaultProfile: u245qrzg.default
FF ProfilePath: C:\Users\f\AppData\Roaming\Mozilla\Firefox\Profiles\u245qrzg.default [2018-11-23]
FF Homepage: Mozilla\Firefox\Profiles\u245qrzg.default -> chrome://speeddial/content/speeddial.xul
FF NewTab: Mozilla\Firefox\Profiles\u245qrzg.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10420__181101
FF Extension: (FireGestures) - C:\Users\f\AppData\Roaming\Mozilla\Firefox\Profiles\u245qrzg.default\Extensions\firegestures@xuldev.org.xpi [2018-11-11] [Legacy]
FF Extension: (Speed Dial) - C:\Users\f\AppData\Roaming\Mozilla\Firefox\Profiles\u245qrzg.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2018-11-11] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\f\AppData\Roaming\Mozilla\Firefox\Profiles\u245qrzg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-11-15]
FF Extension: (Google Code Correction) - C:\Users\f\AppData\Roaming\Mozilla\Firefox\Profiles\u245qrzg.default\features\{dcb8fdb2-700d-45e0-a163-b0e6ef4c41a9}\google-code-correction@mozilla.org.xpi [2018-11-10] [Legacy]
FF Extension: (Telemetry coverage) - C:\Users\f\AppData\Roaming\Mozilla\Firefox\Profiles\u245qrzg.default\features\{dcb8fdb2-700d-45e0-a163-b0e6ef4c41a9}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-11-10] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_153.dll [2018-11-21] ()
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_153.dll [2018-11-21] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7356680 2018-10-03] ()
R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [153736 2016-06-02] (CANON INC.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2018-09-14] (EasyAntiCheat Ltd)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397472 2018-03-15] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2018-11-01] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2018-06-07] (Microsoft Corporation)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25888 2018-11-22] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-22] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-10-22] (Microsoft Corporation)
R2 WLMS; C:\Windows\system32\wlms\wlms.exe [26112 2017-03-18] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [34696 2017-10-10] (Advanced Micro Devices, Inc)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [33144 2017-10-16] (Advanced Micro Devices, Inc)
R3 AMDPCIDev; C:\Windows\System32\drivers\AMDPCIDev.sys [31584 2018-01-02] (Advanced Micro Devices)
R0 amdpsp; C:\Windows\System32\drivers\amdpsp.sys [137104 2017-11-08] (Advanced Micro Devices, Inc. )
R3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [2551864 2018-11-23] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_708ec8f9a4d134c6\nvlddmkm.sys [17544792 2018-04-12] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1010648 2017-10-20] (Realtek )
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46184 2018-10-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [328696 2018-10-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-23 14:26 - 2018-11-23 14:26 - 000011451 _____ C:\Users\f\Downloads\FRST.txt
2018-11-23 14:26 - 2018-11-23 14:26 - 000000000 ____D C:\FRST
2018-11-23 14:25 - 2018-11-23 14:25 - 002416640 _____ (Farbar) C:\Users\f\Downloads\FRST64.exe
2018-11-23 14:19 - 2018-11-23 14:19 - 000000000 ____D C:\rsit
2018-11-23 14:19 - 2018-11-23 14:19 - 000000000 ____D C:\Program Files\trend micro
2018-11-23 13:53 - 2018-11-23 13:53 - 001222144 _____ C:\Users\f\Downloads\RSITx64.exe
2018-11-22 18:26 - 2018-11-22 18:26 - 000000048 _____ C:\Users\f\Documents\superpasword.txt
2018-11-20 13:58 - 2018-11-20 13:58 - 000000000 ____D C:\Users\d\AppData\Local\MicrosoftEdge
2018-11-19 18:43 - 2018-11-19 18:43 - 000000000 ____D C:\Users\d\Documents\My Games
2018-11-19 18:43 - 2018-11-19 18:43 - 000000000 ____D C:\Users\d\Documents\CPY_SAVES
2018-11-18 05:22 - 2018-11-18 05:22 - 000000000 ____D C:\Users\d\Documents\Rockstar Games
2018-11-18 05:22 - 2018-11-18 05:22 - 000000000 ____D C:\Users\d\AppData\Local\Rockstar Games
2018-11-17 02:50 - 2018-11-17 03:13 - 000000000 ____D C:\Users\f\Documents\regsdfg
2018-11-17 01:42 - 2018-11-17 01:49 - 000000000 ____D C:\Users\d\AppData\Roaming\vlc
2018-11-16 16:20 - 2018-11-16 16:20 - 000000000 ____D C:\Users\d\AppData\Local\DBG
2018-11-16 16:20 - 2018-11-16 16:20 - 000000000 ____D C:\Users\d\AppData\Local\CrashReportClient
2018-11-15 06:37 - 2018-11-15 06:37 - 000000000 ____D C:\Users\f\AppData\Roaming\slobs-plugins
2018-11-14 03:25 - 2018-11-14 03:25 - 000000000 ____D C:\Users\d\AppData\Roaming\slobs-plugins
2018-11-14 03:25 - 2018-11-14 03:25 - 000000000 ____D C:\Users\d\AppData\Roaming\obs-studio-node-server
2018-11-14 03:23 - 2018-11-15 04:49 - 000000000 ____D C:\Users\d\AppData\Roaming\slobs-client
2018-11-14 03:23 - 2018-11-14 03:23 - 000000000 ____D C:\Users\d\AppData\Roaming\Streamlabs OBS
2018-11-12 11:03 - 2018-11-12 11:03 - 000000000 ____D C:\Users\d\AppData\Local\Comms
2018-11-12 11:01 - 2018-11-12 11:01 - 000000000 ____D C:\Users\d\AppData\Local\Speech Graphics
2018-11-12 10:59 - 2018-11-12 10:59 - 000000000 ___HD C:\Users\d\Ap
2018-11-12 10:53 - 2018-11-12 10:53 - 000000000 ____D C:\Users\d\AppData\Local\NVIDIA Corporation
2018-11-12 10:52 - 2018-11-12 10:52 - 000000000 ____D C:\Users\d\AppData\Roaming\EasyAntiCheat
2018-11-12 10:52 - 2018-11-12 10:52 - 000000000 ____D C:\Users\d\AppData\Local\FortniteGame
2018-11-12 10:48 - 2018-11-19 16:56 - 000000000 ____D C:\Users\d\AppData\Roaming\Canon
2018-11-12 10:48 - 2018-11-13 10:48 - 000003370 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3065739905-2526270316-2055778871-1005
2018-11-12 10:48 - 2018-11-13 10:48 - 000002355 _____ C:\Users\d\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-12 10:48 - 2018-11-13 10:48 - 000000000 ___RD C:\Users\d\OneDrive
2018-11-12 10:48 - 2018-11-12 10:48 - 000000000 ____D C:\Users\d\AppData\Local\UnrealEngineLauncher
2018-11-12 10:48 - 2018-11-12 10:48 - 000000000 ____D C:\Users\d\AppData\Local\UnrealEngine
2018-11-12 10:48 - 2018-11-12 10:48 - 000000000 ____D C:\Users\d\AppData\Local\EpicGamesLauncher
2018-11-12 10:48 - 2018-11-12 10:48 - 000000000 ____D C:\Users\d\AppData\Local\CEF
2018-11-12 10:47 - 2018-11-22 03:03 - 000000000 ____D C:\Users\d
2018-11-12 10:47 - 2018-11-22 01:29 - 000000000 ____D C:\Users\d\AppData\LocalLow\Mozilla
2018-11-12 10:47 - 2018-11-13 10:46 - 000000000 ____D C:\Users\d\AppData\Local\Packages
2018-11-12 10:47 - 2018-11-12 10:47 - 000000020 ___SH C:\Users\d\ntuser.ini
2018-11-12 10:47 - 2018-11-12 10:47 - 000000000 ____D C:\Users\d\AppData\Roaming\Mozilla
2018-11-12 10:47 - 2018-11-12 10:47 - 000000000 ____D C:\Users\d\AppData\Roaming\Adobe
2018-11-12 10:47 - 2018-11-12 10:47 - 000000000 ____D C:\Users\d\AppData\Local\VirtualStore
2018-11-12 10:47 - 2018-11-12 10:47 - 000000000 ____D C:\Users\d\AppData\Local\TileDataLayer
2018-11-12 10:47 - 2018-11-12 10:47 - 000000000 ____D C:\Users\d\AppData\Local\Publishers
2018-11-12 10:47 - 2018-11-12 10:47 - 000000000 ____D C:\Users\d\AppData\Local\Mozilla
2018-11-12 10:47 - 2018-11-12 10:47 - 000000000 ____D C:\Users\d\AppData\Local\ConnectedDevicesPlatform
2018-11-12 10:40 - 2018-11-12 10:40 - 000003370 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3065739905-2526270316-2055778871-1004
2018-11-12 10:39 - 2018-11-12 10:40 - 000002355 _____ C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-12 10:39 - 2018-11-12 10:40 - 000000000 ___RD C:\Users\a\OneDrive
2018-11-12 10:39 - 2018-11-12 10:39 - 000000000 ____D C:\Users\a\AppData\Roaming\Mozilla
2018-11-12 10:39 - 2018-11-12 10:39 - 000000000 ____D C:\Users\a\AppData\Roaming\Canon
2018-11-12 10:39 - 2018-11-12 10:39 - 000000000 ____D C:\Users\a\AppData\LocalLow\Mozilla
2018-11-12 10:39 - 2018-11-12 10:39 - 000000000 ____D C:\Users\a\AppData\Local\UnrealEngineLauncher
2018-11-12 10:39 - 2018-11-12 10:39 - 000000000 ____D C:\Users\a\AppData\Local\UnrealEngine
2018-11-12 10:39 - 2018-11-12 10:39 - 000000000 ____D C:\Users\a\AppData\Local\Mozilla
2018-11-12 10:39 - 2018-11-12 10:39 - 000000000 ____D C:\Users\a\AppData\Local\EpicGamesLauncher
2018-11-12 10:39 - 2018-11-12 10:39 - 000000000 ____D C:\Users\a\AppData\Local\CEF
2018-11-12 10:38 - 2018-11-12 10:47 - 000000000 ____D C:\Users\a
2018-11-12 10:38 - 2018-11-12 10:40 - 000000000 ____D C:\Users\a\AppData\Local\Packages
2018-11-12 10:38 - 2018-11-12 10:38 - 000000020 ___SH C:\Users\a\ntuser.ini
2018-11-12 10:38 - 2018-11-12 10:38 - 000000000 ____D C:\Users\a\AppData\Roaming\Adobe
2018-11-12 10:38 - 2018-11-12 10:38 - 000000000 ____D C:\Users\a\AppData\Local\VirtualStore
2018-11-12 10:38 - 2018-11-12 10:38 - 000000000 ____D C:\Users\a\AppData\Local\TileDataLayer
2018-11-12 10:38 - 2018-11-12 10:38 - 000000000 ____D C:\Users\a\AppData\Local\Publishers
2018-11-12 10:38 - 2018-11-12 10:38 - 000000000 ____D C:\Users\a\AppData\Local\ConnectedDevicesPlatform
2018-11-12 08:42 - 2018-11-12 08:42 - 000000000 ___HD C:\Users\c\Ap
2018-11-12 08:39 - 2018-11-12 08:39 - 000000000 ____D C:\Users\c\AppData\Local\Comms
2018-11-12 08:37 - 2018-11-12 08:37 - 000000000 ____D C:\Users\c\AppData\Local\MicrosoftEdge
2018-11-12 08:36 - 2018-11-12 08:36 - 000000000 ____D C:\Users\c\AppData\Local\NVIDIA Corporation
2018-11-12 08:35 - 2018-11-12 08:35 - 000000000 ____D C:\Users\c\AppData\Roaming\EasyAntiCheat
2018-11-12 08:35 - 2018-11-12 08:35 - 000000000 ____D C:\Users\c\AppData\Local\FortniteGame
2018-11-12 08:27 - 2018-11-12 08:27 - 000000314 _____ C:\Users\c\Desktop\Fortnite.url
2018-11-12 08:26 - 2018-11-12 09:26 - 000000000 ____D C:\Users\c\AppData\LocalLow\Mozilla
2018-11-12 08:26 - 2018-11-12 08:26 - 000000000 ____D C:\Users\c\AppData\Roaming\Mozilla
2018-11-12 08:26 - 2018-11-12 08:26 - 000000000 ____D C:\Users\c\AppData\Local\Mozilla
2018-11-12 08:24 - 2018-11-12 08:24 - 000003370 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3065739905-2526270316-2055778871-1003
2018-11-12 08:23 - 2018-11-12 09:59 - 000000000 ____D C:\Users\c
2018-11-12 08:23 - 2018-11-12 08:53 - 000000000 ____D C:\Users\c\AppData\Local\Packages
2018-11-12 08:23 - 2018-11-12 08:53 - 000000000 ____D C:\Users\c\AppData\Local\ConnectedDevicesPlatform
2018-11-12 08:23 - 2018-11-12 08:24 - 000002355 _____ C:\Users\c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-12 08:23 - 2018-11-12 08:24 - 000000000 ___RD C:\Users\c\OneDrive
2018-11-12 08:23 - 2018-11-12 08:23 - 000000020 ___SH C:\Users\c\ntuser.ini
2018-11-12 08:23 - 2018-11-12 08:23 - 000000000 ____D C:\Users\c\AppData\Roaming\Canon
2018-11-12 08:23 - 2018-11-12 08:23 - 000000000 ____D C:\Users\c\AppData\Roaming\Adobe
2018-11-12 08:23 - 2018-11-12 08:23 - 000000000 ____D C:\Users\c\AppData\Local\VirtualStore
2018-11-12 08:23 - 2018-11-12 08:23 - 000000000 ____D C:\Users\c\AppData\Local\UnrealEngineLauncher
2018-11-12 08:23 - 2018-11-12 08:23 - 000000000 ____D C:\Users\c\AppData\Local\UnrealEngine
2018-11-12 08:23 - 2018-11-12 08:23 - 000000000 ____D C:\Users\c\AppData\Local\TileDataLayer
2018-11-12 08:23 - 2018-11-12 08:23 - 000000000 ____D C:\Users\c\AppData\Local\Publishers
2018-11-12 08:23 - 2018-11-12 08:23 - 000000000 ____D C:\Users\c\AppData\Local\EpicGamesLauncher
2018-11-12 08:23 - 2018-11-12 08:23 - 000000000 ____D C:\Users\c\AppData\Local\CEF
2018-11-11 05:09 - 2018-11-11 05:09 - 000000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2018-11-11 05:09 - 2018-11-11 05:09 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-11-11 04:52 - 2018-11-11 04:52 - 038652496 _____ (Mozilla) C:\Users\f\Downloads\Firefox%20Setup%2056.0.2.exe
2018-11-10 15:09 - 2018-11-10 15:09 - 000000000 ____D C:\Users\f\AppData\Roaming\FastStone
2018-11-10 00:54 - 2018-11-10 00:54 - 000000000 ____D C:\Users\b\AppData\Roaming\Macromedia
2018-11-10 00:31 - 2018-11-12 10:00 - 000000000 ____D C:\Users\b\Desktop\pornhub
2018-11-10 00:26 - 2018-11-10 00:26 - 039358112 _____ (Mozilla) C:\Users\b\Downloads\Firefox Setup 56.0.1.exe
2018-11-09 07:54 - 2018-11-09 07:54 - 000000000 ____D C:\Users\f\AppData\Local\Rekenwonder_Software
2018-11-09 07:50 - 2018-11-09 07:51 - 000000000 ____D C:\Users\f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Junction Link Magic
2018-11-09 07:50 - 2018-11-09 07:50 - 000000000 ____D C:\Program Files\Rekenwonder Software
2018-11-09 07:49 - 2018-11-09 07:49 - 000348981 _____ ( ) C:\Users\b\Downloads\linkmagic2(1).exe
2018-11-09 07:14 - 2018-11-09 07:14 - 000000000 ____D C:\Users\b\AppData\Roaming\FastStone
2018-11-09 07:11 - 2018-11-09 07:11 - 000001196 _____ C:\Users\Public\Desktop\FastStone Image Viewer.lnk
2018-11-09 07:11 - 2018-11-09 07:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
2018-11-09 07:11 - 2018-11-09 07:11 - 000000000 ____D C:\Program Files (x86)\FastStone Image Viewer
2018-11-09 07:10 - 2018-11-09 07:10 - 006996237 _____ C:\Users\b\Downloads\FSViewerSetup67.exe
2018-11-08 11:10 - 2018-11-08 11:10 - 000348981 _____ ( ) C:\Users\b\Downloads\linkmagic2.exe
2018-11-07 11:17 - 2018-10-10 00:17 - 007910048 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-11-07 11:17 - 2018-10-10 00:16 - 000627184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2018-11-07 11:17 - 2018-10-10 00:16 - 000367608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2018-11-07 11:17 - 2018-10-10 00:05 - 001618880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-11-07 11:17 - 2018-10-09 23:59 - 000115208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinelsa.dll
2018-11-07 11:17 - 2018-10-09 23:58 - 006768896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-07 11:17 - 2018-10-09 23:56 - 000124648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-11-07 11:17 - 2018-10-09 23:44 - 020525568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2018-11-07 11:17 - 2018-10-09 23:44 - 013849600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2018-11-07 11:17 - 2018-10-09 23:44 - 002949120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2018-11-07 11:17 - 2018-10-09 23:44 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-11-07 11:17 - 2018-10-09 23:43 - 002199552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2018-11-07 11:17 - 2018-10-09 23:42 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-11-07 11:17 - 2018-10-09 23:41 - 012264448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-11-07 11:17 - 2018-10-09 23:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2018-11-07 11:17 - 2018-10-09 23:39 - 019356672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-11-07 11:17 - 2018-10-09 23:39 - 000588800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2018-11-07 11:17 - 2018-10-09 23:39 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2018-11-07 11:17 - 2018-10-09 23:37 - 001233408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2018-11-07 11:17 - 2018-10-09 23:37 - 000397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-11-07 11:17 - 2018-10-09 23:35 - 006257664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2018-11-07 11:17 - 2018-10-09 23:34 - 002341376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2018-11-07 11:17 - 2018-10-09 23:33 - 004558848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2018-11-07 11:17 - 2018-10-09 23:33 - 001627648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-11-07 11:17 - 2018-10-09 21:14 - 000804288 _____ C:\Windows\SysWOW64\locale.nls
2018-11-07 11:17 - 2018-10-09 21:14 - 000804288 _____ C:\Windows\system32\locale.nls
2018-11-07 11:16 - 2018-10-10 05:58 - 000017806 ____R C:\Windows\system32\CaptureToast.hcp
2018-11-07 11:16 - 2018-10-10 05:57 - 000125015 ____R C:\Windows\system32\CaptureCountdown.hcp
2018-11-07 11:16 - 2018-10-10 05:57 - 000119017 ____R C:\Windows\system32\CaptureBrackets.hcp
2018-11-07 11:16 - 2018-10-10 05:53 - 001161216 ____R (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.Internal.Capture.UX.dll
2018-11-07 11:16 - 2018-10-10 00:29 - 001610744 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-11-07 11:16 - 2018-10-10 00:29 - 000309752 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-11-07 11:16 - 2018-10-10 00:29 - 000144888 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-11-07 11:16 - 2018-10-10 00:28 - 000451896 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-11-07 11:16 - 2018-10-10 00:28 - 000069944 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2018-11-07 11:16 - 2018-10-10 00:27 - 002868728 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-11-07 11:16 - 2018-10-10 00:27 - 000966968 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
2018-11-07 11:16 - 2018-10-10 00:27 - 000823096 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
2018-11-07 11:16 - 2018-10-10 00:27 - 000792376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-11-07 11:16 - 2018-10-10 00:27 - 000751168 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2018-11-07 11:16 - 2018-10-10 00:27 - 000689656 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-11-07 11:16 - 2018-10-10 00:27 - 000612152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-11-07 11:16 - 2018-10-10 00:27 - 000480760 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2018-11-07 11:16 - 2018-10-10 00:27 - 000077112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2018-11-07 11:16 - 2018-10-10 00:27 - 000035128 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2018-11-07 11:16 - 2018-10-10 00:26 - 001199416 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2018-11-07 11:16 - 2018-10-10 00:26 - 001039160 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2018-11-07 11:16 - 2018-10-10 00:26 - 000445752 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-11-07 11:16 - 2018-10-10 00:24 - 000137016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-11-07 11:16 - 2018-10-10 00:23 - 008320824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-11-07 11:16 - 2018-10-10 00:23 - 001930728 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-11-07 11:16 - 2018-10-10 00:22 - 000170808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-11-07 11:16 - 2018-10-10 00:21 - 000528376 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2018-11-07 11:16 - 2018-10-10 00:21 - 000182008 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-11-07 11:16 - 2018-10-10 00:19 - 000741888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2018-11-07 11:16 - 2018-10-10 00:19 - 000666120 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll
2018-11-07 11:16 - 2018-10-10 00:18 - 000872568 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2018-11-07 11:16 - 2018-10-10 00:18 - 000643800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-11-07 11:16 - 2018-10-10 00:18 - 000545784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2018-11-07 11:16 - 2018-10-10 00:18 - 000128544 _____ (Microsoft Corporation) C:\Windows\system32\offlinelsa.dll
2018-11-07 11:16 - 2018-10-10 00:17 - 000094712 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2018-11-07 11:16 - 2018-10-10 00:15 - 000058584 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-11-07 11:16 - 2018-10-09 23:49 - 023689728 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2018-11-07 11:16 - 2018-10-09 23:33 - 003665408 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2018-11-07 11:16 - 2018-10-09 23:32 - 017373184 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2018-11-07 11:16 - 2018-10-09 23:32 - 000123392 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-11-07 11:16 - 2018-10-09 23:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2018-11-07 11:16 - 2018-10-09 23:31 - 002199552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2018-11-07 11:16 - 2018-10-09 23:30 - 013429760 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-11-07 11:16 - 2018-10-09 23:30 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2018-11-07 11:16 - 2018-10-09 23:30 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2018-11-07 11:16 - 2018-10-09 23:30 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2018-11-07 11:16 - 2018-10-09 23:30 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-11-07 11:16 - 2018-10-09 23:30 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-11-07 11:16 - 2018-10-09 23:29 - 000379392 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2018-11-07 11:16 - 2018-10-09 23:29 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2018-11-07 11:16 - 2018-10-09 23:28 - 023700992 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-11-07 11:16 - 2018-10-09 23:28 - 000457728 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2018-11-07 11:16 - 2018-10-09 23:28 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-11-07 11:16 - 2018-10-09 23:27 - 001580544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2018-11-07 11:16 - 2018-10-09 23:27 - 000613376 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2018-11-07 11:16 - 2018-10-09 23:26 - 001803264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-11-07 11:16 - 2018-10-09 23:25 - 008166912 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2018-11-07 11:16 - 2018-10-09 23:25 - 004208640 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2018-11-07 11:16 - 2018-10-09 23:25 - 000487424 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-11-07 11:16 - 2018-10-09 23:23 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-11-07 11:16 - 2018-10-09 23:22 - 002830848 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2018-11-07 11:16 - 2018-10-09 23:22 - 002449408 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-11-07 11:16 - 2018-10-09 23:22 - 002052608 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2018-11-07 11:16 - 2018-10-09 23:22 - 001886720 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2018-11-07 11:16 - 2018-10-09 23:22 - 001886720 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2018-11-07 11:16 - 2018-10-09 23:21 - 005557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2018-11-07 11:16 - 2018-10-09 23:21 - 002516992 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2018-11-07 11:16 - 2018-10-09 23:21 - 000408064 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2018-11-07 11:16 - 2018-10-09 23:20 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2018-11-07 11:16 - 2018-10-09 23:19 - 000985600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2018-11-07 11:16 - 2018-10-09 23:17 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2018-11-07 11:16 - 2018-10-09 23:16 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2018-11-07 11:16 - 2018-10-09 23:16 - 000012800 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2018-11-06 12:16 - 2018-11-06 12:16 - 000000000 ____D C:\Users\b\AppData\Roaming\slobs-plugins
2018-11-04 06:36 - 2018-11-04 06:36 - 000001265 _____ C:\Users\b\Desktop\PhotoStage Slideshow Producer.lnk
2018-11-04 06:36 - 2018-11-04 06:36 - 000001251 _____ C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoStage Slideshow Producer.lnk
2018-11-03 00:53 - 2018-11-06 14:26 - 000000000 ____D C:\Windows\System32\Tasks\NCH Software
2018-11-03 00:53 - 2018-11-04 06:36 - 000002239 _____ C:\Users\b\Desktop\NCH Suite.lnk
2018-11-03 00:53 - 2018-11-04 06:36 - 000000000 ____D C:\Users\b\AppData\Roaming\NCH Software
2018-11-03 00:53 - 2018-11-04 06:36 - 000000000 ____D C:\ProgramData\NCH Software
2018-11-03 00:53 - 2018-11-03 17:09 - 000001247 _____ C:\Users\b\Desktop\Pixillion Image Converter.lnk
2018-11-03 00:53 - 2018-11-03 17:09 - 000001233 _____ C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pixillion Image Converter.lnk
2018-11-03 00:53 - 2018-11-03 00:53 - 000002169 _____ C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Suite.lnk
2018-11-03 00:44 - 2018-11-03 00:44 - 000916512 _____ (NCH Software) C:\Users\b\Downloads\pixpsetup.exe
2018-11-02 07:46 - 2018-11-02 07:46 - 000000000 ____D C:\Users\b\Documents\Rockstar Games
2018-11-02 07:46 - 2018-11-02 07:46 - 000000000 ____D C:\Users\b\AppData\Local\Rockstar Games
2018-11-02 02:50 - 2018-11-22 05:32 - 000281688 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2018-11-02 02:50 - 2018-11-02 02:50 - 000000000 ____D C:\Users\f\AppData\Local\PunkBuster
2018-11-02 02:49 - 2018-11-02 02:49 - 000000000 ____D C:\ProgramData\Orbit
2018-11-01 17:04 - 2018-11-22 05:32 - 000281688 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2018-11-01 17:04 - 2018-11-20 12:46 - 000281688 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2018-11-01 17:04 - 2018-11-01 17:04 - 000076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2018-11-01 17:04 - 2018-11-01 17:04 - 000000725 _____ C:\Users\f\Desktop\Far Cry 3.lnk
2018-11-01 17:04 - 2018-11-01 17:04 - 000000000 ____D C:\Users\f\AppData\Roaming\Far Cry 3
2018-11-01 17:04 - 2018-11-01 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2018-11-01 17:04 - 2018-07-07 08:23 - 003190168 ____R C:\Windows\SysWOW64\pb.exe
2018-11-01 15:12 - 2018-11-01 15:12 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2018-11-01 15:11 - 2018-11-01 15:11 - 000000000 ____D C:\Program Files\Rockstar Games
2018-11-01 14:50 - 2018-11-01 14:50 - 000000407 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
2018-11-01 14:50 - 2018-11-01 14:50 - 000000407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto V.lnk
2018-11-01 14:48 - 2018-11-01 14:48 - 000000000 ____D C:\Users\f\Documents\Rockstar Games
2018-11-01 14:48 - 2018-11-01 14:48 - 000000000 ____D C:\Users\f\AppData\Local\Rockstar Games
2018-11-01 14:47 - 2018-11-01 14:47 - 000000000 ____D C:\ProgramData\Steam
2018-11-01 14:47 - 2018-11-01 14:47 - 000000000 ____D C:\ProgramData\Socialclub
2018-11-01 14:07 - 2010-06-02 03:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2018-11-01 14:07 - 2010-06-02 03:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2018-11-01 14:07 - 2010-02-04 09:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2018-11-01 14:07 - 2010-02-04 09:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2018-11-01 14:07 - 2010-02-04 09:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2018-11-01 14:07 - 2010-02-04 09:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2018-11-01 14:07 - 2010-02-04 09:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2018-11-01 14:07 - 2010-02-04 09:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2018-11-01 14:07 - 2009-09-04 16:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2018-11-01 14:07 - 2009-09-04 16:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2018-11-01 14:07 - 2009-09-04 16:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2018-11-01 14:07 - 2009-09-04 16:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2018-11-01 14:07 - 2009-09-04 16:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2018-11-01 14:07 - 2009-09-04 16:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2018-11-01 14:07 - 2009-09-04 16:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2018-11-01 14:07 - 2009-09-04 16:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2018-11-01 14:07 - 2009-09-04 16:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2018-11-01 14:07 - 2009-09-04 16:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2018-11-01 14:07 - 2009-09-04 16:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2018-11-01 14:07 - 2009-09-04 16:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2018-11-01 14:07 - 2009-09-04 16:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2018-11-01 14:07 - 2009-09-04 16:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2018-11-01 14:07 - 2009-09-04 16:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2018-11-01 14:07 - 2009-09-04 16:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2018-11-01 14:07 - 2009-03-16 13:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2018-11-01 14:07 - 2009-03-16 13:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2018-11-01 14:07 - 2009-03-16 13:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2018-11-01 14:07 - 2009-03-16 13:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2018-11-01 14:07 - 2009-03-16 13:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2018-11-01 14:07 - 2009-03-16 13:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2018-11-01 14:07 - 2009-03-09 14:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2018-11-01 14:07 - 2009-03-09 14:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2018-11-01 14:07 - 2009-03-09 14:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2018-11-01 14:07 - 2009-03-09 14:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2018-11-01 14:07 - 2009-03-09 14:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2018-11-01 14:07 - 2009-03-09 14:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2018-11-01 14:07 - 2008-10-27 09:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2018-11-01 14:07 - 2008-10-27 09:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2018-11-01 14:07 - 2008-10-27 09:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2018-11-01 14:07 - 2008-10-27 09:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2018-11-01 14:07 - 2008-10-27 09:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2018-11-01 14:07 - 2008-10-27 09:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2018-11-01 14:07 - 2008-10-27 09:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2018-11-01 14:07 - 2008-10-27 09:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2018-11-01 14:07 - 2008-10-10 03:52 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2018-11-01 14:07 - 2008-10-10 03:52 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2018-11-01 14:07 - 2008-10-10 03:52 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2018-11-01 14:07 - 2008-10-10 03:52 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2018-11-01 14:07 - 2008-10-10 03:52 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2018-11-01 14:07 - 2008-10-10 03:52 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2018-11-01 14:06 - 2008-07-31 09:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2018-11-01 14:06 - 2008-07-31 09:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2018-11-01 14:06 - 2008-07-31 09:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2018-11-01 14:06 - 2008-07-31 09:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2018-11-01 14:06 - 2008-07-31 09:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2018-11-01 14:06 - 2008-07-31 09:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2018-11-01 14:06 - 2008-07-10 10:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2018-11-01 14:06 - 2008-07-10 10:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2018-11-01 14:06 - 2008-07-10 10:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2018-11-01 14:06 - 2008-07-10 10:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2018-11-01 14:06 - 2008-07-10 10:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2018-11-01 14:06 - 2008-07-10 10:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2018-11-01 14:06 - 2008-05-30 13:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2018-11-01 14:06 - 2008-05-30 13:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2018-11-01 14:06 - 2008-05-30 13:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2018-11-01 14:06 - 2008-05-30 13:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2018-11-01 14:06 - 2008-05-30 13:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2018-11-01 14:06 - 2008-05-30 13:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2018-11-01 14:06 - 2008-05-30 13:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2018-11-01 14:06 - 2008-05-30 13:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2018-11-01 14:06 - 2008-05-30 13:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2018-11-01 14:06 - 2008-05-30 13:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2018-11-01 14:06 - 2008-05-30 13:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2018-11-01 14:06 - 2008-05-30 13:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2018-11-01 14:06 - 2008-05-30 13:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2018-11-01 14:06 - 2008-05-30 13:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2018-11-01 14:06 - 2008-03-05 15:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2018-11-01 14:06 - 2008-03-05 15:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2018-11-01 14:06 - 2008-03-05 15:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2018-11-01 14:06 - 2008-03-05 15:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2018-11-01 14:06 - 2008-03-05 15:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2018-11-01 14:06 - 2008-03-05 15:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2018-11-01 14:06 - 2008-03-05 14:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2018-11-01 14:06 - 2008-03-05 14:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2018-11-01 14:06 - 2008-03-05 14:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2018-11-01 14:06 - 2008-03-05 14:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2018-11-01 14:06 - 2008-02-05 22:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2018-11-01 14:06 - 2008-02-05 22:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2018-11-01 14:06 - 2007-10-22 02:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2018-11-01 14:06 - 2007-10-22 02:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2018-11-01 14:06 - 2007-10-22 02:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2018-11-01 14:06 - 2007-10-22 02:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2018-11-01 14:06 - 2007-10-12 14:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2018-11-01 14:06 - 2007-10-12 14:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2018-11-01 14:06 - 2007-10-12 14:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2018-11-01 14:06 - 2007-10-12 14:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2018-11-01 14:06 - 2007-10-02 08:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2018-11-01 14:06 - 2007-10-02 08:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2018-11-01 14:06 - 2007-07-19 23:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2018-11-01 14:06 - 2007-07-19 23:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2018-11-01 14:06 - 2007-07-19 17:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2018-11-01 14:06 - 2007-07-19 17:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2018-11-01 14:06 - 2007-07-19 17:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2018-11-01 14:06 - 2007-07-19 17:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2018-11-01 14:06 - 2007-07-19 17:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2018-11-01 14:06 - 2007-07-19 17:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2018-11-01 14:06 - 2007-06-20 19:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2018-11-01 14:06 - 2007-06-20 19:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2018-11-01 14:06 - 2007-05-16 15:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2018-11-01 14:06 - 2007-05-16 15:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2018-11-01 14:06 - 2007-05-16 15:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2018-11-01 14:06 - 2007-05-16 15:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2018-11-01 14:06 - 2007-05-16 15:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2018-11-01 14:06 - 2007-05-16 15:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2018-11-01 14:06 - 2007-04-04 17:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2018-11-01 14:06 - 2007-04-04 17:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2018-11-01 14:06 - 2007-03-15 15:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2018-11-01 14:06 - 2007-03-15 15:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2018-11-01 14:06 - 2007-03-12 15:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2018-11-01 14:06 - 2007-03-12 15:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2018-11-01 14:06 - 2007-03-12 15:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2018-11-01 14:06 - 2007-03-12 15:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2018-11-01 14:06 - 2007-03-05 11:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2018-11-01 14:06 - 2007-03-05 11:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2018-11-01 14:06 - 2007-01-24 14:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2018-11-01 14:06 - 2007-01-24 14:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2018-11-01 14:06 - 2006-12-08 11:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2018-11-01 14:06 - 2006-12-08 11:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2018-11-01 14:06 - 2006-11-29 12:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2018-11-01 14:06 - 2006-11-29 12:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2018-11-01 14:06 - 2006-11-29 12:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2018-11-01 14:06 - 2006-11-29 12:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2018-11-01 14:06 - 2006-09-28 15:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2018-11-01 14:06 - 2006-09-28 15:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2018-11-01 14:06 - 2006-09-28 15:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2018-11-01 14:06 - 2006-09-28 15:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2018-11-01 14:06 - 2006-07-28 08:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2018-11-01 14:06 - 2006-07-28 08:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2018-11-01 14:06 - 2006-07-28 08:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2018-11-01 14:06 - 2006-07-28 08:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2018-11-01 14:06 - 2006-05-31 06:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2018-11-01 14:06 - 2006-05-31 06:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2018-11-01 14:06 - 2006-03-31 11:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2018-11-01 14:06 - 2006-03-31 11:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2018-11-01 14:06 - 2006-03-31 11:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2018-11-01 14:06 - 2006-03-31 11:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2018-11-01 14:06 - 2006-03-31 11:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2018-11-01 14:06 - 2006-03-31 11:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2018-11-01 14:06 - 2006-02-03 07:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2018-11-01 14:06 - 2006-02-03 07:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2018-11-01 14:06 - 2006-02-03 07:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2018-11-01 14:06 - 2006-02-03 07:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2018-11-01 14:06 - 2006-02-03 07:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2018-11-01 14:06 - 2006-02-03 07:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2018-11-01 14:06 - 2005-12-05 17:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2018-11-01 14:06 - 2005-12-05 17:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2018-11-01 14:06 - 2005-07-22 18:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2018-11-01 14:06 - 2005-07-22 18:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2018-11-01 14:06 - 2005-05-26 14:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2018-11-01 14:06 - 2005-05-26 14:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2018-11-01 14:06 - 2005-03-18 16:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2018-11-01 14:06 - 2005-03-18 16:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2018-11-01 14:06 - 2005-02-05 18:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2018-11-01 14:06 - 2005-02-05 18:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2018-11-01 13:50 - 2018-11-01 14:07 - 000000000 ____D C:\Windows\SysWOW64\directx
2018-11-01 13:05 - 2018-11-01 13:20 - 000000000 ____D C:\Users\f\Downloads\TES V Skyrim repack Mr DJ
2018-11-01 13:05 - 2018-11-01 13:06 - 001390150 _____ C:\Users\f\Downloads\The Elder Scrolls V Skyrim Legendary Edition repack Mr DJ.zip.part
2018-11-01 13:05 - 2018-11-01 13:05 - 020880832 _____ (BitTorrent, Inc.) C:\Users\f\Downloads\utweb_installer(1).exe
2018-11-01 13:05 - 2018-11-01 13:05 - 000000000 _____ C:\Users\f\Downloads\The Elder Scrolls V Skyrim Legendary Edition repack Mr DJ.zip
2018-11-01 13:02 - 2018-11-23 14:14 - 000000000 ____D C:\Users\f\AppData\Roaming\uTorrent Web
2018-11-01 13:02 - 2018-11-01 13:02 - 000001859 _____ C:\Users\f\Desktop\uTorrent Web.lnk
2018-11-01 13:02 - 2018-11-01 13:02 - 000001845 _____ C:\Users\f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk
2018-11-01 13:02 - 2018-11-01 13:02 - 000000000 ____D C:\Users\f\AppData\Roaming\Lavasoft
2018-11-01 13:02 - 2018-11-01 13:02 - 000000000 ____D C:\Users\f\AppData\Local\Lavasoft
2018-11-01 13:02 - 2018-11-01 13:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-11-01 13:02 - 2018-11-01 13:02 - 000000000 ____D C:\ProgramData\Lavasoft
2018-11-01 13:02 - 2018-11-01 13:02 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2018-11-01 12:36 - 2018-11-01 12:37 - 020880832 _____ (BitTorrent, Inc.) C:\Users\f\Downloads\utweb_installer.exe
2018-11-01 10:22 - 2018-11-01 10:22 - 000000000 ____D C:\Users\b\AppData\Local\Speech Graphics
2018-11-01 09:18 - 2018-11-01 09:18 - 000000000 ____D C:\Users\f\AppData\Local\Speech Graphics
2018-11-01 08:46 - 2018-11-01 08:46 - 000665048 _____ (Mc & RENOX technologies - www.mcrenox.com.ar) C:\Users\f\Downloads\Bmp2Jpg.exe
2018-11-01 08:44 - 2018-11-01 08:44 - 000086763 _____ C:\Users\f\Documents\IMG_20181101_0001.pdf
2018-10-31 15:15 - 2018-10-31 15:16 - 000006087 _____ C:\Users\f\Downloads\Fallout 4.zip
2018-10-26 01:52 - 2018-10-26 01:52 - 000000000 ____D C:\Users\f\AppData\Local\DBG
2018-10-26 01:52 - 2018-10-26 01:52 - 000000000 ____D C:\Users\f\AppData\Local\CrashReportClient

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-23 13:43 - 2018-09-14 17:15 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-11-23 09:47 - 2018-09-14 17:18 - 000000000 ____D C:\Users\f
2018-11-23 09:45 - 2018-09-14 18:40 - 000000000 ____D C:\Users\f\AppData\LocalLow\Mozilla
2018-11-23 09:44 - 2018-09-27 05:38 - 000000000 ____D C:\Program Files (x86)\Steam
2018-11-23 02:15 - 2018-09-15 19:19 - 000000000 ____D C:\Users\b
2018-11-23 02:15 - 2018-09-14 18:51 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-22 23:04 - 2017-03-18 13:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-22 23:04 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\AppReadiness
2018-11-22 22:59 - 2018-09-15 19:19 - 000000000 ____D C:\Users\b\AppData\LocalLow\Mozilla
2018-11-22 22:28 - 2018-09-18 10:03 - 000000000 ____D C:\Users\f\AppData\Roaming\slobs-client
2018-11-22 18:42 - 2018-09-15 19:19 - 000000000 ____D C:\ProgramData\Packages
2018-11-22 18:42 - 2018-09-14 17:18 - 000000000 ____D C:\Users\f\AppData\Local\Packages
2018-11-22 16:10 - 2018-09-14 17:21 - 001501562 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-22 16:04 - 2018-09-14 17:15 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-22 00:14 - 2017-03-18 03:40 - 002359296 _____ C:\Windows\system32\config\BBI
2018-11-21 10:45 - 2018-09-30 12:54 - 000004638 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-11-21 10:45 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-11-21 10:45 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\system32\Macromed
2018-11-20 14:22 - 2017-03-18 12:51 - 000000000 ____D C:\Windows\CbsTemp
2018-11-16 13:35 - 2017-03-18 13:06 - 000834960 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-11-16 13:35 - 2017-03-18 13:06 - 000179600 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-14 04:06 - 2018-09-14 21:31 - 000000000 ____D C:\Windows\system32\MRT
2018-11-14 04:05 - 2018-09-14 21:31 - 137810048 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-11-14 03:24 - 2018-09-18 10:03 - 000001964 _____ C:\Users\Public\Desktop\Streamlabs OBS.lnk
2018-11-14 03:24 - 2018-09-18 10:02 - 000000000 ____D C:\Program Files\Streamlabs OBS
2018-11-13 10:32 - 2018-09-30 12:54 - 000004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-11-12 10:47 - 2018-09-14 17:18 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-12 10:01 - 2018-09-14 17:18 - 000000000 ____D C:\Users\f\AppData\Local\ConnectedDevicesPlatform
2018-11-09 07:48 - 2018-09-14 19:08 - 000000000 ___DL C:\Program Files\Epic Games
2018-11-08 20:23 - 2017-03-18 13:03 - 000000000 ____D C:\Windows\rescache
2018-11-08 10:27 - 2018-09-15 19:20 - 000003370 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3065739905-2526270316-2055778871-1002
2018-11-08 10:27 - 2018-09-15 19:20 - 000002355 _____ C:\Users\b\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-08 10:27 - 2018-09-15 19:20 - 000000000 ___RD C:\Users\b\OneDrive
2018-11-08 08:02 - 2018-09-14 18:42 - 000003370 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3065739905-2526270316-2055778871-1001
2018-11-08 08:02 - 2018-09-14 17:20 - 000002355 _____ C:\Users\f\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-11-08 08:02 - 2018-09-14 17:20 - 000000000 ___RD C:\Users\f\OneDrive
2018-11-07 21:30 - 2017-03-18 13:01 - 000000000 ____D C:\Windows\INF
2018-11-07 21:08 - 2018-09-14 17:15 - 000386216 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-07 14:07 - 2017-03-18 18:36 - 000000000 ____D C:\Windows\HoloShell
2018-11-07 14:07 - 2017-03-18 13:03 - 000000000 ___SD C:\Windows\SysWOW64\F12
2018-11-07 14:07 - 2017-03-18 13:03 - 000000000 ___SD C:\Windows\system32\F12
2018-11-06 20:58 - 2018-09-23 07:12 - 000000000 ____D C:\Users\b\AppData\Roaming\vlc
2018-11-06 13:21 - 2018-09-23 07:15 - 000000000 ____D C:\Users\b\AppData\Roaming\slobs-client
2018-11-05 14:35 - 2018-09-18 10:11 - 000000000 ____D C:\Users\f\AppData\Roaming\vlc
2018-11-03 02:44 - 2018-10-02 09:50 - 000000000 ____D C:\Users\f\Documents\My Games
2018-11-01 13:02 - 2018-09-14 18:05 - 000000000 ____D C:\ProgramData\Package Cache
2018-11-01 08:44 - 2018-10-19 07:13 - 000000000 ___HD C:\ProgramData\CanonIJMIG
2018-11-01 08:44 - 2018-09-26 08:50 - 000000000 ____D C:\Users\f\AppData\Roaming\Canon
2018-11-01 08:44 - 2018-09-26 08:00 - 000000000 ____D C:\ProgramData\CanonIJPLM

Some files in TEMP:
====================
2018-09-14 19:00 - 2018-03-23 15:05 - 000374152 _____ (NVIDIA Corporation) C:\Users\f\AppData\Local\Temp\nvStInst.exe
2018-11-22 01:20 - 2018-11-22 01:20 - 000000000 _____ () C:\Users\f\AppData\Local\Temp\wcupdater.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-22 01:37

==================== End of FRST.txt ============================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.11.2018
Ran by f (23-11-2018 14:26:42)
Running from C:\Users\f\Downloads
Windows 10 Enterprise Evaluation Version 1703 15063.1418 (X64) (2018-09-15 01:17:09)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

a (S-1-5-21-3065739905-2526270316-2055778871-1004 - Limited - Enabled) => C:\Users\a
Administrator (S-1-5-21-3065739905-2526270316-2055778871-500 - Administrator - Disabled)
b (S-1-5-21-3065739905-2526270316-2055778871-1002 - Limited - Enabled) => C:\Users\b
c (S-1-5-21-3065739905-2526270316-2055778871-1003 - Limited - Enabled) => C:\Users\c
d (S-1-5-21-3065739905-2526270316-2055778871-1005 - Limited - Enabled) => C:\Users\d
DefaultAccount (S-1-5-21-3065739905-2526270316-2055778871-503 - Limited - Disabled)
f (S-1-5-21-3065739905-2526270316-2055778871-1001 - Administrator - Enabled) => C:\Users\f
Guest (S-1-5-21-3065739905-2526270316-2055778871-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Advanced Micro Devices, Inc.) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon TS5000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS5000_series) (Version: 1.02 - Canon Inc.)
Canon TS5000 series On-screen Manual (HKLM-x32\...\Canon TS5000 series On-screen Manual) (Version: 1.1.0 - Canon Inc.)
Canon TS5000 series User Registration (HKLM-x32\...\Canon TS5000 series User Registration) (Version: - ‭Canon Inc.)
Epic Games Launcher (HKLM-x32\...\{E7B62E3F-0F70-4119-89A2-28DE1C3873CC}) (Version: 1.1.163.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Far Cry 3 (HKLM-x32\...\Far Cry 3_R.G. Mechanics_is1) (Version: - R.G. Mechanics, Panky)
Far Cry 5 (HKLM-x32\...\{73B938C4-0DDA-448D-8E46-87401EA87339}_is1) (Version: - Ubisoft)
FastStone Image Viewer 6.7 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.7 - FastStone Soft)
Grand Theft Auto V (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Junction Link Magic 2.0 (HKLM\...\Junction Link Magic_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 6.1.2.1 (HKLM\...\{E5FC66AA-995A-488A-BEBE-8B5C351F939A}) (Version: 6.1.2.1 - The Document Foundation)
Microsoft OneDrive (HKU\S-1-5-21-3065739905-2526270316-2055778871-1001\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 56.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 56.0.2 (x64 en-US)) (Version: 56.0.2 - Mozilla)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
NVIDIA Graphics Driver 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8308 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.11.3 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.11.3 - General Workings, Inc.)
uTorrent Web (HKU\S-1-5-21-3065739905-2526270316-2055778871-1001\...\utweb) (Version: 0.18.2 - BitTorrent, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Web Companion (HKLM-x32\...\{433ce21a-0d85-4b63-80e8-49a76a598721}) (Version: 4.4.1950.3825 - Lavasoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-07-22] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-23] (NVIDIA Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {086016BB-7D21-49B7-92FB-84ADC2726057} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-21] (Adobe Systems Incorporated)
Task: {164AD942-9EDD-432A-A8F5-4AA7E2A05162} - System32\Tasks\S-1-5-21-3065739905-2526270316-2055778871-1002\DataSenseLiveTileTask => C:\Windows\System32\DataUsageLiveTileTask.exe [2018-06-07] (Microsoft Corporation)
Task: {270A0F8A-CA67-43C0-98F0-44925CB98D77} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [2018-11-21] (Adobe Systems Incorporated)
Task: {29233D35-4A94-46CB-B8B6-053D7E16D8F8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-22] (Microsoft Corporation)
Task: {AFB3E9BC-2420-4985-8E75-D0A3674C0098} - System32\Tasks\NCH Software\PhotoStageSevenDays => C:\Users\b\AppData\Roaming\NCH Software\Program Files\PhotoStage\PhotoStage.exe [2018-10-27] (NCH Software)
Task: {B7854007-458D-406A-8145-3021BEDC7579} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-22] (Microsoft Corporation)
Task: {E4CADA93-80A3-4DC4-B387-7886646CB17E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-22] (Microsoft Corporation)
Task: {F79721E3-189F-48D1-A197-4B7BC43F5CB1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-22] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-09-26 08:00 - 2018-03-15 19:06 - 000397472 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2018-11-01 17:04 - 2018-11-01 17:04 - 000076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2018-11-01 13:02 - 2018-11-22 01:20 - 000025888 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
2018-11-01 13:02 - 2018-11-22 01:20 - 000017696 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dll
2018-11-01 13:02 - 2018-11-22 01:20 - 000037664 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dll
2018-09-14 18:51 - 2018-03-23 15:02 - 000135136 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-18 12:58 - 2017-03-18 12:58 - 000138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
2018-09-14 21:28 - 2018-08-28 14:58 - 001730560 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-09-14 18:50 - 2018-09-14 18:50 - 098275328 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libcef.dll
2018-09-14 18:50 - 2018-09-14 18:50 - 003922432 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libGLESv2.dll
2018-09-14 18:50 - 2018-09-14 18:50 - 000092672 _____ () C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\ThirdParty\CEF3\Win64\libEGL.dll
2018-11-13 09:53 - 2018-11-13 09:53 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-11-13 09:53 - 2018-11-13 09:53 - 066031104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-09-14 19:29 - 2018-09-14 19:32 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-11-09 06:31 - 2018-11-09 06:31 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-11-09 06:31 - 2018-11-09 06:31 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-09 06:31 - 2018-11-09 06:31 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-09-14 19:29 - 2018-09-14 19:32 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-09-14 19:29 - 2018-09-14 19:32 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-09-14 19:29 - 2018-09-14 19:32 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-11-13 09:53 - 2018-11-13 09:53 - 014097920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-09 06:31 - 2018-11-09 06:31 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-11-13 09:53 - 2018-11-13 09:53 - 002863616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-09-14 19:29 - 2018-09-14 19:32 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-09-14 19:29 - 2018-09-14 19:32 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-14 19:29 - 2018-09-14 19:32 - 000043008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-11-09 06:31 - 2018-11-09 06:31 - 001410560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-09-14 19:29 - 2018-09-14 19:31 - 000621568 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Lumia.AppTk.SceneGraph.dll
2018-11-13 09:53 - 2018-11-13 09:53 - 000280576 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Photos.Viewer.Plugins.Native.dll
2018-09-14 19:29 - 2018-09-14 19:31 - 001007104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\IPP_UWP.dll
2018-11-09 06:31 - 2018-11-09 06:31 - 000655872 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.dll
2018-11-13 09:53 - 2018-11-13 09:53 - 000146432 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\SKU.dll
2018-11-05 21:32 - 2018-11-05 21:32 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-05 21:32 - 2018-11-05 21:32 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-05 21:32 - 2018-11-05 21:32 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-11-19 11:51 - 2018-11-19 11:52 - 001434192 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2018-09-14 19:31 - 2018-09-14 19:31 - 004601048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20106.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-21 18:02 - 2018-11-21 18:02 - 000175504 _____ () C:\Program Files\Epic Games\Fortnite\FortniteGame\Binaries\Win64\FortniteLauncher.exe
2018-11-01 13:02 - 2018-11-22 01:20 - 000120608 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll
2018-11-01 13:02 - 2018-11-22 01:20 - 000105248 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2018-11-01 13:02 - 2018-11-22 01:20 - 000373536 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2018-11-01 13:02 - 2018-11-22 01:20 - 000059168 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2018-11-01 13:02 - 2018-11-22 01:20 - 000067360 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Events.dll
2018-11-01 13:02 - 2018-11-22 01:20 - 000084256 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll
2018-11-01 13:02 - 2018-11-22 01:20 - 000057632 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll
2018-09-06 12:29 - 2018-09-06 12:29 - 000852992 _____ () C:\Users\f\AppData\Roaming\uTorrent Web\avformat-57.dll
2018-09-06 12:29 - 2018-09-06 12:29 - 000465408 _____ () C:\Users\f\AppData\Roaming\uTorrent Web\avutil-55.dll
2018-09-06 12:29 - 2018-09-06 12:29 - 001276928 _____ () C:\Users\f\AppData\Roaming\uTorrent Web\avcodec-57.dll
2018-09-06 12:29 - 2018-09-06 12:29 - 000152064 _____ () C:\Users\f\AppData\Roaming\uTorrent Web\swresample-2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WLMS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WLMS => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3065739905-2526270316-2055778871-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3065739905-2526270316-2055778871-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 13:03 - 2017-03-18 13:01 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3065739905-2526270316-2055778871-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{0C109CF1-8AFE-4C53-B079-573C9D44209F}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{C6BE873B-4F68-4292-82CB-EE3753128A0A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{E5CA1703-B2ED-4B5B-9294-25913CDDDD57}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{F56CFA73-342E-4639-9BDC-5DF3992A6C73}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{91E6FB69-D43B-447B-8813-588502395B0B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{299FF594-DCF2-4DAF-B54C-05AA55138101}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E4808B92-D930-4402-9F36-4A3BC0DAAC8E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{67F86432-762E-4D7B-8428-E4AAA41454C0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{400D6A1C-E195-4F5F-9677-2CC30E1D3A5E}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{3E51EB97-79FA-4B14-9B4E-AFDF45B70065}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{B4A767CA-716E-4512-A6EA-E9A80A121D1C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{A4A05BB3-796D-44AB-97AC-14E1EB178235}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{726406D2-9F1A-49A2-AD1F-6997D6EC8462}] => (Allow) C:\Users\f\AppData\Roaming\uTorrent Web\utweb.exe
FirewallRules: [{0C793826-B823-4604-AF73-8B04C3950E9A}] => (Allow) C:\Users\f\AppData\Roaming\uTorrent Web\utweb.exe
FirewallRules: [TCP Query User{200B58F2-67B8-4167-B8C9-32FEAA00F993}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{D9C70745-859F-410D-AF04-ED9F8AFE91EA}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe
FirewallRules: [{A17DDE6C-3237-4419-BF6B-C79E1F1C3558}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{757EC86E-1649-4081-8350-157E9963A2C0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3CEF8A37-2E67-4014-95D8-592FBF58ED18}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F8093EA1-64CA-4F7A-B2F5-365AF5B59759}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{F2ADC9C6-3F97-477E-A521-8062113C3EBA}D:\far cry 3\bin\farcry3.exe] => (Allow) D:\far cry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{23A61D73-CF97-444E-9DB5-F0671F7B513C}D:\far cry 3\bin\farcry3.exe] => (Allow) D:\far cry 3\bin\farcry3.exe
FirewallRules: [{0F5CB047-4595-48B9-A566-51F0ECA975E7}] => (Allow) D:\S_Lib\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{27122836-ED76-4F2A-82B8-E3909A6E03BE}] => (Allow) D:\S_Lib\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{658897EC-524B-484F-B4BA-A0729A4FB026}] => (Allow) D:\S_Lib\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{5DDF9BC0-039A-4535-AB75-0C140CAF6DE3}] => (Allow) D:\S_Lib\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [TCP Query User{A8A96ED7-B375-48E2-A8C3-F1BF924C1DCD}G:\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) G:\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{8A03E6D3-264E-4821-924B-3FA9778D1E1F}G:\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) G:\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{46A423C2-983A-405D-8971-93FEAE6634FC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{211C1693-523C-4048-AD05-1605C0F822DE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4529AD1F-AE1F-4289-94F1-F800CD74A3DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{508EC6A0-9135-488C-860B-7E081428ACBA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E6BB5B4A-3070-4CAC-9FA7-A3EB6B677479}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{84615963-0651-440B-83F0-6414F2786D3E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{0D9996D4-B9FE-4F47-8A70-E2FA16F20582}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E9397D84-ED43-4757-BF66-8C85167E9487}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{50A8C53F-4CDD-475D-8147-7DBC035B74AE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{60677F0E-A8F5-407D-BC1A-3C065B2A7135}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/21/2018 05:58:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-IHEBHBU)
Description: Activation of app Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/21/2018 05:58:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-IHEBHBU)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/12/2018 08:53:54 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-IHEBHBU)
Description: Microsoft.VCLibs.140.00_8wekyb3d8bbwe3

Error: (11/12/2018 08:53:54 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-IHEBHBU)
Description: Microsoft.VCLibs.140.00.UWPDesktop_8wekyb3d8bbwe3

Error: (11/12/2018 08:53:54 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-IHEBHBU)
Description: Microsoft.Services.Store.Engagement_8wekyb3d8bbwe3

Error: (11/12/2018 08:53:54 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-IHEBHBU)
Description: Microsoft.NET.Native.Runtime.1.7_8wekyb3d8bbwe3

Error: (11/12/2018 08:53:54 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-IHEBHBU)
Description: Microsoft.NET.Native.Runtime.1.6_8wekyb3d8bbwe3

Error: (11/12/2018 08:53:54 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-IHEBHBU)
Description: Microsoft.NET.Native.Runtime.1.4_8wekyb3d8bbwe3


System errors:
=============
Error: (11/23/2018 01:45:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-IHEBHBU)
Description: The server {417976B7-917D-4F1E-8F14-C18FCCB0B3A8} did not register with DCOM within the required timeout.

Error: (11/23/2018 12:34:05 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-IHEBHBU)
Description: The server {417976B7-917D-4F1E-8F14-C18FCCB0B3A8} did not register with DCOM within the required timeout.

Error: (11/23/2018 11:28:50 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-IHEBHBU)
Description: The server {417976B7-917D-4F1E-8F14-C18FCCB0B3A8} did not register with DCOM within the required timeout.

Error: (11/23/2018 10:32:50 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-IHEBHBU)
Description: The server {417976B7-917D-4F1E-8F14-C18FCCB0B3A8} did not register with DCOM within the required timeout.

Error: (11/23/2018 09:45:47 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-IHEBHBU)
Description: The server {417976B7-917D-4F1E-8F14-C18FCCB0B3A8} did not register with DCOM within the required timeout.

Error: (11/23/2018 09:43:43 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/23/2018 09:43:43 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/23/2018 01:13:05 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-IHEBHBU)
Description: The server {417976B7-917D-4F1E-8F14-C18FCCB0B3A8} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2018-11-21 17:38:18.805
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6D27DBA5-743F-47A9-89D8-B7CFFCC8CB87}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-11-16 13:46:33.295
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {BD3D9493-E8C4-4B01-A626-8A29E7A1A5F4}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-10-31 18:34:05.403
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {653FF973-69CD-433B-875A-6C404839C69D}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-10-30 15:40:42.843
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {0A747F80-3557-4493-8123-8BD92385F646}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-10-29 04:09:21.739
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {19235212-65CC-458F-A9EB-766C73BA9E70}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-11-16 13:21:39.972
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.281.239.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15400.5
Error code: 0x80244022
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===================================

Date: 2018-09-25 15:28:35.407
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-09-25 15:28:35.406
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-09-15 00:13:08.835
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-09-15 00:13:08.833
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\Drivers\WdBoot.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: AMD Ryzen 5 1600 Six-Core Processor
Percentage of memory in use: 78%
Total physical RAM: 8124.79 MB
Available physical RAM: 1745.67 MB
Total Virtual: 12732.79 MB
Available Virtual: 2441.57 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.3 GB) (Free:37.09 GB) NTFS
Drive d: (win1) (Fixed) (Total:976.07 GB) (Free:279.97 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:232.77 GB) (Free:232.77 GB) FAT32
Drive f: (New Volume) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
Drive g: (win2) (Fixed) (Total:488.28 GB) (Free:334.16 GB) NTFS
Drive h: (win3) (Fixed) (Total:398.17 GB) (Free:286.8 GB) NTFS
Drive j: () (Removable) (Total:14.83 GB) (Free:14.52 GB) FAT32

\\?\Volume{135cad82-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.13 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 135CAD82)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: 02CDF59B)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 4DBF4705)
Partition 1: (Not Active) - (Size=500 MB) - (Type=05)
Partition 2: (Active) - (Size=976.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=398.2 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Protective MBR) (Size: 14.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Zdravím!
PC je buď firemní, nebo nemáte legální oper. systém. Verze Enterprise není na běžném trhu k dispozici.

Rudy píše:Zdravím!
PC je buď firemní, nebo nemáte legální oper. systém. Verze Enterprise není na běžném trhu k dispozici.

to je zkušební verze kterou vždy po půl roce přeinstaluju. tuhle mám nainstalovanou přes dva měsíce

Takže nelegál. Zkušební verze je na stanovenou dobu a po té se buď legalizuje koupením licence, nebo odinstaluje.