firefox: nový panel s reklamou Vyřešeno

[jaro3]

Doporučuji zastavit kontrolu v reálném čase u Malwarebytes Antimalwaru , pokud to tam najdeš.


A ještě zkus tohle:
Deaktivuj si rezidenční štíty u svého antiviru i Windows Defenderu, nejlépe až do restartu PC.
Stáhni si AdsFix
http://www.telecharger.sosvirus.net/download/quickdiag/
nebo:
https://toolslib.net/downloads/viewdownload/20-adsfix/

klikni na „Télécharger“. A ulož si soubor na svojí plochu.
Poznámka: Ulož si svojí práci před pokračováním!
Zavři všechny ostatní programy a prohlížeče.
Spusť AdsFix.exe poklepáním ( u Windows Vista/7/8/8.1/10, klikni pravým myšítkem a z nabídky vyber "spustit jako správce")
Pro silně infikovaný PC to může trvat několik sekund, než se program spustí.
Nástroj se spustí a zobrazí se, vyhledávání a inicializace jejich aktualizaci, zobrazí se funkce nástroje.
Chceš-li odemknout nástroj pro čištění počítače, klikni na tlačítko „Option“ ("Možnosti")

Objeví se okno ,klikni na tlačítko „Unlock the deletion“ ("Odblokovat")
Klikneš-li přímo na "Clean" bez možnosti odemknutí, ukáže Vám nástroj okno , abyste nejprve nástroj odblokovali.
Pokud nástroj zjistí, že váš antivirový je stále aktivní, objeví se okno označující, že byste ho měli zakázat před klepnutím na tlačítko "OK" pro pokračování čištění AdsFix.
Pak klikni na tlačítko „Clean“ (Vyčistit) poté , co se zveřejní možnosti.
Zadejte svou "Zemi", a potvrďte tlačítkem "OK"
Nástroj provede zálohu registru.
Obrazovka zmizí a nástroj začne pracovat ...
Při čištění, Tě může nástroj vyzvat k odstranění proxy, klepni na tlačítko "Delete".

Na konci čištění, se AdsFix zeptá, zda: chceš nechat zprávu odeslat do Infekční laboratoře k analýze? .... Klikni na "OK" to umožní aktualizovat nástroj..

Pro kompletní vyčištění,vás nástroj vyzve k restartování počítače, klepněte na tlačítko "OK".
Pak se PC restartuje.
Po spuštění PC se objeví zpráva na ploše.
Nicméně, pokud se zpráva neobjeví na ploše, nachází se také zde => C: \ AdsFix_[b](datum_hodina_minuta_).txt [/b]Bude to jen hostovat na upload.sosvirus a zveřejnění své zprávy na Virus fóru SOS.
Zkopíruj sem celý obsah té zprávy.


Jo , dej pak výsledky.

[Reklama]

[vantyto]

Malwarebytes Antimalwaru - kotrola v reálnem čase byla vypnuta

jinak, Sophos projel počítač znovu, a tenokrát nic nenašel, bohužel problém přetrvává. ale napadlo me zda nemám zopakovat některé předchozí kroky, poté co sophos smazal tamto (sice jsem ty osubory od té doby nepoužíval, ale človek nikdy neví)


projisottu přidávám aktuální LOG z HJT:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:21:32, on 05.01.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Programy\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Programy\Steam\Steam.exe
C:\Programy\Origin\Origin.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Programy\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Programy\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Programy\Origin\QtWebEngineProcess.exe
C:\Programy\Origin\QtWebEngineProcess.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Programy\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Users\Public\Downloads\programy\hijack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Programy\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StereoLinksInstall] "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1
O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Programy\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [EADM] "C:\Programy\Origin\Origin.exe" -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01052017021949414\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01052017021949633\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
O4 - HKUS\S-1-5-21-3880423963-3014309569-130014225-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01052017021949881\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User '?')
O4 - HKUS\S-1-5-21-3880423963-3014309569-130014225-500\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Administrator')
O4 - HKUS\S-1-5-21-3880423963-3014309569-130014225-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01052017021951483\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: AtherosSvc - Qualcomm Atheros - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Unknown owner - C:\WINDOWS\system32\IntelCpHDCPSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Unknown owner - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Programy\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Programy\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Quick Access Local Service (QALSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
O23 - Service: Quick Access Service (QASvc) - Acer Incorporated - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Programy\TeamViewer\TeamViewer_Service.exe
O23 - Service: Thunderbolt(TM) Service (ThunderboltService) - Intel Corporation - C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Programy\Tunngle\TnglCtrl.exe
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Unknown owner - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (file missing)

--
End of file - 16106 bytes

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

kroky zopakuj.

Pak ještě:
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[vantyto]

přidávám logy OLT a Extras + HJT akuální (Zararovaný v příloze, snad tak stačí, pokud ne, přidám sem)

přesnoc zkusím ješte jednou Zoek, zda nepokročí tentokrát

[jaro3]

logy dej sem .-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

[vantyto]

OTL 1/3:
OTL logfile created on: 05.01.2017 22:24:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Public\Downloads\programy\hijack
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: dd.MM.yyyy

7,87 Gb Total Physical Memory | 3,86 Gb Available Physical Memory | 49,07% Memory free
10,74 Gb Paging File | 7,15 Gb Available in Paging File | 66,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 930,91 Gb Total Space | 100,16 Gb Free Space | 10,76% Space Free | Partition Type: NTFS

Computer Name: BLACKBOOK | User Name: luvan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\Public\Downloads\programy\hijack\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programy\Origin\OriginWebHelperService.exe (Electronic Arts)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
PRC - C:\Programy\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programy\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Programy\TeamViewer\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Cloud Technology)
PRC - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe (Autodesk Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Intel Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (MBAMService) -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc) -- C:\Windows\SysNative\cdpusersvc.dll (Microsoft Corporation)
SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation)
SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
SRV:64bit: - (wisvc) -- C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation)
SRV:64bit: - (FrameServer) -- C:\Windows\SysNative\FrameServer.dll (Microsoft Corporation)
SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (FlexNet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe (Flexera Software LLC)
SRV:64bit: - (NvContainerNetworkService) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV:64bit: - (NvContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV:64bit: - (NVIDIA Wireless Controller Service) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe (NVIDIA Corporation)
SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe ()
SRV:64bit: - (RmSvc) -- C:\Windows\SysNative\RMapi.dll (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SRV:64bit: - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation)
SRV:64bit: - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation)
SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation)
SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (shpamsvc) -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (DcpSvc) -- C:\Windows\SysNative\dcpsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
SRV:64bit: - (WpnUserService_55559) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_55559) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_55559) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_55559) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_55559) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_55559) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc_55559) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation)
SRV:64bit: - (tiledatamodelsvc) -- C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation)
SRV:64bit: - (TimeBrokerSvc) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService) -- C:\Windows\SysNative\WpnUserService.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation)
SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation)
SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation)
SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation)
SRV:64bit: - (HvHost) -- C:\Windows\SysNative\hvhostsvc.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (cplspcon) -- C:\Windows\SysNative\IntelCpHDCPSvc.exe (Intel Corporation)
SRV:64bit: - (igfxCUIService2.0.0.0) -- C:\Windows\SysNative\igfxCUIService.exe (Intel Corporation)
SRV:64bit: - (QASvc) -- C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Acer Incorporated)
SRV:64bit: - (QALSvc) -- C:\Program Files\Acer\Acer Quick Access\QALSvc.exe (Acer Incorporated)
SRV:64bit: - (UEIPSvc) -- C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe (acer)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (ePowerSvc) -- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Acer Incorporated)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Avira.ServiceHost) -- C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (Origin Web Helper Service) -- C:\Programy\Origin\OriginWebHelperService.exe (Electronic Arts)
SRV - (Origin Client Service) -- C:\Programy\Origin\OriginClientService.exe (Electronic Arts)
SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation)
SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SRV - (BEService) -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe ()
SRV - (EasyAntiCheat) -- C:\Windows\SysWOW64\EasyAntiCheat.exe (EasyAntiCheat Ltd)
SRV - (TeamViewer) -- C:\Programy\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (CCDMonitorService) -- C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe (Acer Incorporated)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (AdAppMgrSvc) -- C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe (Autodesk Inc.)
SRV - (TunngleService) -- C:\Programy\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (Qualcomm Atheros)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (ThunderboltService) -- C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe (Intel Corporation)
SRV - (isaHelperSvc) -- C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe ()
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Intel Corporation)
SRV - (Te.Service) -- C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe (Microsoft Corporation)
SRV - (fussvc) -- C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMProtection) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes)
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes)
DRV:64bit: - (ESProtectionDriver) -- C:\Windows\SysNative\drivers\mbae64.sys ()
DRV:64bit: - (ZAM_Guard) -- C:\Windows\SysNative\drivers\zamguard64.sys (Zemana Ltd.)
DRV:64bit: - (MBAMChameleon) -- C:\Windows\SysNative\drivers\MBAMChameleon.sys (Malwarebytes)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (avusbflt) -- C:\Windows\SysNative\drivers\avusbflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avnetflt) -- C:\Windows\SysNative\drivers\avnetflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation)
DRV:64bit: - (IntcAudioBus) -- C:\Windows\SysNative\drivers\IntcAudioBus.sys (Intel(R) Corporation)
DRV:64bit: - (iorate) -- C:\Windows\SysNative\drivers\iorate.sys (Microsoft Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (megasas2i) -- C:\Windows\SysNative\drivers\MegaSas2i.sys (Avago Technologies)
DRV:64bit: - (AsusVBus) -- C:\Windows\SysNative\drivers\AsusVBus.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (ATP) -- C:\Windows\SysNative\drivers\AsusTP.sys (ASUS Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (wcifs) -- C:\Windows\SysNative\drivers\wcifs.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation)
DRV:64bit: - (nvlddmkm) -- C:\Windows\SysNative\DriverStore\FileRepository\nvacwu.inf_amd64_9934c34dc6ca0c4b\nvlddmkm.sys (NVIDIA Corporation)
DRV:64bit: - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation)
DRV:64bit: - (wdm_usb) -- C:\Windows\SysNative\drivers\usb2ser.sys (MBB)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (applockerfltr) -- C:\Windows\SysNative\drivers\applockerfltr.sys (Microsoft Corporation)
DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation)
DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (UcmTcpciCx0101) -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys (Microsoft Corporation)
DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (IndirectKmd) -- C:\Windows\SysNative\drivers\IndirectKmd.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation)
DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (clreg) -- C:\Windows\SysNative\drivers\registry.sys (Microsoft Corporation)
DRV:64bit: - (wcnfs) -- C:\Windows\SysNative\drivers\wcnfs.sys (Microsoft Corporation)
DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (NetAdapterCx) -- C:\Windows\SysNative\drivers\NetAdapterCx.sys ()
DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation)
DRV:64bit: - (tsusbflt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation)
DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation)
DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation)
DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation)
DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
DRV:64bit: - (Qcamain10x64) -- C:\Windows\SysNative\drivers\Qcamain10x64.sys (Qualcomm Atheros, Inc.)
DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation)
DRV:64bit: - (xusb22) -- C:\Windows\SysNative\drivers\xusb22.sys (Microsoft Corporation)
DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys (Intel Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation)
DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (iagpio) -- C:\Windows\SysNative\drivers\iagpio.sys (Intel(R) Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (cht4vbd) -- C:\Windows\SysNative\drivers\cht4vx64.sys (Chelsio Communications)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox)
DRV:64bit: - (cht4iscsi) -- C:\Windows\SysNative\drivers\cht4sx64.sys (Chelsio Communications)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (scmdisk0101) -- C:\Windows\SysNative\drivers\scmdisk0101.sys (Microsoft Corporation)
DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation)
DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies)
DRV:64bit: - (scmbus) -- C:\Windows\SysNative\drivers\scmbus.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (Avago Technologies)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation)
DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AcpiDev) -- C:\Windows\SysNative\drivers\AcpiDev.sys (Microsoft Corporation)
DRV:64bit: - (volume) -- C:\Windows\SysNative\drivers\volume.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (bcmfn) -- C:\Windows\SysNative\drivers\bcmfn.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (QLogic Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (vmgid) -- C:\Windows\SysNative\drivers\vmgid.sys (Microsoft Corporation)
DRV:64bit: - (tap0901t) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net GmbH)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (IntcOED) -- C:\Windows\SysNative\drivers\IntcOED.sys (Intel(R) Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (SynRMIHID) -- C:\Windows\SysNative\drivers\SynRMIHID.sys (Synaptics Incorporated)
DRV:64bit: - (IntcDMic) -- C:\Windows\SysNative\drivers\IntcDMic.sys (Intel(R) Corporation)
DRV:64bit: - (RadioShim) -- C:\Windows\SysNative\drivers\RadioShim.sys (Acer Incorporated)
DRV:64bit: - (LMDriver) -- C:\Windows\SysNative\drivers\LMDriver.sys (Acer Incorporated)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys (Intel Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (iaLPSS2_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2_I2C.sys (Intel Corporation)
DRV:64bit: - (rt640x64) -- C:\Windows\SysNative\drivers\rt640x64.sys (Realtek )
DRV:64bit: - (RTSUER) -- C:\Windows\SysNative\drivers\RtsUer.sys (Realsil Semiconductor Corporation)
DRV:64bit: - (monectdevices) -- C:\Windows\SysNative\drivers\monectdevices.sys ()
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (adfs) -- C:\WINDOWS\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV:64bit: - (SaiHFFB5) -- C:\Windows\SysNative\drivers\SaiHFFB5.sys (Saitek)
DRV:64bit: - (SaiIFFB5) -- C:\Windows\SysNative\drivers\SaiIFFB5.sys (Saitek)
DRV - (nvlddmkm) -- C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9934c34dc6ca0c4b\nvlddmkm.sys (NVIDIA Corporation)
DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys (Microsoft Corporation)
DRV - (VSPerfDrv110) -- C:\Programy\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {11F82C0C-C38B-4901-AFB7-E3BA99B5815C}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{11F82C0C-C38B-4901-AFB7-E3BA99B5815C}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRACE1&src=IE11TR&pc=ACTE
IE:64bit: - HKLM\..\SearchScopes\{C936B705-D23F-43FC-A827-4794AE236EEF}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRACE1&src=IE11TR&pc=ACTE
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {11F82C0C-C38B-4901-AFB7-E3BA99B5815C}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{11F82C0C-C38B-4901-AFB7-E3BA99B5815C}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRACE1&src=IE11TR&pc=ACTE
IE - HKLM\..\SearchScopes\{C936B705-D23F-43FC-A827-4794AE236EEF}: "URL" = http://www.bing.com/search?q={searchTerms}&form=PRACE1&src=IE11TR&pc=ACTE
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = B7 16 95 48 8C E0 D1 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 22 00 00 00 BA DC 3E 22 FD 04 4D 92 3E CE 0F 8C D4 6E E7 A6 AB 39 C4 80 87 61 28 39 65 BC 06 9E C8 38 E1 7A 96 BC 02 00 00 00 0E 00 00 00 77 74 66 42 47 4A 70 72 46 6A 73 25 33 64 [binary data]
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.3.19
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:50.1.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.7.1: C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.111.2: C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2: C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.7.1: C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp: C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf: C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.111.2: C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2: C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016.11.15 19:29:21 | 000,000,000 | ---D | M]

[2016.07.18 00:34:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\luvan\AppData\Roaming\mozilla\Extensions
[2016.12.31 01:24:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions
[2016.12.31 00:00:58 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\luvan\AppData\Roaming\mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\extensions\foxmarks@kei.com
[2016.12.31 00:07:31 | 000,514,262 | ---- | M] () (No name found) -- C:\Users\luvan\AppData\Roaming\mozilla\firefox\profiles\txs9d34m.default-1483138573866\extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi
[2016.12.31 00:09:26 | 000,084,584 | ---- | M] () (No name found) -- C:\Users\luvan\AppData\Roaming\mozilla\firefox\profiles\txs9d34m.default-1483138573866\extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi
[2016.12.31 00:09:12 | 000,015,300 | ---- | M] () (No name found) -- C:\Users\luvan\AppData\Roaming\mozilla\firefox\profiles\txs9d34m.default-1483138573866\extensions\jid1-P34HaABBBpOerQ@jetpack.xpi
[2016.12.31 00:00:45 | 001,019,941 | ---- | M] () (No name found) -- C:\Users\luvan\AppData\Roaming\mozilla\firefox\profiles\txs9d34m.default-1483138573866\extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi
[2016.12.31 00:08:51 | 001,055,311 | ---- | M] () (No name found) -- C:\Users\luvan\AppData\Roaming\mozilla\firefox\profiles\txs9d34m.default-1483138573866\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016.12.30 23:54:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2016.07.19 18:49:40 | 000,043,424 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

[vantyto]

OTL 2/3:
O1 HOSTS File: ([2017.01.03 10:29:01 | 000,000,753 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Programy\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Malwarebytes TrayApp] C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe ()
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Autodesk Desktop App] C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (Autodesk, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira SystrayStartTrigger] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [StereoLinksInstall] "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1 File not found
O4 - HKCU..\Run: [EADM] C:\Programy\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [Steam] C:\Programy\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: amazon.com ([]https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{19ceecdd-3121-4ddd-87f4-7801e07ff02d}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2016.10.31 12:26:08 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2016.12.31 00:57:00 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2017.01.05 12:15:01 | 000,250,816 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\028C3A53.sys
[2017.01.04 19:19:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2017.01.04 19:15:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2017.01.04 19:15:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2017.01.04 15:37:28 | 000,000,000 | ---D | C] -- C:\FRST
[2017.01.03 20:48:13 | 000,203,680 | ---- | C] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zamguard64.sys
[2017.01.03 20:48:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zemana AntiMalware
[2017.01.03 20:48:00 | 000,000,000 | ---D | C] -- C:\Users\luvan\AppData\Local\Zemana
[2017.01.03 16:50:27 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2017.01.03 10:37:07 | 000,000,000 | ---D | C] -- C:\zoek
[2017.01.03 09:56:23 | 000,102,856 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys
[2017.01.03 00:06:57 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2017.01.02 23:21:48 | 000,000,000 | ---D | C] -- C:\Users\luvan\AppData\Roaming\Avira
[2017.01.02 20:59:14 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2017.01.01 15:51:09 | 000,176,064 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMChameleon.sys
[2017.01.01 15:51:01 | 000,091,584 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2017.01.01 15:50:58 | 000,043,968 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2017.01.01 15:50:55 | 000,250,816 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2017.01.01 15:50:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2017.01.01 15:50:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2016.12.31 00:56:38 | 000,000,000 | ---D | C] -- C:\Users\luvan\Start Menu
[2016.12.30 23:56:23 | 000,000,000 | ---D | C] -- C:\Users\luvan\Desktop\Old Firefox Data
[2016.12.30 23:20:07 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2016.12.30 18:29:05 | 000,028,272 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\SysNative\drivers\avusbflt.sys
[2016.12.30 18:29:04 | 000,078,208 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\SysNative\drivers\avnetflt.sys
[2016.12.30 18:29:04 | 000,035,488 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\SysNative\drivers\avkmgr.sys
[2016.12.30 18:29:03 | 000,153,904 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\SysNative\drivers\avipbb.sys
[2016.12.30 18:29:02 | 000,151,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\SysNative\drivers\avgntflt.sys
[2016.12.30 18:25:53 | 000,000,000 | ---D | C] -- C:\Users\luvan\AppData\Local\Avira
[2016.12.30 18:24:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2016.12.30 18:24:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2016.12.30 18:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2016.12.30 15:57:33 | 000,000,000 | ---D | C] -- C:\Users\luvan\Documents\SavedGames
[2016.12.30 14:48:46 | 000,000,000 | ---D | C] -- C:\Users\luvan\AppData\Roaming\Warner Bros. Interactive Entertainment
[2016.12.28 04:00:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Unity
[2016.12.28 03:31:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GtkSharp
[2016.12.28 03:30:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.5.0f3 (64-bit)
[2016.12.28 03:25:34 | 000,000,000 | ---D | C] -- C:\Program Files\Unity
[2016.12.27 18:34:32 | 000,000,000 | ---D | C] -- C:\Users\luvan\AppData\Local\CrazyPixelStreaker
[2016.12.27 18:16:00 | 000,000,000 | ---D | C] -- C:\Users\luvan\AppData\Local\BallisticTanks
[2016.12.27 15:53:09 | 000,000,000 | ---D | C] -- C:\Users\luvan\Documents\SHIFT 2 UNLEASHED
[2016.12.26 19:12:28 | 000,000,000 | ---D | C] -- C:\Users\luvan\AppData\Local\Hero_Siege
[2016.12.26 17:00:04 | 000,000,000 | ---D | C] -- C:\Users\luvan\AppData\Roaming\GT200Driver
[2016.12.26 16:59:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asus Espada Gaming Mouse
[2016.12.26 16:54:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\English
[2016.12.26 02:12:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2016.12.26 02:11:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2016.12.26 02:11:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2016.12.26 01:26:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\spool
[2016.12.26 01:25:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2016.12.26 01:25:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2016.12.26 01:25:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2016.12.26 01:11:33 | 000,000,000 | ---D | C] -- C:\Users\luvan\Documents\Visual Studio 2012
[2016.12.26 01:08:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2016.12.26 01:08:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2016.12.26 01:07:45 | 000,000,000 | ---D | C] -- C:\Program Files\Application Verifier
[2016.12.26 01:07:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Verifier
[2016.12.26 01:07:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows App Certification Kit
[2016.12.26 01:06:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
[2016.12.26 01:06:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Microsoft
[2016.12.26 01:05:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PreEmptive Solutions
[2016.12.26 01:04:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NuGet
[2016.12.26 01:04:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WCF Data Services
[2016.12.26 01:03:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Kits
[2016.12.26 01:01:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\1033
[2016.12.26 00:59:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTML Help Workshop
[2016.12.26 00:59:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Designer
[2016.12.26 00:58:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Help Viewer
[2016.12.26 00:55:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Merge Modules
[2016.12.26 00:54:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
[2016.12.26 00:53:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\1033
[2016.12.26 00:53:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\symbols
[2016.12.26 00:53:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 11.0
[2016.12.26 00:53:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2016.12.26 00:51:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2016.12.25 20:11:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titan Souls [GOG.com]
[2016.12.24 14:29:51 | 000,000,000 | ---D | C] -- C:\Users\luvan\Documents\hra
[2016.12.24 01:26:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Necropolis
[2016.12.23 22:28:56 | 000,000,000 | ---D | C] -- C:\Users\luvan\AppData\Local\nuclearthrone
[2016.12.23 13:59:13 | 000,000,000 | ---D | C] -- C:\Users\luvan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Gothic
[2016.12.23 13:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gothic
[2016.12.23 13:47:16 | 000,000,000 | ---D | C] -- C:\gothic
[2016.12.23 13:45:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2016.12.18 21:43:11 | 000,000,000 | ---D | C] -- C:\Users\luvan\AppData\Roaming\DevilDaggers
[2016.12.15 05:59:12 | 008,168,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2016.12.15 05:59:12 | 004,612,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2016.12.15 05:59:12 | 003,306,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2016.12.15 05:59:11 | 003,059,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2016.12.15 05:59:11 | 001,852,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2016.12.15 05:59:11 | 001,589,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtctm.dll
[2016.12.15 05:59:11 | 001,274,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2016.12.15 05:59:11 | 001,100,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2016.12.15 05:59:11 | 000,989,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2016.12.15 05:59:11 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2016.12.15 05:59:11 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2016.12.15 05:59:10 | 002,138,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputService.dll
[2016.12.15 05:59:10 | 000,947,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.efi
[2016.12.15 05:59:10 | 000,811,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.exe
[2016.12.15 05:59:10 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2016.12.15 05:59:10 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.LockScreen.dll
[2016.12.15 05:59:09 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2016.12.15 05:59:09 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputLocaleManager.dll
[2016.12.15 05:59:09 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditBufferTestHook.dll
[2016.12.15 05:59:09 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WordBreakers.dll
[2016.12.15 05:59:08 | 001,293,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2016.12.15 05:59:07 | 006,285,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2016.12.15 05:59:07 | 003,777,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2016.12.15 05:59:06 | 007,816,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2016.12.15 05:59:06 | 002,275,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2016.12.15 05:59:06 | 001,988,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2016.12.15 05:59:05 | 002,820,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2016.12.15 05:59:05 | 001,692,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll

[vantyto]

OTL 3/3
[2016.12.15 05:59:05 | 001,121,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2016.12.15 05:59:05 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2016.12.15 05:59:05 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\facecredentialprovider.dll
[2016.12.15 05:59:04 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2016.12.15 05:59:04 | 000,261,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2016.12.15 05:59:04 | 000,119,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll
[2016.12.15 05:59:04 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditBufferTestHook.dll
[2016.12.15 05:59:03 | 004,749,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2016.12.15 05:59:03 | 003,616,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2016.12.15 05:59:03 | 002,998,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2016.12.15 05:59:03 | 001,461,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2016.12.15 05:59:03 | 000,981,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll
[2016.12.15 05:59:03 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32k.sys
[2016.12.15 05:59:03 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Shell.dll
[2016.12.15 05:59:03 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WordBreakers.dll
[2016.12.15 05:59:00 | 005,114,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2016.12.15 05:59:00 | 001,572,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2016.12.15 05:59:00 | 001,415,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2016.12.15 05:59:00 | 000,764,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2016.12.15 05:59:00 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShareHost.dll
[2016.12.15 05:59:00 | 000,241,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll
[2016.12.15 05:58:59 | 000,455,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2016.12.15 05:58:58 | 001,354,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2016.12.15 05:58:58 | 001,173,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2016.12.15 05:58:58 | 001,051,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2016.12.15 05:58:58 | 000,894,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2016.12.15 05:58:57 | 006,668,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2016.12.15 05:58:57 | 001,637,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2016.12.15 05:58:57 | 001,490,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2016.12.15 05:58:57 | 000,137,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2016.12.15 05:58:56 | 003,198,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2016.12.15 05:58:56 | 002,913,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2016.12.15 05:58:56 | 002,166,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2016.12.15 05:58:56 | 000,861,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2016.12.15 05:58:55 | 001,267,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2016.12.15 05:58:55 | 001,004,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2016.12.15 05:58:55 | 000,886,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2016.12.15 05:58:55 | 000,846,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2016.12.15 05:58:55 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShareHost.dll
[2016.12.15 05:58:55 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2016.12.15 05:58:55 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2016.12.15 05:58:55 | 000,377,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2016.12.15 05:58:55 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2016.12.15 05:58:55 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEnroller.exe
[2016.12.15 05:58:55 | 000,168,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcrypt.dll
[2016.12.15 05:58:54 | 008,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2016.12.15 05:58:54 | 001,512,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2016.12.15 05:58:54 | 000,402,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2016.12.15 05:58:54 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2016.12.15 05:58:54 | 000,165,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2016.12.15 05:58:53 | 000,658,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2016.12.15 05:58:53 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\indexeddbserver.dll
[2016.12.15 05:58:52 | 022,563,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2016.12.15 05:58:52 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2016.12.15 05:58:51 | 019,413,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2016.12.15 05:58:51 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\indexeddbserver.dll
[2016.12.15 05:58:50 | 006,044,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2016.12.15 05:58:49 | 004,746,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2016.12.15 05:58:49 | 002,677,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2016.12.15 05:58:49 | 001,738,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2016.12.15 05:58:48 | 000,822,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2016.12.15 05:58:48 | 000,730,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2016.12.15 05:58:48 | 000,635,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2016.12.15 05:58:48 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CryptoWinRT.dll
[2016.12.15 05:58:48 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll
[2016.12.15 05:58:48 | 000,172,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll
[2016.12.14 00:29:16 | 000,000,000 | ---D | C] -- C:\Users\luvan\AppData\Local\Chromium
[2016.12.13 23:13:05 | 000,000,000 | ---D | C] -- C:\Users\luvan\AppData\Local\SatelliteReign
[2016.12.09 20:54:31 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnprv.dll
[2016.12.09 20:54:31 | 000,260,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgentUserBroker.exe
[2016.12.09 20:54:30 | 002,682,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netshell.dll
[2016.12.09 20:54:30 | 000,748,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StoreAgent.dll
[2016.12.09 20:54:30 | 000,603,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ContentDeliveryManager.Utilities.dll
[2016.12.09 20:54:30 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PlayToManager.dll
[2016.12.09 20:54:30 | 000,534,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2016.12.09 20:54:30 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll
[2016.12.09 20:54:30 | 000,347,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascustom.dll
[2016.12.09 20:54:30 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2016.12.09 20:54:30 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InstallAgent.exe
[2016.12.09 20:54:30 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\browserbroker.dll
[2016.12.09 20:54:29 | 001,631,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.dll
[2016.12.09 20:54:29 | 001,232,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2016.12.09 20:54:29 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXService.dll
[2016.12.09 20:54:28 | 000,590,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2016.12.09 20:54:27 | 002,800,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netshell.dll
[2016.12.09 20:54:27 | 001,886,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2016.12.09 20:54:27 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntshrui.dll
[2016.12.09 20:54:26 | 001,859,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2016.12.09 20:54:25 | 017,188,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2016.12.09 20:54:23 | 000,952,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2016.12.09 20:54:22 | 003,892,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2016.12.09 20:54:22 | 001,123,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2016.12.09 20:54:22 | 000,263,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
[2016.12.09 20:54:22 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepositoryClient.dll
[2016.12.09 20:54:21 | 003,370,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.StateRepository.dll
[2016.12.09 20:54:21 | 000,379,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepsync.dll
[2016.12.09 20:54:21 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepapi.dll
[2016.12.09 20:54:21 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepapi.dll
[2016.12.09 20:54:21 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSManHTTPConfig.exe
[2016.12.09 20:54:20 | 002,277,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2016.12.09 20:54:20 | 000,760,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NMAA.dll
[2016.12.09 20:54:20 | 000,715,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapControlCore.dll
[2016.12.09 20:54:20 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepsync.dll
[2016.12.09 20:54:19 | 006,109,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mos.dll
[2016.12.09 20:54:19 | 001,992,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2016.12.09 20:54:19 | 001,357,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2016.12.09 20:54:17 | 005,380,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BingMaps.dll
[2016.12.09 20:54:17 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JpMapControl.dll
[2016.12.09 20:54:17 | 000,138,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DisplayManager.dll
[2016.12.09 20:54:16 | 004,423,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ExplorerFrame.dll
[2016.12.09 20:54:14 | 000,418,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2016.12.09 20:54:14 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\domgmt.dll
[2016.12.09 20:54:13 | 002,362,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapRouter.dll
[2016.12.09 20:54:13 | 002,109,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapGeocoder.dll
[2016.12.09 20:54:13 | 001,069,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2016.12.09 20:54:13 | 000,091,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfaudiocnv.dll
[2016.12.09 20:54:13 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HttpsDataSource.dll
[2016.12.09 20:54:12 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmkvsrcsnk.dll
[2016.12.09 20:54:12 | 000,424,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFPlay.dll
[2016.12.09 20:54:12 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapConfiguration.dll
[2016.12.09 20:54:12 | 000,163,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RTWorkQ.dll
[2016.12.09 20:54:12 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapsBtSvc.dll
[2016.12.09 20:54:11 | 001,755,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DeviceFlows.DataModel.dll
[2016.12.09 20:54:11 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2016.12.09 20:54:11 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2016.12.09 20:54:11 | 000,266,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2016.12.09 20:54:11 | 000,157,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CloudStorageWizard.exe
[2016.12.09 20:54:11 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcertinst.exe
[2016.12.09 20:54:11 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MosStorage.dll
[2016.12.09 20:54:10 | 000,320,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2016.12.09 20:54:05 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_StorageSense.dll
[2016.12.09 20:54:05 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActivationManager.dll
[2016.12.09 20:54:05 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseAppMgmtSvc.dll
[2016.12.09 20:54:05 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EnterpriseModernAppMgmtCSP.dll
[2016.12.09 20:54:05 | 000,110,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
[2016.12.09 20:54:05 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EAMProgressHandler.dll
[2016.12.09 20:54:04 | 002,828,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2016.12.09 20:54:04 | 002,104,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidsvc.dll
[2016.12.09 20:54:04 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtcuiu.dll
[2016.12.09 20:54:04 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EDPCleanup.exe
[2016.12.09 20:54:04 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReportingCSP.dll
[2016.12.09 20:54:03 | 004,136,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepository.dll
[2016.12.09 20:54:03 | 002,186,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hevcdecoder.dll
[2016.12.09 20:54:03 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryClient.dll
[2016.12.09 20:54:03 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.StateRepositoryBroker.dll
[2016.12.09 20:54:01 | 002,482,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2016.12.09 20:54:01 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2016.12.09 20:54:01 | 001,228,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2016.12.09 20:54:01 | 000,909,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2016.12.09 20:54:00 | 000,560,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2016.12.09 20:53:59 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngccredprov.dll
[2016.12.09 20:53:59 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcastdvr.exe
[2016.12.09 20:53:59 | 000,431,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\efswrt.dll
[2016.12.09 20:53:59 | 000,409,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NgcCtnr.dll
[2016.12.09 20:53:59 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PlayToManager.dll
[2016.12.09 20:53:59 | 000,366,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDXTaskFactory.dll
[2016.12.09 20:53:59 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\xboxgip.sys
[2016.12.09 20:53:59 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BcastDVRHelper.dll
[2016.12.09 20:53:59 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppCapture.dll
[2016.12.09 20:53:59 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Shell.Search.UriHandler.dll
[2016.12.09 20:53:58 | 002,852,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsThresholdAdminFlowUI.dll
[2016.12.09 20:53:58 | 002,084,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceFlows.DataModel.dll
[2016.12.09 20:53:58 | 000,382,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2016.12.09 20:53:58 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netplwiz.dll
[2016.12.09 20:53:57 | 002,510,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetworkMobileSettings.dll
[2016.12.09 20:53:56 | 003,542,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2016.12.09 20:53:56 | 000,637,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2016.12.09 20:53:56 | 000,360,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2016.12.09 20:53:53 | 000,454,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2016.12.09 20:53:53 | 000,198,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscapi.dll
[2016.12.09 20:53:53 | 000,152,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RTWorkQ.dll
[2016.12.09 20:53:52 | 001,336,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsecedit.dll
[2016.12.09 20:53:52 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActivationManager.dll
[2016.12.09 20:53:51 | 001,220,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscui.cpl
[2016.12.09 20:53:51 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptngc.dll
[2016.12.09 20:53:51 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wscinterop.dll
[2016.12.09 20:53:51 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VEStoreEventHandlers.dll
[2016.12.09 20:53:49 | 001,631,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Resources.dll
[2016.12.09 20:53:48 | 013,868,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2016.12.09 20:53:47 | 001,418,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2016.12.09 20:53:46 | 000,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2016.12.09 20:53:45 | 000,219,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys
[2016.12.09 20:53:43 | 006,474,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mspaint.exe
[2016.12.09 20:53:43 | 000,960,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\modernexecserver.dll
[2016.12.09 20:53:43 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2016.12.09 20:53:42 | 001,726,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Immersive.dll
[2016.12.09 20:53:42 | 001,556,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Immersive.dll
[2016.12.09 20:53:42 | 000,298,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2016.12.09 20:53:42 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Shell.Search.UriHandler.dll
[2016.12.09 20:53:42 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchWinApp.exe
[2016.12.09 20:53:41 | 002,484,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gameux.dll
[2016.12.09 20:53:41 | 000,711,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2016.12.09 20:53:41 | 000,506,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairing.dll
[2016.12.09 20:53:40 | 007,626,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2016.12.09 20:53:39 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdpsvc.dll
[2016.12.09 20:53:39 | 000,339,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdpusersvc.dll
[2016.12.09 20:53:38 | 004,311,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2016.12.09 20:53:38 | 001,600,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2016.12.09 20:53:38 | 000,882,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditionUpgradeManagerObj.dll
[2016.12.09 20:53:38 | 000,743,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2016.12.09 20:53:38 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditionUpgradeHelper.dll
[2016.12.09 20:53:37 | 001,366,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2016.12.09 20:53:37 | 000,159,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ACPBackgroundManagerPolicy.dll
[2016.12.09 20:53:36 | 000,673,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2016.12.09 20:53:36 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll
[2016.12.09 20:53:36 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuuhext.dll
[2016.12.09 20:53:35 | 002,009,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRHInproc.dll
[2016.12.09 20:53:35 | 000,869,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2016.12.09 20:53:35 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VPNv2CSP.dll
[2016.12.09 20:53:34 | 001,477,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsecedit.dll
[2016.12.09 20:53:34 | 000,746,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcprx.dll
[2016.12.09 20:53:33 | 000,248,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2016.12.09 20:53:33 | 000,101,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceReactivation.dll
[2016.12.09 20:53:33 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpremove.exe
[2016.12.09 20:53:31 | 001,002,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2016.12.09 20:53:31 | 000,359,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mtxclu.dll
[2016.12.09 20:53:30 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sendmail.dll
[2016.12.09 20:53:30 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
[2016.12.09 20:53:29 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xolehlp.dll
[2016.12.09 20:53:28 | 001,062,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2016.12.09 20:53:28 | 000,620,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcastdvr.exe
[2016.12.09 20:53:28 | 000,519,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ngccredprov.dll
[2016.12.09 20:53:27 | 001,473,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2016.12.09 20:53:26 | 000,499,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LogonController.dll
[2016.12.09 20:53:26 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptngc.dll
[2016.12.09 20:53:25 | 004,130,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2016.12.09 20:53:25 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BcastDVRHelper.dll
[2016.12.09 20:53:24 | 002,213,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2016.12.09 20:53:24 | 000,328,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Storage.ApplicationData.dll
[2016.12.09 20:53:23 | 000,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2016.12.09 20:53:22 | 005,722,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2016.12.09 20:53:21 | 000,170,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppCapture.dll
[2016.12.09 20:53:20 | 007,219,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2016.12.09 20:53:19 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DisplayManager.dll
[2016.12.09 20:53:17 | 002,287,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2016.12.09 20:53:15 | 004,708,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ExplorerFrame.dll
[2016.12.09 20:53:11 | 000,126,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfaudiocnv.dll
[2016.12.09 20:53:10 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtcprx.dll
[2016.12.09 20:53:10 | 000,870,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmkvsrcsnk.dll
[2016.12.09 20:53:10 | 000,374,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFPlay.dll
[2016.12.09 20:53:10 | 000,187,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudStorageWizard.exe
[2016.12.09 20:53:10 | 000,142,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\migisol.dll
[2016.12.09 20:53:09 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dialserver.dll
[2016.12.09 20:53:09 | 000,122,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\migisol.dll
[2016.12.09 20:53:08 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProvSysprep.dll
[2016.12.09 20:53:07 | 001,691,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aitstatic.exe
[2016.12.09 20:53:07 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2016.12.09 20:53:07 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppnp.dll
[2016.12.09 20:53:07 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgentc.exe
[2016.12.09 20:53:06 | 000,259,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdtcuiu.dll
[2016.12.09 20:53:06 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RjvMDMConfig.dll
[2016.12.09 20:53:04 | 000,557,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\StoreAgent.dll
[2016.12.09 20:53:04 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgentUserBroker.exe
[2016.12.09 20:53:04 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InstallAgent.exe
[2016.12.09 20:53:03 | 001,430,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2016.12.09 20:52:51 | 000,306,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieproxy.dll
[2016.12.09 20:52:49 | 006,664,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mspaint.exe
[2016.12.09 20:52:49 | 000,495,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DataSenseHandlers.dll
[2016.12.09 20:52:48 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2016.12.09 20:52:46 | 002,611,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gameux.dll
[2016.12.09 20:52:46 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieproxy.dll
[2016.12.09 20:52:46 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2016.12.09 20:52:42 | 004,673,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2016.12.09 20:52:41 | 000,936,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NMAA.dll
[2016.12.09 20:52:41 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchWinApp.exe
[2016.12.09 20:52:41 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSManHTTPConfig.exe
[2016.12.09 20:52:40 | 000,905,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapControlCore.dll
[2016.12.09 20:52:37 | 009,131,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2016.12.09 20:52:37 | 000,388,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\zipfldr.dll
[2016.12.09 20:52:37 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IdCtrls.dll
[2016.12.09 20:52:36 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\efswrt.dll
[2016.12.09 20:52:34 | 007,654,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mos.dll
[2016.12.09 20:52:33 | 001,709,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2016.12.09 20:52:29 | 003,400,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncCenter.dll
[2016.12.09 20:52:26 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpMapControl.dll
[2016.12.09 20:52:25 | 007,812,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2016.12.09 20:52:23 | 002,206,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2016.12.09 20:52:23 | 001,969,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\hevcdecoder.dll
[2016.12.09 20:52:22 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll
[2016.12.09 20:52:22 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshostcore.dll
[2016.12.09 20:52:21 | 003,441,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapRouter.dll
[2016.12.09 20:52:21 | 002,953,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapGeocoder.dll
[2016.12.09 20:52:20 | 000,489,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetSetupShim.dll
[2016.12.09 20:52:20 | 000,446,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapConfiguration.dll
[2016.12.09 20:52:20 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetSetupShim.dll
[2016.12.09 20:52:20 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsBtSvc.dll
[2016.12.09 20:52:20 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupugc.exe
[2016.12.09 20:52:20 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setupugc.exe
[2016.12.09 20:52:19 | 000,632,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasapi32.dll
[2016.12.09 20:52:19 | 000,587,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vpnike.dll
[2016.12.09 20:52:19 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2016.12.09 20:52:19 | 000,167,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscapi.dll
[2016.12.09 20:52:19 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\umpoext.dll
[2016.12.09 20:52:19 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MosStorage.dll
[2016.12.09 20:52:19 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\moshost.dll
[2016.12.09 20:52:18 | 001,196,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscui.cpl
[2016.12.09 20:52:18 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sendmail.dll
[2016.12.09 20:52:18 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscinterop.dll
[2016.12.09 20:52:18 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NetCfgNotifyObjectHost.exe
[2016.12.09 20:52:18 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\NetCfgNotifyObjectHost.exe
[2016.12.09 20:52:18 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CbtBackgroundManagerPolicy.dll
[2016.12.09 20:52:18 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgentc.exe
[2016.12.07 18:25:41 | 000,000,000 | ---D | C] -- C:\Users\luvan\Documents\Assassin's Creed III
[2016.12.07 17:30:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2016.12.07 16:22:43 | 000,000,000 | ---D | C] -- C:\Users\luvan\AppData\Local\Daedalic Entertainment GmbH
[1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2017.01.05 22:28:05 | 000,218,510 | ---- | M] () -- C:\WINDOWS\ZAM_Guard.krnl.trace
[2017.01.05 21:32:02 | 000,028,272 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\TrueSight.sys
[2017.01.05 19:42:10 | 002,547,812 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2017.01.05 19:42:10 | 000,998,810 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2017.01.05 19:42:10 | 000,949,132 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2017.01.05 19:42:10 | 000,324,118 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2017.01.05 19:42:10 | 000,254,034 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2017.01.05 19:42:02 | 000,043,968 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2017.01.05 19:41:59 | 000,250,816 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2017.01.05 19:40:14 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2017.01.05 19:38:59 | 000,000,180 | ---- | M] () -- C:\WINDOWS\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2017.01.05 19:38:11 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2017.01.05 19:38:10 | 3378,786,304 | -HS- | M] () -- C:\hiberfil.sys
[2017.01.05 17:37:35 | 000,189,996 | ---- | M] () -- C:\WINDOWS\ZAM.krnl.trace
[2017.01.05 12:15:17 | 000,102,856 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys
[2017.01.05 12:15:16 | 000,091,584 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2017.01.05 12:15:01 | 000,250,816 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\028C3A53.sys
[2017.01.04 19:15:33 | 000,002,775 | ---- | M] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2017.01.04 12:44:02 | 000,077,408 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2017.01.03 20:48:13 | 000,203,680 | ---- | M] (Zemana Ltd.) -- C:\WINDOWS\SysNative\drivers\zamguard64.sys
[2017.01.03 10:29:01 | 000,000,753 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2017.01.03 09:36:28 | 000,223,892 | ---- | M] () -- C:\Users\luvan\Desktop\potvrzení o studiu.pdf
[2017.01.03 09:25:42 | 000,054,056 | ---- | M] () -- C:\Users\luvan\Desktop\vypis OZP.pdf
[2017.01.03 08:12:34 | 000,037,779 | ---- | M] () -- C:\Users\luvan\Desktop\Výstřižek.PNG
[2017.01.01 15:51:09 | 000,176,064 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MBAMChameleon.sys
[2017.01.01 15:50:50 | 000,001,916 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2016.12.31 00:57:00 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2016.12.30 23:54:06 | 000,001,220 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016.12.30 23:26:36 | 003,097,416 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2016.12.30 18:31:35 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_avusbflt_01011.Wdf
[2016.12.30 18:24:41 | 000,001,281 | ---- | M] () -- C:\Users\Public\Desktop\Avira Connect.lnk
[2016.12.28 03:30:43 | 000,000,932 | ---- | M] () -- C:\Users\Public\Desktop\Unity 5.5.0f3 (64-bit).lnk
[2016.12.27 20:37:39 | 000,545,528 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\EasyAntiCheat.sys
[2016.12.27 18:12:31 | 067,447,470 | ---- | M] () -- C:\Users\luvan\Desktop\Ballistic.Tanks.v1.04.rar
[2016.12.26 05:16:50 | 000,001,813 | ---- | M] () -- C:\Users\luvan\.xmlcopyeditor
[2016.12.26 01:51:22 | 000,001,572 | ---- | M] () -- C:\Users\luvan\Desktop\photoshop.lnk
[2016.12.26 01:50:54 | 000,001,631 | ---- | M] () -- C:\Users\luvan\Desktop\visual studio.lnk
[2016.12.24 03:04:22 | 000,000,856 | ---- | M] () -- C:\Users\Public\Desktop\XML Copy Editor.lnk
[2016.12.12 00:56:25 | 000,835,576 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2016.12.12 00:56:25 | 000,177,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2016.12.11 18:28:28 | 000,000,717 | ---- | M] () -- C:\Users\luvan\Desktop\mili jezisku.jpg
[2016.12.09 19:32:40 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2016.12.09 11:42:15 | 001,637,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2016.12.09 11:42:14 | 000,137,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2016.12.09 11:34:34 | 001,051,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2016.12.09 11:34:34 | 000,894,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2016.12.09 11:33:26 | 001,354,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2016.12.09 11:33:26 | 001,173,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2016.12.09 11:32:11 | 007,816,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2016.12.09 11:30:39 | 000,377,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2016.12.09 11:29:23 | 002,681,200 | ---- | M] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2016.12.09 11:28:24 | 000,764,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CoreMessaging.dll
[2016.12.09 11:27:38 | 000,172,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll
[2016.12.09 11:20:21 | 002,677,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2016.12.09 11:20:16 | 000,658,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2016.12.09 11:20:13 | 000,402,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2016.12.09 11:20:12 | 001,738,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2016.12.09 11:19:35 | 001,293,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LicenseManager.dll
[2016.12.09 11:19:21 | 000,168,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcrypt.dll
[2016.12.09 11:18:21 | 002,913,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2016.12.09 11:18:16 | 001,100,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2016.12.09 11:18:15 | 001,267,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2016.12.09 11:18:14 | 000,811,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.exe
[2016.12.09 11:18:12 | 000,947,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.efi
[2016.12.09 11:18:09 | 000,989,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2016.12.09 11:15:26 | 008,168,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2016.12.09 11:15:18 | 001,988,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2016.12.09 11:14:50 | 001,274,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ole32.dll
[2016.12.09 11:14:33 | 000,241,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CloudExperienceHost.dll
[2016.12.09 11:11:15 | 002,048,496 | ---- | M] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016.12.09 11:10:58 | 001,461,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2016.12.09 11:10:40 | 001,572,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2016.12.09 11:09:27 | 000,455,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2016.12.09 11:01:08 | 000,861,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LicenseManager.dll
[2016.12.09 10:59:25 | 000,846,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2016.12.09 10:59:24 | 002,166,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2016.12.09 10:57:01 | 001,852,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2016.12.09 10:57:00 | 006,668,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2016.12.09 10:52:21 | 001,415,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2016.12.09 10:47:29 | 022,563,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2016.12.09 10:45:47 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WordBreakers.dll
[2016.12.09 10:42:29 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2016.12.09 10:41:22 | 000,380,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2016.12.09 10:41:06 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WordBreakers.dll
[2016.12.09 10:40:38 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32k.sys
[2016.12.09 10:38:39 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.LockScreen.dll
[2016.12.09 10:37:29 | 000,261,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\indexeddbserver.dll
[2016.12.09 10:37:10 | 000,411,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\facecredentialprovider.dll
[2016.12.09 10:37:01 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Shell.dll
[2016.12.09 10:36:56 | 000,425,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2016.12.09 10:36:32 | 000,410,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2016.12.09 10:36:09 | 003,059,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2016.12.09 10:36:05 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll
[2016.12.09 10:36:02 | 006,285,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2016.12.09 10:34:52 | 000,822,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2016.12.09 10:34:31 | 000,288,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2016.12.09 10:33:42 | 003,777,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2016.12.09 10:33:37 | 001,589,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdtctm.dll
[2016.12.09 10:32:18 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2016.12.09 10:31:20 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\indexeddbserver.dll
[2016.12.09 10:31:11 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2016.12.09 10:30:32 | 019,413,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2016.12.09 10:30:31 | 004,612,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2016.12.09 10:29:51 | 004,749,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_nt.dll
[2016.12.09 10:28:55 | 001,004,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enterprisecsps.dll
[2016.12.09 10:28:12 | 003,306,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2016.12.09 10:27:55 | 005,114,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdp.dll
[2016.12.09 10:27:36 | 000,981,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll
[2016.12.09 10:26:32 | 008,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2016.12.09 10:26:01 | 001,692,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2016.12.09 10:25:28 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CryptoWinRT.dll
[2016.12.09 10:24:21 | 002,275,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2016.12.09 10:22:27 | 001,490,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2016.12.09 10:22:06 | 002,820,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2016.12.09 10:21:48 | 004,746,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2016.12.09 10:21:42 | 003,616,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2016.12.09 10:21:31 | 001,512,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2016.12.09 10:21:04 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ShareHost.dll
[2016.12.09 10:20:36 | 000,730,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2016.12.09 10:20:35 | 003,198,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cdp.dll
[2016.12.09 10:20:33 | 006,044,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2016.12.09 10:20:32 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEnroller.exe
[2016.12.09 10:20:05 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2016.12.09 10:19:46 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2016.12.09 10:19:45 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2016.12.09 10:19:43 | 000,261,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2016.12.09 10:19:32 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll
[2016.12.09 10:19:32 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditBufferTestHook.dll
[2016.12.09 10:18:36 | 002,138,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputService.dll
[2016.12.09 10:18:23 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2016.12.09 10:17:55 | 000,886,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2016.12.09 10:17:08 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ShareHost.dll
[2016.12.09 10:16:56 | 002,998,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2016.12.09 10:16:03 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2016.12.09 10:15:59 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2016.12.09 10:15:51 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditBufferTestHook.dll
[2016.12.09 10:15:49 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputLocaleManager.dll
[2016.12.09 09:54:48 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CoreMessaging.dll
[2016.12.07 18:31:46 | 000,281,392 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrB.xtr
[2016.12.07 18:31:46 | 000,281,392 | ---- | M] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2017.01.04 19:15:33 | 000,002,775 | ---- | C] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2017.01.03 20:48:19 | 000,217,771 | ---- | C] () -- C:\WINDOWS\ZAM_Guard.krnl.trace
[2017.01.03 20:48:19 | 000,189,996 | ---- | C] () -- C:\WINDOWS\ZAM.krnl.trace
[2017.01.03 09:36:27 | 000,223,892 | ---- | C] () -- C:\Users\luvan\Desktop\potvrzení o studiu.pdf
[2017.01.03 09:25:40 | 000,054,056 | ---- | C] () -- C:\Users\luvan\Desktop\vypis OZP.pdf
[2017.01.02 21:02:48 | 000,028,272 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\TrueSight.sys
[2017.01.01 15:50:50 | 000,001,916 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017.01.01 15:50:48 | 000,077,408 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2016.12.31 00:57:00 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2016.12.30 23:54:06 | 000,001,232 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2016.12.30 23:54:06 | 000,001,220 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016.12.30 18:31:35 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_avusbflt_01011.Wdf
[2016.12.30 18:24:41 | 000,001,281 | ---- | C] () -- C:\Users\Public\Desktop\Avira Connect.lnk
[2016.12.28 03:30:43 | 000,000,932 | ---- | C] () -- C:\Users\Public\Desktop\Unity 5.5.0f3 (64-bit).lnk
[2016.12.27 18:07:35 | 067,447,470 | ---- | C] () -- C:\Users\luvan\Desktop\Ballistic.Tanks.v1.04.rar
[2016.12.26 01:51:22 | 000,001,572 | ---- | C] () -- C:\Users\luvan\Desktop\photoshop.lnk
[2016.12.26 01:50:54 | 000,001,631 | ---- | C] () -- C:\Users\luvan\Desktop\visual studio.lnk
[2016.12.26 01:31:53 | 000,001,083 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4 (64 Bit).lnk
[2016.12.26 01:29:46 | 000,001,020 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4.lnk
[2016.12.26 01:27:33 | 000,000,982 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk
[2016.12.26 01:25:33 | 000,001,488 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
[2016.12.24 03:05:01 | 000,001,813 | ---- | C] () -- C:\Users\luvan\.xmlcopyeditor
[2016.12.24 03:04:22 | 000,000,856 | ---- | C] () -- C:\Users\Public\Desktop\XML Copy Editor.lnk
[2016.12.15 05:59:06 | 002,681,200 | ---- | C] () -- C:\WINDOWS\SysNative\CoreUIComponents.dll
[2016.12.15 05:58:49 | 002,048,496 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreUIComponents.dll
[2016.12.11 18:28:59 | 000,000,717 | ---- | C] () -- C:\Users\luvan\Desktop\mili jezisku.jpg
[2016.11.10 20:53:03 | 000,129,824 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1.dll
[2016.11.10 20:53:03 | 000,040,224 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo.exe
[2016.10.01 12:37:31 | 000,265,728 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Perception.Stub.dll
[2016.09.12 21:15:20 | 035,133,376 | ---- | C] () -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2016.09.12 21:10:00 | 008,916,512 | ---- | C] () -- C:\WINDOWS\SysWow64\nvptxJitCompiler.dll
[2016.09.12 21:10:00 | 000,611,608 | ---- | C] () -- C:\WINDOWS\SysWow64\nvfatbinaryLoader.dll
[2016.09.12 19:35:52 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysWow64\Access.dat
[2016.08.20 07:30:03 | 000,000,102 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
[2016.08.20 07:28:11 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2016.08.16 16:47:42 | 000,281,392 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[2016.08.16 16:47:41 | 003,894,632 | ---- | C] () -- C:\WINDOWS\SysWow64\pbsvc.exe
[2016.08.16 16:47:41 | 000,076,888 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe
[2016.07.16 12:47:57 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2016.07.16 12:47:57 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2016.07.16 12:43:04 | 000,055,296 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2016.07.16 12:43:00 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\GamePanelExternalHook.dll
[2016.07.16 12:42:55 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2016.07.16 12:42:53 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2016.07.16 12:42:49 | 000,304,640 | ---- | C] () -- C:\WINDOWS\SysWow64\HrtfApo.dll
[2016.07.16 12:42:48 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2016.07.16 12:42:43 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2016.07.16 12:42:12 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2016.05.04 03:23:30 | 000,129,824 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-1-0-11-1.dll
[2016.05.04 03:22:58 | 000,040,224 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-1-0-11-1.exe

========== ZeroAccess Check ==========

[2016.09.04 04:53:47 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2016.11.11 11:01:16 | 007,219,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2016.11.11 08:47:14 | 005,722,832 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2016.07.16 12:42:31 | 000,977,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2016.07.16 12:42:56 | 000,779,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2016.07.16 12:42:31 | 000,518,656 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2016.09.10 11:57:49 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\.mono
[2016.09.30 13:34:11 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\Acer Incorporated
[2016.10.31 12:28:53 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\Autodesk
[2016.07.18 00:44:35 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\AVAST Software
[2016.07.18 01:13:08 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\BANDISOFT
[2016.11.26 17:58:05 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\Build and Shoot
[2016.09.29 17:13:49 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\CDE
[2016.11.29 00:35:50 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\Code Force Limited
[2016.08.20 10:00:16 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\DarkSoulsIII
[2016.12.18 21:44:42 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\DevilDaggers
[2016.09.16 17:50:36 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\EnhancedReborn
[2016.09.17 16:55:06 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\Fatshark
[2016.08.25 10:05:34 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\Foxit Software
[2016.12.26 17:00:04 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\GT200Driver
[2016.10.14 13:20:59 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\Guild Wars 2
[2016.08.15 11:12:14 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\HelloGames
[2016.11.27 16:00:44 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\KingRoot
[2016.08.24 09:42:45 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\LibreOffice
[2016.10.19 14:55:30 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\MedievalEngineers
[2016.09.29 16:27:41 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\MMFApplications
[2016.11.27 14:05:21 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\monect
[2016.09.17 15:45:40 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\Mount&Blade Warband
[2016.11.11 02:02:43 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\OBS
[2017.01.05 19:27:59 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\Origin
[2016.08.18 14:13:57 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\Petroglyph
[2016.12.27 18:34:29 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\SmartSteamEmu
[2016.11.11 14:49:40 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\SpaceEngineers
[2016.11.26 18:05:48 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\Spadille
[2016.08.20 08:58:17 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\Steam
[2016.08.07 17:35:16 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\TeamViewer
[2016.12.27 21:28:43 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\TS3Client
[2016.10.23 13:36:50 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\Tunngle
[2016.12.30 14:48:46 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\Warner Bros. Interactive Entertainment
[2016.07.18 01:29:49 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\WarThunder
[2016.08.07 17:50:39 | 000,000,000 | ---D | M] -- C:\Users\luvan\AppData\Roaming\WildTangent

========== Purity Check ==========



< End of report >

[vantyto]

Extras 1/3
OTL Extras logfile created on: 05.01.2017 22:24:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Public\Downloads\programy\hijack
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: dd.MM.yyyy

7,87 Gb Total Physical Memory | 3,86 Gb Available Physical Memory | 49,07% Memory free
10,74 Gb Paging File | 7,15 Gb Available in Paging File | 66,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 930,91 Gb Total Space | 100,16 Gb Free Space | 10,76% Space Free | Partition Type: NTFS

Computer Name: BLACKBOOK | User Name: luvan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = A0 50 7E 45 AF FA D1 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
"DontEnumerateCommonFilesUpgradeExe" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{004CA860-453E-4FB6-A50C-C80A56F9D769}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{03446571-90F8-4C6D-BC33-09D19720C9FA}" = lport=137 | protocol=17 | dir=in | app=system |
"{03778BAF-E1CA-44E6-B329-0C18C35A2453}" = rport=137 | protocol=17 | dir=out | app=system |
"{05DF8DA0-7AE2-4377-B8AF-99CCC7D14A29}" = lport=3702 | protocol=17 | dir=in | app=c:\programy\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{0911E053-AD93-4816-A8C8-2AB4FCA78FE0}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{0B29E948-A7DD-4E40-9017-0EDBD2FA861E}" = lport=139 | protocol=6 | dir=in | app=system |
"{12230832-97B1-4B16-94F7-12AD4D3C36DC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{14FC79D9-023B-4A97-A70D-A5F28F7828F0}" = rport=138 | protocol=17 | dir=out | app=system |
"{1B7C1E3D-741B-4588-A1B6-85853C402D15}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{21E09942-2838-4223-A1DD-0AC9EFE024C7}" = lport=6915 | protocol=6 | dir=in | app=c:\programy\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{2E5D0628-462C-493C-B06E-137B5DD5A197}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{30D1BCAE-CEA4-4B8D-9600-F45915DE0994}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{356F20EC-2D32-4FFB-8860-32F980919464}" = lport=138 | protocol=17 | dir=in | app=system |
"{3C72482F-DCE6-4925-9E24-B6C3BE057CBA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3CE09726-C57B-46DC-9177-C152EC721780}" = lport=445 | protocol=6 | dir=in | app=system |
"{4B4E7B2B-DD89-4B97-92A4-D078A4045052}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4DBD4FF1-ED7F-43D5-905C-0AB46645DD07}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5A75E42B-2297-442C-AD9D-5D7A33030FD4}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\dashost.exe |
"{75B894DF-7E53-451C-A3C4-3D7E88A6D104}" = rport=139 | protocol=6 | dir=out | app=system |
"{7BA80188-6F07-496A-9E9F-BB206FF0BA1E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8470B49E-EB50-4B3B-9619-BB19D4C63ABC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{86B95048-3964-4642-BA61-B2CEC6797178}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{87AC6E8A-96C7-4507-8F61-218DAD7CD5D0}" = lport=6920 | protocol=6 | dir=in | app=c:\programy\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{88F5B922-6A53-4C66-AE2F-DD9E1A073009}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{8FA27324-BC2A-487C-8D5E-C4F71D9CEADF}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe |
"{952A9B08-8618-4859-86EC-A84628EA43D1}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{99545FEE-069A-4577-860E-C7A16707EBCD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B0D5829B-3CEE-4C6D-8353-024C27C9F435}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BFDFF98D-6952-4A94-9DF2-EBA9060A858F}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{C4A1158F-8FCA-49BC-A814-8396C19048EB}" = rport=445 | protocol=6 | dir=out | app=system |
"{D2472700-6724-4115-B821-CA6AEDF58B23}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D71DAFE0-7A3B-4479-B8F7-3C11064D6715}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{DF26646D-7891-4116-A14A-C76DB07F31A8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E4B316D0-99A2-40A4-A939-FDCBD6CF6AB6}" = lport=6916 | protocol=6 | dir=in | app=c:\programy\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{E5CCE031-8182-4A17-A025-E5F839087F52}" = lport=6919 | protocol=6 | dir=in | app=c:\programy\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{E6314568-24C6-427B-99BA-D6DC3D3A72E7}" = rport=2869 | protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EF19A658-FA15-4B1D-9AAE-F01324C066AA}" = lport=6917 | protocol=6 | dir=in | app=c:\programy\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{FA67C258-BD5B-4BE8-A9F3-5A81899D42F9}" = lport=6918 | protocol=6 | dir=in | app=c:\programy\microsoft visual studio 11.0\common7\ide\devenv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00183BBA-F99C-4E76-A022-96A00BCE9E7D}" = dir=in | name=@{microsoft.microsoftofficehub_17.7031.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{00ECA009-4ACA-4BEB-B449-D47667246874}" = dir=out | name=@{microsoft.accountscontrol_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{01F44B1E-EEDD-44AC-B49D-56AE895EB0C6}" = dir=out | name=windows_ie_ac_001 |
"{039690B3-B111-4AFC-A307-777245C9D310}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{0560CE8F-009A-4181-9A15-87465D45E872}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\skyrim\skse_steam_boot.exe |
"{0594100B-01C6-461E-80BA-305305ABE37E}" = dir=out | name=@{microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"{05EBF720-9C08-4032-9F83-DDB35AB3D67E}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abphoto\dmcdaemon.exe |
"{0667D09F-D65B-477C-A250-D1570369221A}" = dir=out | name=xbox |
"{07397BDA-DA1A-45C7-95B9-A0A200FED88B}" = protocol=6 | dir=in | app=c:\programy\teamviewer\teamviewer.exe |
"{087B21C9-B2B1-4D6B-BB9E-B1D62B9E131E}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\gocco of war demo\gocco_of_war_64_demo.exe |
"{08F98880-777D-43AE-8770-D5FEB85A313F}" = protocol=6 | dir=in | app=c:\programy\ubisoft\ubisoft game launcher\games\tom clancy's rainbow six siege\rainbowsix.exe |
"{092C5A3A-17AD-4652-9520-7C6779EC028D}" = dir=in | name=@{microsoft.bingsports_4.12.207.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{0A05A678-E9E9-4619-BC70-0559EB030FB9}" = protocol=6 | dir=in | app=c:\programy\ubisoft\ubisoft game launcher\games\splinter cell blacklist\src\system\blacklist_game.exe |
"{0A0659CB-9C81-4258-A9E3-CC86FE132EED}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\devildaggers\dd.exe |
"{0A27DBB2-6F53-45DE-9B72-79262C90DC4A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0BA31C7D-6F41-423B-A28A-D8C25BD237DD}" = dir=in | app=c:\program files (x86)\common files\tencent\qqdownload\125\tencentdl.exe |
"{0CB189A9-EE5C-415B-A6C0-A9FB306EC723}" = dir=out | name=@{microsoft.windowsmaps_5.1611.3342.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{0D1CA345-0D9E-4592-BEE9-4D08E5C27280}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\punch club\punch club.exe |
"{0E3AF813-0CCF-4BF3-BC7F-6911C9710CD6}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\shadowofmordor\x64\shadowofmordor.exe |
"{0E84F8FB-8561-4BD3-9D2B-B1FC675BFB18}" = dir=out | app=c:\programy\photoshop\adobe photoshop cs4 (64 bit)\photoshop.exe |
"{0E958A34-94EE-4F5C-9210-365C6DD2F7FC}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\squad\squad_launcher.exe |
"{0F179E2B-E012-4D2B-B00F-83D21C91CF75}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{0F421398-B8DC-439C-B03A-7E908420FF39}" = dir=out | name=@{microsoft.bingsports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{0F7F9C10-BAE3-4BA4-A5EC-7DEAE2062019}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\insurgency2\insurgency.exe |
"{108CF74B-FB8B-48CC-9721-C42C218438E9}" = dir=out | name=@{microsoft.bingnews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{112B39FB-FAAC-4CCA-B3EC-B8DD292803EE}" = protocol=17 | dir=in | app=c:\programy\teamviewer\teamviewer_service.exe |
"{11CD2D09-3937-4D60-BE35-066916AF2BEA}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\rollercoaster tycoon 2\rct2.exe |
"{132D5589-2C0B-4F74-89EC-63627A0953A3}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{153D9351-68F9-4CE6-AE66-5419EB374260}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\aop framework\acer\ccd.exe |
"{15C3A486-9030-443C-92FE-0766155228CE}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\men of war assault squad 2\mowas_2.exe |
"{16994628-3D89-46EC-B86C-8D6407FF0A37}" = dir=out | name=@{microsoft.bingnews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{16D6AAB3-1103-4EF0-B70A-B32DBC19AE0C}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\prison architect\prison architect.exe |
"{1770BE37-2878-4F9B-837A-5B50F3CE6A8E}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\tom clancy's rainbow six siege\rainbowsix.exe |
"{17A3884A-39D5-499F-9877-99BFDEB65D6A}" = protocol=6 | dir=in | app=c:\programy\steam\steam.exe |
"{18206526-24AC-4A22-9FD2-EC61F4163F3B}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{19D60658-A2F3-49D0-9609-B3290497C37F}" = dir=in | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{1CAF3F40-D649-4492-99B6-D761FC72F9B9}" = dir=in | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{1E07855B-313A-48F4-8A06-9105016BBF13}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\war of the roses\run_game.exe |
"{1E9C7901-28B3-4136-BF62-004F0E4B1B2A}" = dir=in | name=@{microsoft.bingnews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{1EB91924-5683-4423-A732-FAD93BCF46A4}" = protocol=17 | dir=in | app=c:\programy\ubisoft\ubisoft game launcher\games\assassin's creed iii\ac3mp.exe |
"{1F0A5F0F-C3A5-44BD-9C6B-CBD4DBEDCAA9}" = protocol=17 | dir=in | app=c:\programy\tunngle\tnglctrl.exe |
"{203C90E1-9A75-47C2-B79E-92C8BB00C667}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\men of war assault squad 2\mowas_2_ed.exe |
"{205CB27B-62C1-412C-BA8F-259EA1F0E533}" = dir=out | name=@{microsoft.lockapp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{20C9D7F8-1134-4FF3-A1B9-964FBE65D05C}" = protocol=17 | dir=in | app=c:\games\europa universalis iv\europa universalis iv\eu4.exe |
"{21B4A457-80D3-4549-B721-E88AF3F12F50}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\grand theft auto v\gtavlauncher.exe |
"{223AFE3A-AAE7-4004-A3E0-B5D09489FE71}" = protocol=17 | dir=in | app=c:\games\8-bit hordes\instanceserverg.exe |
"{227DE642-B4A4-40DB-B65D-741AF59B20FE}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\aop framework\acer\ccd.exe |
"{22E017FD-9B95-4E1D-B560-E2115B848061}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{239959F1-60BB-47EF-8F9E-48EA36620095}" = protocol=6 | dir=in | app=c:\programy\ubisoft\ubisoft game launcher\games\assassin's creed iii\ac3mp.exe |
"{25C0D87F-7988-4834-ADF6-A3AF41B647F5}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe |
"{25CB532D-F3F7-49A5-8992-56DCFFB16DFE}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\war thunder\launcher.exe |
"{2710F19D-7F4C-4E25-9C8A-B14FF0ECD638}" = protocol=17 | dir=in | app=c:\programy\tunngle\tunngle.exe |
"{272D7875-A371-4D08-94EF-2F0C9C854C07}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{2A795DED-F9E4-4A15-9481-1341CA7E1E4D}" = dir=in | name=@{microsoft.messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{2B5B4B7D-76B9-469D-ABCC-7287AA99D335}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\original war\owar.exe |
"{2B8A00B4-7FA3-4647-A561-AA1F2CDACDBD}" = protocol=17 | dir=in | app=c:\games\8-bit hordes\clientg.exe |
"{2C458145-1513-429F-9714-A1069C7553FA}" = dir=out | name=microsoft sticky notes |
"{2E6458BD-4EA9-488E-9F6C-62EA49CB1476}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\commandos beyond the call of duty\legacy\coman_mp.exe |
"{3044A460-7D6A-4286-8BC5-69255FB6FA1A}" = protocol=6 | dir=in | app=c:\programy\ubisoft\ubisoft game launcher\games\splinter cell blacklist\src\system\blacklist_dx11_game.exe |
"{30CAD540-9616-4134-B59B-7770C00B0D3E}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{3135B83B-75F7-483E-A166-450897FC5325}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\dirt 3 complete edition\dirt3_game.exe |
"{316D00A6-2A30-4150-BA93-E3567E844427}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{323CF1AA-C694-4C5B-89D0-07A460922119}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\chompy chomp chomp\chompychompchomp.exe |
"{324A06AD-6657-482A-832C-69A4DE2E256F}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{32B2CCD9-1862-4995-91F7-6CAA1F19D916}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\commandos beyond the call of duty\legacy\coman_mp.exe |
"{33716719-035C-42C7-A184-0E2BDC0E0861}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{33A68051-04ED-4DE3-BE29-4AEA9687D062}" = dir=out | name=acer explorer |
"{34912060-E58A-4D4D-9090-DB1C8E6B6EFD}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\cmw.exe |
"{34E12237-6206-49FD-960C-48713E12F046}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\teleglitchdme\teleglitch.exe |
"{3593B28F-DEEB-42CE-A6AE-CFA8A9D02722}" = dir=in | name=onenote |
"{36376807-D590-4FEA-8609-41DFD7F53F43}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{375595DE-1622-41F8-816D-ED4152D4F1C3}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\broforce\broforce_beta.exe |
"{3769E508-C071-4140-A40E-3AD904B56998}" = dir=in | name=microsoft solitaire collection |
"{37723F30-36F8-4D61-98F0-6665E405F74C}" = protocol=6 | dir=in | app=c:\games\europa universalis iv\europa universalis iv\eu4.exe |
"{37F07DDA-B57A-445B-94F5-4E9941D4194E}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{38B92C27-BF0B-483C-B5D2-B9F5614AECE0}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4webhelper.exe |
"{3984477A-C11D-4C54-A88C-20A363230962}" = dir=in | app=c:\programy\pc remote receiver\pcremotereceiver.exe |
"{3CD02E95-7505-4CAB-9609-43E94F3971AA}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{3D76204D-B59F-43C6-A700-10AF67C8BAF3}" = dir=out | name=@{microsoft.bingweather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{3DFDF3A6-5122-4D67-9F51-5A405DE308C3}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{3E449822-1B37-42C4-BBEB-C2A8FE692D83}" = protocol=17 | dir=in | app=c:\programy\ubisoft\ubisoft game launcher\games\tom clancy's rainbow six siege\rainbowsix.exe |
"{3F462176-0D1A-43B5-BF10-B45CBECD9EC0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{402D5F82-6F6E-4B8B-85F5-CC1BB62A7128}" = dir=out | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{41649AD8-D272-4EBA-AC06-25E744E36B82}" = dir=out | name=@{microsoft.windows.cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{420C7CF5-72E5-4A6C-9B4B-7C5BCB4F9B45}" = dir=out | name=@{microsoft.bingfinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{423CEA6E-03CD-49B3-9D12-15BF8C6CA690}" = dir=in | name=@{microsoft.windows.photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{42959F7D-ADB4-480D-8281-C07A2827DF34}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\planetside 2\launchpad.exe |
"{437ACAFD-8AB9-4AD5-8D24-756898044FFA}" = dir=out | name=candy crush soda saga |
"{44F04F7A-BE69-4F77-B628-CB6C4BB77538}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\satellitereign\satellitereignwindows.exe |
"{4526A68A-3932-4B49-BDA9-121FA274784B}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\dirt 3 complete edition\dirt3_game.exe |
"{46365A13-94A8-4A73-ADE0-8BE06D96FAB3}" = dir=in | name=@{microsoft.skypeapp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{4667E906-60EB-4CC8-A477-A6A0798022C1}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe |
"{4A37DA24-9D26-4D5A-B6FB-8001F8C4A5D3}" = dir=out | name=@{microsoft.accountscontrol_10.0.10240.16384_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{4A5BB67E-8B8D-447F-A4AF-B65CA42C195F}" = protocol=17 | dir=in | app=c:\games\dark souls 3\game\darksoulsiii.exe |
"{4B88C455-4582-47A1-AECE-EC11610BEA98}" = dir=out | name=@{microsoft.bingsports_4.12.207.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{4BE27CC8-10C1-4A26-9274-31D3419D56B0}" = protocol=17 | dir=in | app=c:\programy\ubisoft\ubisoft game launcher\games\tom clancy's rainbow six siege\rainbowsixgame.exe |
"{4C13EAA2-95BD-4657-91A2-BC0B7CD95429}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\battleblock theater\battleblocktheater.exe |
"{4C77FD43-95DD-4176-940B-CD7AD6D4C471}" = dir=in | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{4EBA45F5-9C5F-4334-9880-5212FDF7252F}" = dir=out | name=@{microsoft.windows.photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{4EFA7722-629C-478F-BCB0-F843DB4F023F}" = dir=in | name=@{magix.musicmakerjam_2.3.1054.0_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{4F5211C1-DF86-43F9-B151-D200C2E7F285}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\empyrion - galactic survival\empyrionlauncher.exe |
"{4FE31A06-D2E7-42B2-9478-15840DCAF632}" = dir=out | name=microsoft solitaire collection |
"{4FE97CA7-8A92-41FD-AA12-CE1D93FB8C44}" = dir=out | name=@{microsoft.getstarted_4.2.29.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{4FFAFDA4-7E9A-4B00-800D-768CB7241667}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{500430FE-AB0D-4CDB-84BB-DF9AF9A667D7}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{50818203-657A-4842-B799-32B0825A9E2A}" = dir=in | name=acer explorer |
"{5136CF47-C512-44D8-B160-7B1601CBA0E3}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\men of war assault squad 2\mowas_2_ed.exe |
"{51388790-36FA-4E56-AAAD-BB87E94B6E1E}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\tigerknight_ew\frontend\bin\frontend.exe |
"{5140BF84-BF96-4043-B1E0-0FCA3FC24D3A}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\from the depths\from_the_depths.exe |
"{51533D8C-57F7-4738-8F0B-02DA47661B44}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{51543D5A-2266-4CB0-9C0B-F26E51B7F029}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\original war\owar.exe |
"{52813BCD-8822-42FD-A262-4EDAC137BC83}" = dir=out | name=@{microsoft.skypeapp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{52F807D6-925F-4D49-A48C-0FD000E737DC}" = protocol=58 | dir=in | app=system |
"{5561F8D2-CEA1-4AE2-B584-77A4A5AE09C1}" = dir=out | name=@{microsoft.windowsphone_10.1609.2561.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{55D17D43-2444-4669-B694-5F807702E904}" = dir=out | name=@{microsoft.messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/microsoft.apps.messaging.skype/skypemessaging.resources/skype_appstorename} |
"{562E1FF5-2C54-4D51-8F49-8434C440D402}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{57D3BF13-1065-4668-B4AD-C9330197B88B}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{58449A70-6264-44B8-8B42-7FB27E982AC0}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\garrysmod\hl2.exe |
"{5848C84C-2F88-4EBD-90EE-D8D834026570}" = dir=in | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{58B81635-4D4F-40A9-8C49-F0D3181D5FD5}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\arma cold war assault\coldwarassault.exe |
"{59429DDF-BCCC-4723-8356-E555173E4834}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\arma cold war assault\coldwarassault.exe |
"{599FFA00-4D88-4D1F-9D65-70BB7481B727}" = protocol=6 | dir=in | app=c:\games\shadow tactics - blades of the shogun\shadow tactics.exe |
"{59A8D80A-86B1-45F0-B29D-F2A67A74D55A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{59D53789-D52C-436D-9DA3-D42C32F8565F}" = dir=out | name=@{magix.musicmakerjam_2.3.1050.0_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{59F75D26-C636-49C9-B925-29A01C8A50BA}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{5B918622-10F7-4D03-B7AF-32CE2E40FA34}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\prison architect\prison architect.exe |
"{5C18B855-2EAB-46CC-B6ED-EA0D683C1BF2}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{5C3D745A-DA67-4628-916B-EEBF203A2DD6}" = dir=in | name=@{microsoft.windows.cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{5CC1B671-5B37-4272-BC2A-308002BF34BF}" = protocol=6 | dir=in | app=c:\programy\tunngle\tnglctrl.exe |
"{5DDAD603-84E5-4630-816E-0B919E013562}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\commandos 2 men of courage\comm2.exe |
"{5E9A3D97-F95D-42C7-8881-4358C7115D8A}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\prison architect\prison architect safe mode.exe |
"{6057B627-F299-454C-8F2A-B0A0C3CE8BE2}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\from the depths\from_the_depths.exe |
"{609143F1-2060-4147-9B61-21D7F7DCA4B8}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\satellitereign\satellitereignwindows.exe |
"{612D4734-DDF4-4169-87DA-E12D2797F2FF}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\garrysmod\hl2.exe |
"{619CCEF1-4132-4867-B8B4-A9885F169893}" = dir=in | name=@{microsoft.bingsports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{62608F76-C00B-45C0-9708-CFCD08C1E78C}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\planetside 2\launchpad.exe |
"{63BDBE1C-2FE6-42EB-8F5D-DBDA99828601}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{646D3455-11E6-41DB-AB75-541D792FD9EE}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{64C5A9E0-F201-440C-AE45-9BC9E54D71DA}" = dir=out | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{64F8B031-E992-43B2-B0D4-7A4919D4B4F3}" = dir=out | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{654694EE-2699-4F39-815B-B9F4522F64C5}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\men of war red tide\redtide.exe |
"{6638EB13-643F-4D7F-9D9D-4917D12CCC76}" = dir=out | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{66B63B3B-62C0-4186-9B02-72D710517493}" = dir=in | name=@{magix.musicmakerjam_2.3.1050.0_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{67C9347E-E30C-4231-91FC-93C47161E8D1}" = dir=in | name=@{microsoft.bingfinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{68BAB786-CDDA-45CF-9C93-2E46A4C52A02}" = dir=in | name=sway |
"{6B247FDA-A549-4F71-B175-5DE5FCEB6364}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\tigerknight_ew\frontend\bin\frontend.exe |
"{6BADDDFC-DAFF-4474-95B9-833C8E489A71}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.6965.41051.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{6D81B05A-CEAF-4903-B5B6-E2166C851855}" = protocol=6 | dir=in | app=c:\programy\teamviewer\teamviewer_service.exe |
"{6E312D70-0F5E-4B52-AC13-E55AB884E4EF}" = dir=in | name=microsoft sticky notes |
"{6E998BC1-DEBB-43D5-8018-480B051EC7B4}" = dir=out | name=@{microsoft.zunemusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{6F34757E-C5A0-4A9E-A328-10A7FF35BC74}" = dir=out | name=@{microsoft.bingfinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{6FAB1B3B-8B99-4221-A634-C5239D9B9A69}" = protocol=6 | dir=in | app=c:\games\8-bit hordes\instanceserverg.exe |
"{6FEAD9A6-6C69-4FD1-A90C-D970BAC58FF9}" = dir=in | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{71E6EB3A-019F-4B9C-9AAE-EB29F3639163}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\commandos behind enemy lines\comandos.exe |
"{72A76A6A-A64E-4104-9000-ABB9DD94A58C}" = dir=out | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{73BF5264-A817-46C2-85F7-BCE5E72D6677}" = dir=out | name=@{microsoft.lockapp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{74B03DC8-D85B-4D43-A78D-92A078F51535}" = dir=out | name=onenote |
"{759659A0-7C11-4214-935A-DF65E969227D}" = dir=out | name=microsoft solitaire collection |
"{75B96862-E287-43E6-BBB6-D20D0FD3B013}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{7696CEBC-DBBB-4903-9061-6BD0E8561535}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\portal 2\portal2.exe |
"{76CB6E95-9E08-4CBD-AB8A-E7EAFBF10A15}" = dir=out | name=@{microsoft.windowsstore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |

[vantyto]

Extras 2/3
"{78D62DDB-665A-4E1B-904A-BA3F21A189BD}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\insurgency2\insurgency.exe |
"{79AC235B-4861-472D-83E4-3CD151DCE0EE}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.14393.576_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{7B2E043E-529E-44D6-AEC9-D15576A689E2}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\castlecrashers\castle.exe |
"{7B31DDC8-866B-4E62-9128-4A3C2AE4FD58}" = protocol=6 | dir=in | app=c:\games\8-bit hordes\clientg.exe |
"{7BFF0A22-DE9E-4272-93C9-0A711A769F3D}" = protocol=17 | dir=in | app=c:\programy\teamviewer\teamviewer.exe |
"{7CE2BA99-3022-4B1B-AA3C-223004B910C1}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{7D609495-59CC-49C2-85FD-ABA0DAE6DE23}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\sacred_citadel\sacredcitadel.exe |
"{806D71A3-45D1-424A-89FE-9E2D2F297F69}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\teleglitchdme\teleglitch.exe |
"{813BBCC7-C0B3-45C9-8F1B-E22DF803F9F5}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{813BC538-07F2-4E2B-9DA1-EB200DAF24A2}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{8213F889-2616-442E-BB64-C4A16F5E6E33}" = dir=out | name=@{microsoft.zunevideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{82BF951B-C2CF-4B3F-94B9-E3B52D9D3FFB}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\battleblock theater\battleblocktheater.exe |
"{82E253BD-8F4C-4257-BAC3-4D0BE8FB4E4D}" = dir=out | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{82F8D20D-EEAD-4597-99D6-41B3526942C2}" = dir=out | name=acer explorer |
"{84017B12-B443-44F5-B83B-8A6966B22FFA}" = dir=out | name=@{microsoft.people_10.1.3160.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{86D6B102-8BF4-4BFC-9D41-6A60F84EE935}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\arma cold war assault\coldwarassaultpreferences.exe |
"{87D812CD-5D5D-4CEB-B601-F6A60D837666}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\medievalengineers\bin64\medievalengineers.exe |
"{8868C212-EE2B-414E-87E6-92B947EC7B40}" = dir=out | name=@{microsoft.accountscontrol_10.0.14393.576_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{8868C25F-9403-4BF5-952C-12AD30AC97FE}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\commandos behind enemy lines\comandos.exe |
"{8993A8EB-5204-4851-B124-5DCA95AFC29C}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{8B6E25EC-FC59-4C34-9CB9-024777AFB7CB}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\blocknload\win64\blocknload.exe |
"{8BE47FF6-E4A9-435D-821D-E5D290AAB87F}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{8C614D2E-5B43-4EDE-A071-88A4702317D5}" = dir=in | name=sway |
"{8F3106A1-15D1-44B6-95FD-2CCEBC7CF9C9}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{8FED4274-3BE9-48FA-ADAC-58A423B89813}" = dir=out | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{8FF524CF-5DE5-4002-9C96-7428DDBE1398}" = dir=out | name=@{microsoft.lockapp_10.0.10240.16384_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{901F8410-BFB3-437A-8860-70300697F694}" = dir=in | name=@{windows.contactsupport_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{90AB72C7-CE5B-42B4-9EC6-D8554E1DAA56}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe |
"{91692DC0-BF42-45CE-82A5-6E667F038C2E}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{91C4DE5D-4A1F-43C6-9A66-0AAB6D734A71}" = dir=in | name=@{microsoft.zunemusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{9374E55F-F31F-454E-8D92-4D68414A5ACB}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abphoto\windowsupnp.exe |
"{939544AA-88FE-4A85-B12B-3475BEDBA9C5}" = dir=out | name=@{microsoft.getstarted_4.0.9.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{96291245-7DB1-4161-863E-B9DD92DD7F4C}" = protocol=17 | dir=in | app=c:\programy\ubisoft\ubisoft game launcher\games\splinter cell blacklist\src\system\blacklist_game.exe |
"{96B2C400-AABF-45A6-9466-9BA66F39306D}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{979670FA-8552-4EC4-807B-4D20D8C92BC6}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{97DB805F-9858-42B9-824F-66A4C83DC5AE}" = protocol=6 | dir=in | app=c:\programy\ubisoft\ubisoft game launcher\games\tom clancy's rainbow six siege\rainbowsixgame.exe |
"{980DF962-3B36-407C-98E8-4ACD930429E7}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\cmw.exe |
"{98AA6864-0D60-4FF7-A28A-88D0619A49EB}" = dir=in | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{98B298C0-7749-4B92-A605-E2640428BE93}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\holodrive\holodrive.exe |
"{98F8532B-D22F-4044-9358-F993A97344A5}" = dir=out | name=store purchase app |
"{9A78039C-E032-490A-AFC4-63627387DAA1}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\toribash\toribash.exe |
"{9AE0DC0F-80A0-46CF-953D-D5CCA82CC0BC}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{9AE2C2F5-46AD-468E-A973-4A9FF5585145}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{9B228E80-FBA9-4BD5-991A-A58075228717}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\toribash\toribash.exe |
"{9C07ACF9-2151-4072-87C4-2C9A9D132C7B}" = dir=in | app=c:\programy\pc remote receiver\monectmediacenter.exe |
"{9C26A1B6-8EC1-4118-A7FC-C79F52FC75D8}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\squad\squad_launcher.exe |
"{9C7DB52F-25F7-4DFD-B211-7302C497E5DD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{9CC6A391-35F9-4CDC-B035-417DA872982D}" = dir=out | name=@{microsoft.microsoftofficehub_17.7031.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{9E1BB739-AFD4-4B81-8102-0E2E298F8B0E}" = dir=in | name=acer explorer |
"{9EAD1319-974D-43DE-AE53-74B6EA79D976}" = protocol=6 | dir=in | app=c:\games\8-bit hordes\clientlauncherg.exe |
"{A121F2F6-97D5-4291-BB41-D8EE1C657750}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\herosiege\bin\hero_siege.exe |
"{A1DA883D-DE76-4BFE-9388-6ACAB1BA7B6E}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\broforce\broforce_beta.exe |
"{A20E77A9-D2DB-479C-ABFA-3CBE6965DAED}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4x86webhelper.exe |
"{A2A26067-A3AD-4F86-96AE-4D54401FCD35}" = dir=in | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{A3361886-BB16-4C9C-A059-CF29F0D9265E}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{A3D1E228-ECEB-4DBD-8126-2EDF7F24D1B2}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{A4046E4C-8CFB-4649-822E-0B20768DAA8B}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\commandos 3 destination berlin\legacy\commandos3.exe |
"{A43B5B22-8BC7-4280-996B-59559135146D}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{A45559C0-E321-47C0-9F2E-5D7CC8B981DC}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win32\cdw.exe |
"{A617FCA6-BBCB-4306-A940-AC8A9753C611}" = dir=in | name=@{microsoft.microsoftofficehub_17.7608.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{A6EC3131-F780-46C2-BBC8-A959C7C1B3CB}" = dir=out | name=twitter |
"{A7495F89-6B3F-404C-9D7F-65C6FB2E36F5}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\castlecrashers\castle.exe |
"{A7579714-DDDA-4F34-850E-4C55684197F2}" = dir=out | name=@{magix.musicmakerjam_2.3.1054.0_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{A7A14086-128A-4BF4-8A32-21E8F09D7F53}" = dir=in | name=microsoft solitaire collection |
"{A7A548B9-ABF7-4109-ACF9-2555CE45C757}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe |
"{AAA8D8D0-4A0B-4FEA-8628-FB915BC6A005}" = dir=in | name=@{microsoft.zunemusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{ACD024E1-0DA7-40A5-98A2-1AB0C81CFD7A}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{AE9B814F-F1FD-4A8E-896D-AF4C5625A2F8}" = dir=in | name=@{microsoft.zunevideo_3.6.22511.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{AF02E912-3650-40E1-A967-D9A173EA2A1F}" = dir=out | name=@{microsoft.3dbuilder_12.0.3131.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{B0841EB3-5E87-4EE4-A6EE-3EAA3DFFC6F2}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\commandos 2 men of courage\legacy\comm2.exe |
"{B0A96E02-C52D-40E4-BBB0-4B34C791B95B}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\spaceengineers\bin64\spaceengineers.exe |
"{B1B28802-1B45-409D-9910-254DBCFAB37F}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\portal 2\portal2.exe |
"{B33BB7EC-2F51-4D57-BCD5-C94970AA8D4B}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\stronghold crusader 2\bin\win32_release\crusader2.exe |
"{B4A62A3B-1E36-4334-8F13-7921CAE35D57}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\arma cold war assault\coldwarassaultpreferences.exe |
"{B505D61C-B473-4D32-8069-9D6FA00DEEEB}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{B585A4EC-4C27-48E9-A0C1-9C8403A0DF81}" = protocol=6 | dir=in | app=c:\programy\tunngle\tunngle.exe |
"{B5E4F348-CB4C-4193-8E3D-BCD133FE1449}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\king arthur's gold\kag.exe |
"{B6514B2F-432A-42D2-AF27-AE980EEF76E1}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\tom clancy's rainbow six siege\rainbowsix.exe |
"{B6DD00AF-0BCA-4959-912C-A0AB7BE0A04D}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\simutrans\simutrans.exe |
"{B79A35D2-6107-4C06-B7EE-14E803C9CC8F}" = dir=out | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{B890C8D4-738D-485C-B3C8-881115AF8895}" = protocol=17 | dir=in | app=c:\programy\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{B90AF80B-6CC9-4FBE-A1E6-18A4CEC78B02}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\gocco of war demo\gocco_of_war_64_demo.exe |
"{B9472FC2-EB2B-4D67-8B56-07D2A566DD54}" = protocol=6 | dir=in | app=c:\games\dark souls 3\game\darksoulsiii.exe |
"{B9F7EB3D-7705-465C-9E6D-384BA20A4C27}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{BA2FEDBE-CF9A-4813-9D11-C58C1DD09766}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\simutrans\simutrans.exe |
"{BA76611A-53EA-4E98-9240-01D77C34D7E0}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\abphoto\windowsupnp.exe |
"{BA8FA0A5-3B98-4D6A-9CD1-B1A14806D515}" = dir=in | app=c:\program files (x86)\pc remote receiver\monectmediacenter.exe |
"{BAF3BD0D-23DE-4228-8B48-B549FCF4F6D2}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win32\cdw.exe |
"{BB442BA9-E067-4321-B30D-71D21406207E}" = protocol=6 | dir=in | app=c:\programy\ubisoft\ubisoft game launcher\games\assassin's creed iii\ac3sp.exe |
"{BB59BC7A-58CC-4AF1-A990-B3EBB9B57F90}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{BCB4ED66-AD72-4B2A-A35D-0CB9BD817967}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{BDE94C2F-769A-4C3C-8410-81C6C4040E1D}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\sacred_citadel\sacredcitadel.exe |
"{BE86C6E4-2014-4EFF-92F4-E85FA46CB27D}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{BED82C3D-0153-4A62-BEFD-5A1AF5C36ED4}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\punch club\punch club.exe |
"{BEDAD662-3875-4806-9123-434D2B3F2C15}" = dir=in | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{BF882952-AF7A-43C7-834C-DB99A83CE437}" = dir=out | name=@{microsoft.3dbuilder_11.1.9.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{BFC0DFD5-8FDB-4226-AE59-92E6322A0548}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{BFC7743C-0538-4585-9C3C-E14BDEDD1B24}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.7714.42037.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{C00E2024-8A75-4D13-9AE5-B81D5B33C40D}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\commandos 3 destination berlin\legacy\commandos3.exe |
"{C10657BF-121C-45A0-B761-07937DCA97F1}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe |
"{C159880A-7EAB-400C-B35C-3B760D61A001}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\holodrive\holodrive.exe |
"{C270257C-E70A-49EA-BC46-7AE028FB1559}" = protocol=6 | dir=in | app=c:\programy\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{C2F0BA7B-5D2E-49BA-974C-D81CD23CFCD8}" = dir=out | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{C3C17CD2-869B-40E0-8B35-BB36D99B80BD}" = protocol=17 | dir=in | app=c:\programy\ubisoft\ubisoft game launcher\games\splinter cell blacklist\src\system\blacklist_dx11_game.exe |
"{C4D4FB71-D1B7-42A5-B5AB-E3E138F2778A}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{C50C15FA-761F-4062-8C91-1E62F7E6ABD0}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\war thunder\launcher.exe |
"{C5D99B60-2090-46B7-BA6B-014B75FB6CA9}" = dir=out | name=@{microsoft.people_10.0.11902.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{C620BC93-BC57-488E-967E-599F897DA1DB}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\king arthur's gold\kag.exe |
"{C646BF1A-4662-4571-9E2E-30DDB75CEB86}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{C6A83712-4954-4C50-9D92-35DDB6BA5A9C}" = dir=out | name=@{microsoft.microsoftofficehub_17.7608.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{C6E95DE8-6362-42E8-9B24-7A08BF5DE01D}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.7714.42037.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{C7276C06-1DE1-4A2A-B7C1-DE6E97565677}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\devildaggers\dd.exe |
"{C73B64BB-CA1B-4966-94A0-EA3418070075}" = dir=out | name=windows_ie_ac_001 |
"{C7DE6734-8021-4454-A8FA-40D854AF2288}" = dir=in | name=@{microsoft.windowsstore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{C82C736A-F83D-4AFA-A7FC-07F92254AD53}" = dir=out | name=@{microsoft.microsoftedge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{C83218BD-D2D2-49DE-952C-0F8642D83D28}" = dir=out | name=@{microsoft.windows.photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{C8923687-E8CD-4161-B4F9-7A1C4587FFE5}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\medievalengineers\bin64\medievalengineers.exe |
"{C8B6E02B-5622-4F25-BD19-F0D7035D1E81}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\herosiege\bin\hero_siege.exe |
"{C991FEF1-09D4-4E4E-AC80-6EEAAA1234B1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CB91F327-A4EF-4D44-9CA9-71F1E51A03D1}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{CC4FFA68-74B1-4F3B-A061-A1E322D88729}" = dir=out | name=@{microsoft.windowsstore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{CD17A27C-265A-4D43-A117-BF5FA85CC1A0}" = dir=in | name=@{microsoft.windows.cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{CD622878-3139-4BD3-8C9D-3701C2A8F954}" = protocol=17 | dir=in | app=c:\programy\steam\steam.exe |
"{CDA5649F-1201-4379-B90D-28C517CA0AFE}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{CE5CF363-A506-4923-89C8-6C77DB8952AA}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\arma 3\arma3launcher.exe |
"{CF116BC6-28B7-47F2-990C-E3CB6223F6AD}" = dir=out | name=@{microsoft.microsoftedge_20.10240.16384.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{CF679E80-75DE-428C-963B-C6F1BF4FBFF2}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\shadowofmordor\x64\shadowofmordor.exe |
"{CFA66302-7F80-4626-B987-3EDB45FE2DB0}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{D026CDD3-0216-47CB-AF09-C1CBABC17CF4}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4webhelper.exe |
"{D086477E-78BD-4950-8FA3-9B22CD2E5CBA}" = dir=out | name=@{microsoft.zunevideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{D0921DFE-E9CE-42D9-91FA-D7ADB34BCB2C}" = protocol=17 | dir=in | app=c:\games\8-bit hordes\clientlauncherg.exe |
"{D1449E72-5288-4FF3-88B1-34F6AC527BFF}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\abphoto\dmcdaemon.exe |
"{D1CAA7E7-7A9F-41D2-A82E-1C0B6CE24A31}" = dir=out | name=sway |
"{D1F442DB-73F2-4D62-8267-B1B1DEA3593C}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{D25C9D09-98C7-4549-B3B3-FC19E75F5742}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\skyrim\skse_steam_boot.exe |
"{D29A69B9-7B95-47ED-B431-8FED72EF2047}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\men of war assault squad 2\mowas_2.exe |
"{D2A7D672-26A2-42D0-9C54-61D2AC7F4E1D}" = dir=out | name=xbox |
"{D2EF3E19-0F53-4CA9-8682-DA6B4102E60A}" = dir=out | name=kindle |
"{D64011B1-1451-42C6-A78C-F7AD3C05E795}" = protocol=17 | dir=in | app=c:\programy\ubisoft\ubisoft game launcher\games\assassin's creed iii\ac3sp.exe |
"{D6CF60F4-08FA-4562-BD3A-2F4E780F1826}" = dir=in | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{D735F4F4-211A-441F-AA1B-158C87143397}" = dir=out | name=sway |
"{D7945CBE-673E-4B5C-9F8D-1FD662ED996D}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{DA75ED02-719C-4D5B-B9DC-2E72C067749C}" = dir=out | name=@{microsoft.zunemusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{DAB88250-AEA6-45FD-909A-174659786209}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\chompy chomp chomp\chompychompchomp.exe |
"{DCC362A1-EB4C-497B-B4ED-A601ABC55169}" = dir=in | name=@{microsoft.microsoftedge_20.10240.16384.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{DCD649F6-F253-43AA-A318-58C14E9F5436}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{DD4F7B4D-4C97-41F7-8116-CD082B91CD1C}" = dir=in | name=xbox |
"{DDB62086-E71C-4224-8912-A762C0C5D597}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\spaceengineers\bin64\spaceengineers.exe |
"{DE1C0C71-9105-442A-B9DD-3D35C9205962}" = dir=out | name=@{microsoft.windowsmaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{DE83F2FD-2D9C-4C9C-8046-8BE1A7B60535}" = dir=in | name=@{microsoft.bingweather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{DF1E78FF-AD0C-40CA-B444-050D344BC92D}" = dir=in | app=c:\program files (x86)\pc remote receiver\pcremotereceiver.exe |
"{E0113BF6-A2C9-48C4-AA80-1080A7370AEB}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\simutrans\simpreloader.exe |
"{E2316336-1003-45DA-8096-18FA36B7D38F}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\simutrans\simpreloader.exe |
"{E251A475-FD5A-45E7-8D09-59D20BC260C7}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\commandos 2 men of courage\comm2.exe |
"{E36BA7E3-FC8D-41B3-84E9-85A82FAE075B}" = dir=out | name=candy crush soda saga |
"{E439435C-FC35-4CC1-A53A-6B4C4731CA5C}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{E47F1071-CA6D-42D0-97B3-FC98B093F10E}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\arma 3\arma3launcher.exe |
"{E4D49330-7552-49D1-9D04-A1A0C2A969A8}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\mountblade warband\mb_warband.exe |
"{E4F30DB1-3439-4C27-86C6-AC0417F86F71}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\grand theft auto v\gtavlauncher.exe |
"{E5792D6A-23D5-4D32-982E-82C08CFCF53F}" = dir=out | name=onenote |
"{E63E0AA1-B103-4F38-B727-3E909EB6DECB}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\commandos behind enemy lines\legacy\comandos.exe |
"{E7F5EE0A-8A0B-4D8E-9B58-B267501B955C}" = dir=in | name=@{microsoft.zunevideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{E82A1EB5-D74C-43CF-A708-4B70AFAA9CB0}" = dir=out | name=kindle |
"{E8A9B26C-07C8-4EF7-B63B-6FE92FCDE45F}" = dir=out | name=@{windows.contactsupport_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{E969C1B9-E559-48D1-8583-289DA4057979}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\tom clancy's rainbow six siege\rainbowsixgame.exe |
"{E99FDA0A-570D-420C-92AC-6842A9E74A75}" = dir=out | name=twitter |
"{E9F9A240-2052-4982-B15D-5DD4353FBC76}" = protocol=17 | dir=in | app=c:\games\shadow tactics - blades of the shogun\shadow tactics.exe |
"{EA7EEB9A-90A2-4496-B504-10307939D5A1}" = dir=in | name=@{microsoft.bingfinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{EAFCBD94-68CD-42AE-AB7A-6A25C78F81D2}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\empyrion - galactic survival\empyrionlauncher.exe |
"{EB8F09CC-4FFF-41BD-A4CD-BD285C16A406}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\commandos behind enemy lines\legacy\comandos.exe |
"{EB91A5F4-1DB9-4072-A750-365926D18B40}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1611.3471.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{EBF4877D-3EE4-458E-BC1F-7C9DA4CEE135}" = dir=in | name=xbox |
"{EC4003E9-59FC-41C6-A210-0ED6227E1612}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{EC98777C-6F8B-4E46-BF14-4386F6FED0AA}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\commandos 2 men of courage\legacy\comm2.exe |
"{ECB7CC14-BE9F-4283-B632-FF7FD39B31A9}" = dir=out | name=@{microsoft.windowsphone_10.1607.1991.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{ED71053C-75AC-4194-9558-0B54F85F5FEE}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{ED7FA94A-D6D5-451C-B855-2EBD9BA9932C}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\stronghold crusader 2\bin\win32_release\crusader2.exe |
"{ED81A58F-49CB-4261-8ED7-DE8AE0721DCE}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4x86webhelper.exe |
"{EF1AB4E1-17E2-4DA1-9D69-59F7A37A9C19}" = dir=in | name=@{microsoft.windowsstore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{EF81F00F-73A4-4A81-B09C-BBAC0B1199D6}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\commandos beyond the call of duty\coman_mp.exe |
"{EFCB6A71-07E8-4B18-AA4D-16C8ADF4F09D}" = dir=in | name=@{microsoft.windows.photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{F0B6BF98-3E78-4695-84EA-AF2B778561DB}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{F1156E42-A674-4F49-A04B-3CB6A18A5D45}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\commandos beyond the call of duty\coman_mp.exe |
"{F16692F8-5018-4F66-AE76-BA80D2507795}" = protocol=17 | dir=in | app=c:\programy\steam\bin\steamwebhelper.exe |
"{F309C102-1159-41E6-9988-536A757028E1}" = dir=in | app=c:\program files (x86)\common files\tencent\qqdownload\125\tencentdl.exe |
"{F397435D-B52B-4BCB-987B-F938B8B8A0B3}" = dir=in | name=@{microsoft.bingnews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{F3B09C77-73A1-4AD0-B2A6-F7430D366A39}" = dir=out | name=@{windows.contactsupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{F4508548-B505-45C8-853C-B2880C5F8A94}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\war of the roses\run_game.exe |
"{F6DF8B0F-3AB2-4B90-BE86-DEBBCF7C2A3B}" = protocol=6 | dir=in | app=c:\programy\steam\bin\steamwebhelper.exe |
"{F6E96F4D-682B-46CA-B6C0-097090068EDE}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1611.3471.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{F6EE71E7-6C3E-481F-BE52-D6AB044B4DEB}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\blocknload\win64\blocknload.exe |
"{F6FA387F-D3A1-42E4-BCE8-A0D559B5DBA4}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
"{F7907FA0-2D64-40A6-9F18-39543349B6CC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F7A847A5-19A5-4CBA-9A85-5D1A37F47448}" = dir=in | name=onenote |
"{F7E3F442-2E30-4FE0-B53E-2611D4F80BAD}" = dir=in | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{F7E8D807-BA43-43AD-8400-18E83DAE611C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F9C36F2C-3817-43CA-B104-6C5EA5D0547E}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\chivalrymedievalwarfare\chivlauncher.exe |
"{FA601732-3DB3-4131-850F-E99A7DB97A48}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\rollercoaster tycoon 2\rct2.exe |
"{FBE9D1E2-9248-42E0-8711-C8A90DFFB5D7}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{FE856C2D-BFEB-48D6-9967-5C80470A4512}" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\men of war red tide\redtide.exe |
"{FFAF36F7-CE58-471B-85E8-458C66AB353C}" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\prison architect\prison architect safe mode.exe |
"TCP Query User{0000E4BB-67C6-4FB3-A8F1-EEEAB5890DAE}C:\games\gta 5 fivereborn\fivereborn.exe" = protocol=6 | dir=in | app=c:\games\gta 5 fivereborn\fivereborn.exe |
"TCP Query User{0022A816-A471-46A0-8518-22015F0F52C2}C:\program files\java\jre1.8.0_101\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.8.0_101\bin\java.exe |
"TCP Query User{03A5FC2D-20D7-48E5-BBB1-965C4C2E9648}C:\programy\steam\steamapps\common\empyrion - galactic survival\empyrion.exe" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\empyrion - galactic survival\empyrion.exe |
"TCP Query User{045CD5FF-7D6A-4D6D-8694-8F10085712D0}C:\games\8-bit hordes\instanceserverg.exe" = protocol=6 | dir=in | app=c:\games\8-bit hordes\instanceserverg.exe |
"TCP Query User{11075E56-02B0-4D46-A365-500601BC8435}C:\games\_litle games\igg-crazy.pixel.streaker.v1.1.0\crazypixelstreaker.exe" = protocol=6 | dir=in | app=c:\games\_litle games\igg-crazy.pixel.streaker.v1.1.0\crazypixelstreaker.exe |
"TCP Query User{14F2CCAA-4E89-4089-B10E-00E4AFC73BDC}C:\games\7.days.to.die.alpha.15.steam.edition.x64\7daystodie.exe" = protocol=6 | dir=in | app=c:\games\7.days.to.die.alpha.15.steam.edition.x64\7daystodie.exe |
"TCP Query User{1DE2661F-0865-42F9-8C11-EC481B1EF040}C:\programy\steam\steamapps\common\commandos behind enemy lines\tcpserver.exe" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\commandos behind enemy lines\tcpserver.exe |
"TCP Query User{1DEEDC1E-ABAA-404D-B37F-739460C8D951}C:\games\hesketh studios\executive assault\executiveassault.exe" = protocol=6 | dir=in | app=c:\games\hesketh studios\executive assault\executiveassault.exe |
"TCP Query User{2251B481-F688-4436-A3E1-0060DDD52E16}C:\programy\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe" = protocol=6 | dir=in | app=c:\programy\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe |
"TCP Query User{364E8267-AF92-4A9F-B939-DA8B94672553}C:\programy\steam\steamapps\common\planetside 2\planetside2_x64.exe" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\planetside 2\planetside2_x64.exe |
"TCP Query User{3EFCD9D2-358A-41C5-93DD-B606AAA65982}C:\games\star wars jedi knight jedi academy\gamedata\jamp.exe" = protocol=6 | dir=in | app=c:\games\star wars jedi knight jedi academy\gamedata\jamp.exe |
"TCP Query User{476144CD-832E-44E9-997E-5D9B5F3F2A62}C:\games\empyrion.galactic.survival.alpha.v3.2.1\empyrion.exe" = protocol=6 | dir=in | app=c:\games\empyrion.galactic.survival.alpha.v3.2.1\empyrion.exe |
"TCP Query User{5040FC9F-74BB-4122-9970-F6B1F5083ABC}C:\games\roguelands.v1.4\roguelands.exe" = protocol=6 | dir=in | app=c:\games\roguelands.v1.4\roguelands.exe |
"TCP Query User{545A1153-9434-442E-8530-71209B41F019}C:\programy\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe" = protocol=6 | dir=in | app=c:\programy\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe |
"TCP Query User{583DC8A9-CF8F-4F30-8DB6-5FDA36D03147}C:\program files\java\jre1.8.0_101\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.8.0_101\bin\javaw.exe |
"TCP Query User{61E7775A-BC15-407B-B85C-725FB926C844}C:\programy\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\programy\utorrent\utorrent.exe |
"TCP Query User{6CF38CD4-1FCE-4515-94FD-F17B6E24CFD4}C:\programy\steam\steamapps\common\paladins\binaries\win32\paladins.exe" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\paladins\binaries\win32\paladins.exe |
"TCP Query User{72283973-3AE6-4849-AB92-874A7BFFD681}C:\games\dishonored\binaries\win32\dishonored.exe" = protocol=6 | dir=in | app=c:\games\dishonored\binaries\win32\dishonored.exe |
"TCP Query User{73817142-5B90-42C2-B1D3-5556475D5987}C:\games\wolfenstein the new order\wolfneworder_x64.exe" = protocol=6 | dir=in | app=c:\games\wolfenstein the new order\wolfneworder_x64.exe |
"TCP Query User{77BC040B-AB52-469D-8B08-E2FECFD8A605}C:\games\fallout 4\fallout4.exe" = protocol=6 | dir=in | app=c:\games\fallout 4\fallout4.exe |
"TCP Query User{79387F46-E3FE-479D-88AC-A38B9052B773}C:\programy\steam\steamapps\common\war thunder\win64\aces.exe" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\war thunder\win64\aces.exe |
"TCP Query User{7D847DDB-122E-449A-BD86-9F5267ED385E}C:\program files (x86)\origin games\battlefield 4\bf4.exe" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"TCP Query User{830464E3-09B9-4F54-827F-79A125430F49}C:\games\openrct2\openrct2.exe" = protocol=6 | dir=in | app=c:\games\openrct2\openrct2.exe |
"TCP Query User{8999D9FD-8593-4C79-BF34-FD4DA52FF919}C:\windows\syswow64\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"TCP Query User{8F0F8565-8457-4C8B-930D-4B5065647BBC}C:\programy\steam\steamapps\common\squad\squad\binaries\win64\squad.exe" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\squad\squad\binaries\win64\squad.exe |
"TCP Query User{9DC0B60A-95F5-4DFC-AD1D-61A6EF407640}C:\games\openttd\openttd.exe" = protocol=6 | dir=in | app=c:\games\openttd\openttd.exe |
"TCP Query User{A0F799B9-50F3-4250-9579-802D1ED4A733}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{A6F57B50-3DE5-41E1-BD46-4C1CCB41309A}C:\games\8-bit hordes\clientg.exe" = protocol=6 | dir=in | app=c:\games\8-bit hordes\clientg.exe |
"TCP Query User{A8178DA6-5B4D-4CC9-BC7A-3BBB1B27B916}C:\games\dream.car.racing.3d.v12.2016.09.23.1\dcr3d.exe" = protocol=6 | dir=in | app=c:\games\dream.car.racing.3d.v12.2016.09.23.1\dcr3d.exe |
"TCP Query User{A8EFDCF3-19F1-40D7-A204-202DCF61697F}C:\games\gang.beasts.v0.5.0\gang beasts.exe" = protocol=6 | dir=in | app=c:\games\gang.beasts.v0.5.0\gang beasts.exe |
"TCP Query User{A96CB0DD-4D10-44FF-B0E5-B3D61748B9A7}C:\games\gta 5 fivereborn\new\bin\citizenmp.server.exe" = protocol=6 | dir=in | app=c:\games\gta 5 fivereborn\new\bin\citizenmp.server.exe |
"TCP Query User{B009997D-093C-4B90-8A3E-994C824EBAB6}C:\games\children.of.a.dead.earth\cde.exe" = protocol=6 | dir=in | app=c:\games\children.of.a.dead.earth\cde.exe |
"TCP Query User{B7F6BD17-240B-40E7-90C6-9F5F431056C5}C:\programy\steam\steamapps\common\grand theft auto v\gta5.exe" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\grand theft auto v\gta5.exe |
"TCP Query User{C718837C-8E44-43EF-B114-79B28A73AFC8}C:\games\empyrion.galactic.survival.alpha.v3.4.0\empyrion.exe" = protocol=6 | dir=in | app=c:\games\empyrion.galactic.survival.alpha.v3.4.0\empyrion.exe |
"TCP Query User{C72EF5C0-DEEC-4C15-86C3-ED88C77CBCED}C:\programy\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe" = protocol=6 | dir=in | app=c:\programy\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe |
"TCP Query User{C8AA760C-C8A5-4108-8D66-E0FAC497FEBB}C:\games\neurovoider.update.54\neurovoider.exe" = protocol=6 | dir=in | app=c:\games\neurovoider.update.54\neurovoider.exe |
"TCP Query User{DC432050-345D-4D2B-A8F0-5F2882D0203D}C:\games\hidden and dangerous deluxe\bin\hde.exe" = protocol=6 | dir=in | app=c:\games\hidden and dangerous deluxe\bin\hde.exe |
"TCP Query User{DF41F9F9-350E-4BC4-A458-A2538FC8D487}C:\programy\steam\steamapps\common\arma 3\arma3.exe" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\arma 3\arma3.exe |
"TCP Query User{E1CFF512-913C-4BAD-9E4E-3FBF6BCBC89D}C:\games\the.sandbox.evolution\thesandbox2.exe" = protocol=6 | dir=in | app=c:\games\the.sandbox.evolution\thesandbox2.exe |
"TCP Query User{E366DA57-8144-4E15-A15F-A9345141C2A3}C:\games\gta 5 fivereborn server\new\bin\citizenmp.server.exe" = protocol=6 | dir=in | app=c:\games\gta 5 fivereborn server\new\bin\citizenmp.server.exe |
"TCP Query User{E53AA638-6BB0-4BF2-9122-4635B5AF4BB5}C:\program files\unity\editor\unity.exe" = protocol=6 | dir=in | app=c:\program files\unity\editor\unity.exe |
"TCP Query User{EF90A79B-672D-48D7-B7BB-452F0693A7C4}C:\programy\steam\steamapps\common\project argo (prototype)\argo.exe" = protocol=6 | dir=in | app=c:\programy\steam\steamapps\common\project argo (prototype)\argo.exe |
"TCP Query User{FA77500E-864E-47BD-B860-F80A2EDFB400}C:\games\kulic\kulic.exe" = protocol=6 | dir=in | app=c:\games\kulic\kulic.exe |
"UDP Query User{0283F45B-EBDB-46AD-A92D-48EAE788A6FB}C:\programy\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe" = protocol=17 | dir=in | app=c:\programy\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe |
"UDP Query User{08CCE219-9E10-4673-AAF2-37CD102C9F12}C:\games\dishonored\binaries\win32\dishonored.exe" = protocol=17 | dir=in | app=c:\games\dishonored\binaries\win32\dishonored.exe |
"UDP Query User{11B402D2-3347-4D90-AB1F-C2E6B93DC86F}C:\games\empyrion.galactic.survival.alpha.v3.4.0\empyrion.exe" = protocol=17 | dir=in | app=c:\games\empyrion.galactic.survival.alpha.v3.4.0\empyrion.exe |
"UDP Query User{200967B4-33CD-4A10-8D91-D93093364B72}C:\programy\steam\steamapps\common\arma 3\arma3.exe" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\arma 3\arma3.exe |
"UDP Query User{219AF3D7-E557-4EEF-95F7-C57286671431}C:\games\star wars jedi knight jedi academy\gamedata\jamp.exe" = protocol=17 | dir=in | app=c:\games\star wars jedi knight jedi academy\gamedata\jamp.exe |
"UDP Query User{21BCD2B2-266A-427E-89D9-60915B1EEA53}C:\windows\syswow64\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"UDP Query User{3322F1CB-57B2-4D65-8E55-0C1FF5B91AC1}C:\program files\unity\editor\unity.exe" = protocol=17 | dir=in | app=c:\program files\unity\editor\unity.exe |
"UDP Query User{37E42650-9D86-4B30-872E-EDAD9F3F2FE8}C:\programy\steam\steamapps\common\war thunder\win64\aces.exe" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\war thunder\win64\aces.exe |
"UDP Query User{3C4D336E-E0F2-4EC4-8E3A-02C75BE6D3D9}C:\program files\java\jre1.8.0_101\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.8.0_101\bin\javaw.exe |
"UDP Query User{3F546D31-98E4-44C2-A008-0E4D85E05A02}C:\games\openttd\openttd.exe" = protocol=17 | dir=in | app=c:\games\openttd\openttd.exe |
"UDP Query User{49E21AF6-E29D-498C-A48B-12F512BDB2AE}C:\games\empyrion.galactic.survival.alpha.v3.2.1\empyrion.exe" = protocol=17 | dir=in | app=c:\games\empyrion.galactic.survival.alpha.v3.2.1\empyrion.exe |
"UDP Query User{4AB743BA-5D24-4C17-A7DC-01E4995963F3}C:\games\gta 5 fivereborn server\new\bin\citizenmp.server.exe" = protocol=17 | dir=in | app=c:\games\gta 5 fivereborn server\new\bin\citizenmp.server.exe |
"UDP Query User{4D716079-E0AB-4493-A5B9-C8269594FC13}C:\games\8-bit hordes\instanceserverg.exe" = protocol=17 | dir=in | app=c:\games\8-bit hordes\instanceserverg.exe |
"UDP Query User{5426016A-17DF-4499-A370-C67C48478889}C:\programy\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\programy\utorrent\utorrent.exe |
"UDP Query User{55D48EC6-4451-4689-AAA1-8BCC47ECCB53}C:\games\neurovoider.update.54\neurovoider.exe" = protocol=17 | dir=in | app=c:\games\neurovoider.update.54\neurovoider.exe |
"UDP Query User{5745F24F-5A7A-4096-A320-849A3BD3BA20}C:\games\openrct2\openrct2.exe" = protocol=17 | dir=in | app=c:\games\openrct2\openrct2.exe |
"UDP Query User{5E0D3133-9005-4205-BA95-8A88BCBE87F4}C:\games\8-bit hordes\clientg.exe" = protocol=17 | dir=in | app=c:\games\8-bit hordes\clientg.exe |
"UDP Query User{61EB602C-D6D3-4EBD-9779-70572A36968A}C:\games\gang.beasts.v0.5.0\gang beasts.exe" = protocol=17 | dir=in | app=c:\games\gang.beasts.v0.5.0\gang beasts.exe |
"UDP Query User{702368BE-DDBC-4DD3-862E-E90D32A2661D}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{7309280A-CB0D-4AA8-982B-22950AEF0B47}C:\games\7.days.to.die.alpha.15.steam.edition.x64\7daystodie.exe" = protocol=17 | dir=in | app=c:\games\7.days.to.die.alpha.15.steam.edition.x64\7daystodie.exe |
"UDP Query User{75A4DF66-B58E-4D73-8D2D-5E08C9D2D361}C:\program files (x86)\origin games\battlefield 4\bf4.exe" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 4\bf4.exe |
"UDP Query User{77DF9E3A-6850-40FD-B0D6-6DD526E7D3C7}C:\games\gta 5 fivereborn\new\bin\citizenmp.server.exe" = protocol=17 | dir=in | app=c:\games\gta 5 fivereborn\new\bin\citizenmp.server.exe |
"UDP Query User{81331841-2BF0-40D7-813B-451EE3B5354F}C:\programy\steam\steamapps\common\project argo (prototype)\argo.exe" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\project argo (prototype)\argo.exe |
"UDP Query User{8677B9D7-50E5-417D-9A49-7D0973817683}C:\games\hesketh studios\executive assault\executiveassault.exe" = protocol=17 | dir=in | app=c:\games\hesketh studios\executive assault\executiveassault.exe |
"UDP Query User{88117EAD-5F28-488B-9AC9-01D8164607FA}C:\program files\java\jre1.8.0_101\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.8.0_101\bin\java.exe |
"UDP Query User{8A62ACAF-CB3D-461B-A67E-171EBFEE56A6}C:\programy\steam\steamapps\common\paladins\binaries\win32\paladins.exe" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\paladins\binaries\win32\paladins.exe |
"UDP Query User{92E1D1C2-6720-45C2-85AA-6509BE333F09}C:\games\_litle games\igg-crazy.pixel.streaker.v1.1.0\crazypixelstreaker.exe" = protocol=17 | dir=in | app=c:\games\_litle games\igg-crazy.pixel.streaker.v1.1.0\crazypixelstreaker.exe |
"UDP Query User{964FDE41-9755-4BFD-8150-DE371752D45D}C:\programy\steam\steamapps\common\commandos behind enemy lines\tcpserver.exe" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\commandos behind enemy lines\tcpserver.exe |
"UDP Query User{9F9E21A3-951B-4128-85B7-582031E327AA}C:\games\wolfenstein the new order\wolfneworder_x64.exe" = protocol=17 | dir=in | app=c:\games\wolfenstein the new order\wolfneworder_x64.exe |
"UDP Query User{A0C38132-F743-4486-99E8-DD8C9A0D26DC}C:\programy\steam\steamapps\common\squad\squad\binaries\win64\squad.exe" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\squad\squad\binaries\win64\squad.exe |
"UDP Query User{ACD905A6-B979-42A0-B763-E778FE60EB3A}C:\games\roguelands.v1.4\roguelands.exe" = protocol=17 | dir=in | app=c:\games\roguelands.v1.4\roguelands.exe |
"UDP Query User{AECA0543-6DAB-4A87-A116-8801FBD94A5F}C:\games\the.sandbox.evolution\thesandbox2.exe" = protocol=17 | dir=in | app=c:\games\the.sandbox.evolution\thesandbox2.exe |
"UDP Query User{B4614C8D-6784-41F2-B669-839FE06732AD}C:\programy\steam\steamapps\common\empyrion - galactic survival\empyrion.exe" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\empyrion - galactic survival\empyrion.exe |
"UDP Query User{C0BFAB6C-256F-409F-8BB1-06A1CCB5E792}C:\games\gta 5 fivereborn\fivereborn.exe" = protocol=17 | dir=in | app=c:\games\gta 5 fivereborn\fivereborn.exe |
"UDP Query User{C11570C8-C937-473F-AFEF-1CD156ADDE42}C:\programy\steam\steamapps\common\grand theft auto v\gta5.exe" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\grand theft auto v\gta5.exe |
"UDP Query User{C4743778-7EC6-4CF9-885F-94A1FCA523E3}C:\programy\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe" = protocol=17 | dir=in | app=c:\programy\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe |
"UDP Query User{C77923B7-F6FE-483C-B37D-4A8F46DB78B7}C:\games\hidden and dangerous deluxe\bin\hde.exe" = protocol=17 | dir=in | app=c:\games\hidden and dangerous deluxe\bin\hde.exe |
"UDP Query User{CD4282BF-8CFE-4BF1-A9F5-4A883A1566BB}C:\programy\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe" = protocol=17 | dir=in | app=c:\programy\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe |
"UDP Query User{CF8C3AF7-3BCD-4032-98D9-264595EB41A0}C:\games\dream.car.racing.3d.v12.2016.09.23.1\dcr3d.exe" = protocol=17 | dir=in | app=c:\games\dream.car.racing.3d.v12.2016.09.23.1\dcr3d.exe |
"UDP Query User{E240CC84-FA2F-4F97-BDEF-82D5003332BF}C:\games\kulic\kulic.exe" = protocol=17 | dir=in | app=c:\games\kulic\kulic.exe |
"UDP Query User{E98CF357-8D78-4BBD-A113-D4E4664AA996}C:\programy\steam\steamapps\common\planetside 2\planetside2_x64.exe" = protocol=17 | dir=in | app=c:\programy\steam\steamapps\common\planetside 2\planetside2_x64.exe |
"UDP Query User{ECF19FA5-D091-4007-AF7E-A379AF56F01C}C:\games\fallout 4\fallout4.exe" = protocol=17 | dir=in | app=c:\games\fallout 4\fallout4.exe |
"UDP Query User{F69D6A3A-093D-4417-8EC8-454518AB7F3A}C:\games\children.of.a.dead.earth\cde.exe" = protocol=17 | dir=in | app=c:\games\children.of.a.dead.earth\cde.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E8670B8-3965-4930-ADA6-570348B67153}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom
"{12A718F2-2357-4D41-9E1F-18583A4745F7}" = Acer UEIP Framework
"{13417784-A359-3CDD-8DE1-B7108707D647}" = Visual Studio 2012 Prerequisites - ENU Language Pack
"{13D558FE-A863-402C-B115-160007277033}" = Microsoft SQL Server 2012 Express LocalDB
"{1AF41E84-3408-499A-8C93-8891F0612719}" = Acer Care Center
"{1CEAC85D-2590-4760-800F-8DE5E91F3700}" = Intel(R) Management Engine Components
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F64180111F0}" = Java 8 Update 111 (64-bit)
"{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}" = Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit
"{27EF252D-800C-ED42-9904-459FE0046225}" = Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
"{28B89EEF-0001-0000-0102-CF3F3A09B77D}" = AutoCAD 2017
"{28B89EEF-0001-0000-3102-CF3F3A09B77D}" = ACAD Private
"{28B89EEF-0001-0405-1102-CF3F3A09B77D}" = AutoCAD 2017 Language Pack – Čeština (Czech)
"{28B89EEF-0001-0405-2102-CF3F3A09B77D}" = AutoCAD 2017 – Čeština (Czech)
"{28B89EEF-0001-0409-1102-CF3F3A09B77D}" = AutoCAD 2017 Language Pack - English
"{28B89EEF-0001-0409-2102-CF3F3A09B77D}" = AutoCAD 2017 - English
"{28B89EEF-0004-0000-5102-CF3F3A09B77D}" = ACA & MEP 2017 Object Enabler
"{28D85F24-B685-3364-BB7C-284C88C2FFE5}" = Microsoft Visual Studio Team Foundation Server 2012 Storyboarding
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2B997E80-3BEC-3222-9114-98DBE1182B2E}" = Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes verze 3.0.5.1299
"{36E619BC-A234-4EC3-849B-779A7C865A45}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3FA063D7-EDC1-AFA8-54AF-0563C7DEE070}" = Windows App Certification Kit Native Components
"{4701DEDE-1888-49E0-BAE5-857875924CA2}" = Microsoft SQL Server System CLR Types (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D0F42CF-1693-43D9-BDC8-19141D023EE0}" = Acer Explorer Agent
"{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}" = Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215
"{55398EAC-F58E-4F19-B553-BDF8B9EFD839}" = Intel(R) Chipset Device Software
"{555B1C57-E71B-4775-BC1D-627EEF693F0D}" = Intel(R) ME UninstallLegacy
"{55EFD1A6-ED8E-3A4C-9581-5E1A1FF244CD}" = Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - ENU

[vantyto]

extras 3/3
"{5BD7E621-9791-4D9F-A620-1BA51153B749}" = Intel(R) Management Engine Components
"{5FB4C443-6BD6-1514-2717-3827D65AE6FB}" = Windows Software Development Kit DirectX x64 Remote
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61862D7C-CDBC-48D5-8AE1-3B8BD1E23BC5}" = Visual Studio 2012 Prerequisites
"{633AB014-DDE6-403E-A302-8920CC32C543}" = Microsoft Visual Studio 2012 Performance Collection Tools
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{68A48EF1-DF03-394F-AF40-1E4FE42BB8DD}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU
"{6AAF4427-3039-4C8A-BE53-D6F01C21AD46}" = Microsoft Visual Studio 2012 IntelliTrace Core amd64
"{6F07A6C2-9068-3673-A120-DC10012468C6}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model
"{78909610-D229-459C-A936-25D92283D3FD}" = Microsoft SQL Server Compact 4.0 SP1 x64 ENU
"{7D84E343-A23D-451C-B123-0195B2D903A6}" = Intel® Trusted Connect Service Client
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0405-1000-0000000FF1CE}" = Microsoft Access MUI (Czech) 2013
"{90150000-0015-0409-1000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{90150000-0016-0405-1000-0000000FF1CE}" = Microsoft Excel MUI (Czech) 2013
"{90150000-0016-0409-1000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0017-0405-1000-0000000FF1CE}" = Microsoft SharePoint Designer MUI (Czech) 2013
"{90150000-0018-0405-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (Czech) 2013
"{90150000-0018-0409-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0019-0405-1000-0000000FF1CE}" = Microsoft Publisher MUI (Czech) 2013
"{90150000-0019-0409-1000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-001A-0405-1000-0000000FF1CE}" = Microsoft Outlook MUI (Czech) 2013
"{90150000-001A-0409-1000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001B-0405-1000-0000000FF1CE}" = Microsoft Word MUI (Czech) 2013
"{90150000-001B-0409-1000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{90150000-001F-0405-1000-0000000FF1CE}" = Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-041B-1000-0000000FF1CE}" = Nástroje korektúry balíka Microsoft Office 2013 - slovenčina
"{90150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2013
"{90150000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-0044-0405-1000-0000000FF1CE}" = Microsoft InfoPath MUI (Czech) 2013
"{90150000-0044-0409-1000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2013
"{90150000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-0090-0405-1000-0000000FF1CE}" = Microsoft DCF MUI (Czech) 2013
"{90150000-0090-0409-1000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{90150000-00A1-0405-1000-0000000FF1CE}" = Microsoft OneNote MUI (Czech) 2013
"{90150000-00A1-0409-1000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00BA-0405-1000-0000000FF1CE}" = Microsoft Groove MUI (Czech) 2013
"{90150000-00BA-0409-1000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2013
"{90150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
"{90150000-00E1-0405-1000-0000000FF1CE}" = Microsoft Office OSM MUI (Czech) 2013
"{90150000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E2-0405-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (Czech) 2013
"{90150000-00E2-0409-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-0100-0405-1000-0000000FF1CE}" = Microsoft Office O MUI (Czech) 2013
"{90150000-0101-0405-1000-0000000FF1CE}" = Microsoft X MUI (Czech) 2013
"{90150000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-1000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0405-1000-0000000FF1CE}" = Microsoft Lync MUI (Czech) 2013
"{90150000-012B-0409-1000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Acer Power Management
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{96CDD845-6C53-4DFB-B26F-A711FA439E1E}" = Intel(R) Serial IO
"{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}" = Intel(R) Serial IO
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{A53B7EAB-86BD-4F16-8C44-011B1376326A}" = Intel(R) Management Engine Components
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel" = Ansel
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 369.09
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 369.09
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 3.1.0.52
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 2.13.0.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 2.13.0.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA Wireless Controller Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend" = NVIDIA Backend
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer" = NVIDIA Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem" = NVIDIA LocalSystem Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus" = NVIDIA Message Bus for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService" = NVIDIA NetworkService Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User" = NVIDIA User Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.UserElevated" = NVIDIA Elevated User Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs" = NvNodejs
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog" = NVIDIA Watchdog Plugin for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry" = NvTelemetry
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC" = Nvidia Share
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.13.0.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 3.30.2
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{D9F3D00D-E946-3B3D-A4A6-93D5020DB9F7}" = Microsoft Visual C++ 2012 x64 Designtime - 11.0.50727
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E3678E72-78E3-4F91-A9FB-913876FF6DA2}" = Acer Quick Access
"{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}" = Autodesk License Service (x64) - 3.1
"{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}" = Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215
"{F1949145-EB64-4DE7-9D81-E6D27937146C}" = Microsoft System CLR Types for SQL Server 2012 (x64)
"{FA0A244E-F3C2-4589-B42A-3D522DE79A42}" = Microsoft SQL Server 2012 Management Objects (x64)
"{FE74AC04-F248-4641-B3A9-89C6AA4339CD}" = Microsoft Visual Studio 2012 Performance Collection Tools - ENU
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"7-Zip" = 7-Zip 16.02 (x64)
"AutoCAD 2017 – Čeština (Czech)" = Autodesk AutoCAD 2017 Language Pack – Čeština (Czech)
"AutoCAD 2017 - English" = Autodesk AutoCAD 2017 - English
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Office15.OMUI.cs-cz" = Microsoft Office Language Pack 2013 - Czech/čeština
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"Steam App 107410" = Arma 3
"Steam App 204360" = Castle Crashers
"Steam App 207930" = Sacred Citadel
"Steam App 218230" = PlanetSide 2
"Steam App 219640" = Chivalry: Medieval Warfare
"Steam App 219830" = King Arthur's Gold
"Steam App 222880" = Insurgency
"Steam App 232890" = Stronghold Crusader 2
"Steam App 233450" = Prison Architect
"Steam App 234390" = Teleglitch: Die More Edition
"Steam App 235320" = Original War
"Steam App 236390" = War Thunder
"Steam App 238460" = BattleBlock Theater
"Steam App 241930" = Middle-earth: Shadow of Mordor
"Steam App 244450" = Men of War: Assault Squad 2
"Steam App 244850" = Space Engineers
"Steam App 248570" = Toribash
"Steam App 268650" = From The Depths
"Steam App 268870" = Satellite Reign
"Steam App 269210" = Hero Siege
"Steam App 271590" = Grand Theft Auto V
"Steam App 274190" = Broforce
"Steam App 285330" = RollerCoaster Tycoon 2: Triple Thrill Pack
"Steam App 292570" = Chompy Chomp Chomp
"Steam App 3130" = Men of War: Red Tide
"Steam App 321040" = DiRT 3 Complete Edition
"Steam App 333950" = Medieval Engineers
"Steam App 359550" = Tom Clancy's Rainbow Six Siege
"Steam App 365720" = Skyrim Script Extender (SKSE)
"Steam App 370770" = Holodrive
"Steam App 383120" = Empyrion - Galactic Survival
"Steam App 393380" = Squad
"Steam App 394310" = Punch Club
"Steam App 4000" = Garry's Mod
"Steam App 42160" = War of the Roses
"Steam App 422970" = Devil Daggers
"Steam App 427720" = GOCCO OF WAR Demo
"Steam App 434520" = Simutrans
"Steam App 48700" = Mount & Blade: Warband
"Steam App 620" = Portal 2
"Steam App 65790" = Arma: Cold War Assault
"Steam App 6800" = Commandos: Behind Enemy Lines
"Steam App 6810" = Commandos: Beyond the Call of Duty
"Steam App 6830" = Commandos 2: Men of Courage
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 8930" = Sid Meier's Civilization V
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VulkanRT1.0.11.1" = Vulkan Run Time Libraries 1.0.11.1
"WinRAR archiver" = WinRAR 5.40 (64-bit)
"XML Copy Editor_is1" = XML Copy Editor version 1.2.1.3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{00EC8ABC-3C5A-40F8-A8CB-E7DCD5ABFA05}" = Microsoft NuGet - Visual Studio 2012
"{02213A81-CB13-7262-5ABE-1FFA2C75559F}" = Windows App Certification Kit x64
"{03107F15-988C-4607-ABE9-ADDB01540EC8}_is1" = Destination Paris 1.43
"{046806D1-0A38-3FCA-AF84-F71C50A0C363}" = Microsoft Visual Studio Premium 2012
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{063925DB-9D8C-48E2-8F04-1B7038B6C783}" = Import souborů SketchUp 2016-2017
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0BCC836F-0B28-4090-B58A-64883BAA3B2F}" = WCF Data Services 5.0 (for OData v3) Primary Components
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1172AC15-080E-30E3-85B0-FF59AD2E6315}" = Microsoft Visual Studio Ultimate 2012 - ENU
"{13885028-098C-4799-9B71-27DAC96502D5}" = abFiles
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{148878BD-A2A5-4CF1-A103-2BA632F41953}" = WCF Data Services Tools for Microsoft Visual Studio 2012
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{1690CE56-2231-4E59-9006-A0876D949EA8}" = Tools for .Net 3.5
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1948E039-EC79-4591-951D-9867A8C14C90}" = Microsoft .NET Framework 4.5 SDK
"{1B9BBB23-65CB-3AEE-BFC6-633E7CA299FD}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU
"{1C163D33-33B3-33EB-A617-0D4D852BE8E1}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727
"{1DB43E5A-2F24-4F51-92B0-A2C0EBF5C742}" = Microsoft Report Viewer Add-On for Visual Studio 2012
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F8E06E2-BA93-40DC-B183-E024CBD853A8}" = Microsoft Visual C++ 2012 Compilers
"{23176E97-26CB-C72A-19EB-BFB21AC1D15A}" = Windows Software Development Kit DirectX x86 Remote
"{23658c02-145e-483d-ba6b-1eb82c580529}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210
"{246B0F46-F84E-4857-8C47-F2A86B598BC5}" = Microsoft Visual Studio 2012 Preparation
"{26A24AE4-039D-4CA4-87B4-2F32180111F0}" = Java 8 Update 111
"{27C15055-713B-4D0E-881F-19598A2DFD59}" = Speciální aplikace Autodesk 2016-2017
"{2C0CC01A-DDBC-3AED-AF18-E741242FD727}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources
"{2C76E3DA-BA76-4FAD-B1B1-72B46D639028}" = PreEmptive Analytics Visual Studio Components
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{302AC480-43D2-11D5-A818-00500435FC18}" = Gothic_Patch
"{3241744A-BA36-41F0-B4AA-EF3946D00632}" = Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer
"{330E5D98-20D2-4CA4-AE51-FCB8AA80F634}" = Microsoft Visual Studio 2012 Devenv
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{372D17F6-A54E-4A01-B264-1314890FFE61}" = Dotfuscator and Analytics Community Edition
"{38FC6E9A-F719-431A-A83D-4C86D5FD6555}" = Microsoft Visual Studio 2012 Shell (Minimum) Resources
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A523AF9-D32F-4C85-8388-0335731F3405}" = WCF RIA Services V1.0 SP2
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FBFBC43-9882-43FA-B979-2D53896747B3}" = Autodesk Material Library Base Resolution Image Library 2017
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{42F61556-29ED-8122-F39E-6F04EA5FF279}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A37A114-702F-4055-A4B6-16571D4A5353}" = AOP Framework
"{4B230374-6475-4A73-BA6E-41015E9C5013}" = Intel® Security Assist
"{532DBCC8-9468-435C-AEF6-30B7F50735A2}" = Blend for Visual Studio 2012 ENU resources
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{57F20F04-014D-453F-B6A3-AE9485C4DFAB}" = Blend for Visual Studio 2012
"{5B88BE64-93E7-4D6B-83D0-37B911166FF2}" = Thunderbolt(TM) Software
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}" = Microsoft .NET Framework 4.5 Multi-Targeting Pack
"{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}" = Ace of Spades
"{60865E78-1AC5-4532-A6B0-4B028DE8A076}" = Avira Connect
"{60D5EF2A-4E0C-2C30-38F6-59C26E134F4A}" = Windows Software Development Kit
"{61A994FF-DF9B-4937-9DB9-87EC4FF1B31F}" = USB Vibration Joystick (BM)
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6D6D43E5-218C-4B05-92D3-2240810F4760}" = Microsoft SQL Server 2012 T-SQL Language Service
"{6DAB46E3-D017-3E2B-85D8-F57A230384C0}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
"{6FC3B79F-47C6-38AF-B9A9-67DE3C639598}" = Microsoft Visual Studio Premium 2012 - ENU
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{731C183B-86A0-3442-BE55-68A7C92581E9}" = Microsoft Visual C++ 2012 Extended Libraries
"{800F484E-9D69-492D-B656-7BAA32586142}" = Microsoft Visual Studio 2012 Shell (Minimum)
"{820C677A-41B2-48C3-8136-FEE35A052E73}" = Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}" = Autodesk AutoCAD Performance Feedback Tool 1.2.5
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89B4532E-19CE-4FA9-9692-10BFD5A38532}" = Visual Studio Extensions for Windows Library for JavaScript
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8ED2ED41-4455-449D-993C-751C039089B9}" = Autodesk Advanced Material Library Image Library 2017
"{8FA59B7B-1D26-408F-A798-BD11A65A68B9}" = LibreOffice 5.2.0.4
"{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}" = Autodesk Material Library 2017
"{8FD71E98-EE44-3844-9DAD-9CB0BBBC603C}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24210
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{93489CA8-6656-33A0-A5AC-E0EDEDB17C3E}" = Microsoft Visual Studio Professional 2012
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9600393b-6ede-469b-a522-689fce1461d1}" = Microsoft Visual Studio Ultimate 2012
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}" = Foxit PhantomPDF
"{A4366F69-CE22-4DB7-9C8C-46A5845AF997}" = Microsoft Visual C++ 2012 Compilers - ENU Resources
"{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}" = Microsoft SQL Server System CLR Types
"{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}" = Acer Portal
"{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = Battlefield 4™
"{AD1AEE2A-D9C0-3FAC-8D6B-B5E07B47257B}" = Microsoft Visual C++ 2012 Core Libraries
"{B1465D1D-6427-4CA1-AE29-8B699209E663}" = Microsoft Visual Studio 2012 Devenv Resources
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B3533B84-A8DF-4A7A-8E95-B15F08B26E96}" = Microsoft Visual Studio 2012 IntelliTrace Core x86
"{B5AD89F2-03D3-4206-8487-018298007DD0}" = abPhoto
"{B5DA9D49-9BD8-0F2F-52FC-C7E66BC8D944}" = LocalESPCui for en-us
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{BAD0254F-9BDB-3D14-A5AC-9C0EF51F3D09}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - enu
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BB762706-65FA-44C1-B2BB-EF29CA88D7CE}_is1" = Shadow Tactics - Blades of the Shogun 1.0.8
"{BBF10B37-4ED3-11D5-A818-00500435FC18}" = Gothic
"{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}" = Gtk# for .Net 2.12.26
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BDBE5D2A-AAB7-77BD-7A0E-5006665CE7C6}" = LocalESPC
"{BEEA72E5-BA89-4382-B89A-5B11077349CC}}_is1" = UninstallAsus Espada Gaming Mouse
"{C0954809-F5DC-426C-847E-8409DE14E4C0}" = Autodesk App Manager 2016-2017
"{C1BE4600-7D15-3D1E-8AA2-B3241DB1D063}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
"{C4CAD994-6EA2-3121-8352-DA593150B322}" = Microsoft Portable Library Multi-Targeting Pack
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{c7f54569-0018-439c-809a-48046a4d4ebc}" = Intel(R) Chipset Device Software
"{C81452EB-CBCF-B8EB-3124-48C5B3D506B0}" = Windows Runtime Intellisense Content - en-us
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{CFFDC0EC-6924-3347-B047-13339EDBEC28}" = Microsoft Visual Studio Professional 2012 - ENU
"{D11F66FF-82B3-DDB8-1146-525370552BE1}" = Windows Software Development Kit for Windows Store Apps
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{D8C8656B-0BD8-39C3-B741-F889B7C144E5}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24210
"{D971780F-A609-4F78-92AA-B56FBC3955B9}" = Microsoft Visual Studio 2012 IntelliTrace Front End x86
"{d992c12e-cab2-426f-bde3-fb8c53950b0d}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215
"{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}" = Microsoft SQL Server 2012 Management Objects
"{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}" = Microsoft System CLR Types for SQL Server 2012
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E4C33F5B-1B2F-466E-957E-B274F08151A0}" = Microsoft Web Deploy dbSqlPackage Provider - enu
"{E818AE7C-244B-4A50-9C86-C0E4A8B69159}" = Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU
"{EFA87714-E75A-3BFC-A698-A3AABA5A8A0C}" = Microsoft Visual Studio Ultimate 2012
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype™ 7.30
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FEB375AB-6EEC-3929-8FAF-188ED81DD8B5}" = Microsoft Help Viewer 2.0
"1104739253_is1" = 8-bit Hordes
"1427985242_is1" = Titan Souls
"1429864849_is1" = Kerbal Space Program
"1769415595_is1" = Balrum
"Adobe Flash Player NPAPI" = Adobe Flash Player 24 NPAPI
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Autodesk Desktop App" = Počítačová aplikace Autodesk
"Avira Antivirus" = Avira Antivirus
"Bandicam" = Bandicam
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"Battlelog Web Plugins" = Battlelog Web Plugins
"Build and Shoot Launcher" = Build and Shoot Launcher 1.2
"Cities Skylines - Deluxe Edition v1.5.0 (6 DLC)1.5.0" = Cities Skylines - Deluxe Edition v1.5.0 (6 DLC)
"Cities Skylines Natural Disasters_is1" = Cities Skylines Natural Disasters
"Crusader Kings II The Reapers Due_is1" = Crusader Kings II The Reapers Due
"ESN Sonar-0.70.4" = ESN Sonar
"Europa Universalis IV 1.10.0" = Europa Universalis IV 1.10.0
"Europa Universalis IV: Common Sense_is1" = Europa Universalis IV: Common Sense
"Executive Assault_is1" = Executive Assault
"Fallout 4_is1" = Fallout 4
"GOTHIC1 - Klasická verze - 'Systémový balíček'" = GOTHIC1 - Klasická verze - 'Systémový balíček'
"Microsoft Help Viewer 2.0" = Microsoft Help Viewer 2.0
"Mozilla Firefox 50.1.0 (x86 en-US)" = Mozilla Firefox 50.1.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Necropolis_is1" = Necropolis
"OpenAL" = OpenAL
"OpenRCT2" = OpenRCT2 0.0.5-develop-5b01653
"OpenTTD" = OpenTTD 1.6.1
"Origin" = Origin
"original war" = Original War
"Project Nomads" = Project Nomads
"PunkBusterSvc" = PunkBuster Services
"Rockstar Games Social Club" = Rockstar Games Social Club
"Spadille" = Spadille 1.6
"Steam" = Steam
"steam app 8930" = Sid Meier's Civilization V
"TeamViewer" = TeamViewer 11
"The KMPlayer" = KMPlayer
"Tunngle_is1" = Tunngle
"Unity" = Unity
"Uplay" = Uplay
"Uplay Install 46" = Far Cry 3
"Uplay Install 54" = Assassin's Creed III
"Uplay Install 635" = Tom Clancy's Rainbow Six Siege
"Uplay Install 91" = Splinter Cell Blacklist

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"bf2battlelog" = bf2battlelog
"DG0-PlanetSide 2" = PlanetSide 2
"DirectX Packages" = DirectX Packages
"Gothic Texture Patch - Freddy" = Freddy's Texture Patch BETA

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 18.12.2016 15:44:19 | Computer Name = blackbook | Source = Application Error | ID = 1000
Description = Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové
razítko: 0x4e4594ce Název chybujícího modulu: GDI32.dll, verze: 10.0.14393.206,
časové razítko: 0x57dad2ca Kód výjimky: 0xc000041d Posun chyby: 0x00003e82 ID chybujícího
procesu: 0x24a4 Čas spuštění chybující aplikace: 0x01d25937db8ee6e4 Cesta k chybující
aplikaci: C:\programy\uTorrent\utorrent.exe Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID
zprávy: 5b76b9a9-8d46-4a65-a665-d50ecb404e11 Úplný název chybujícího balíčku: ID
aplikace související s chybujícím balíčkem:

Error - 19.12.2016 2:21:01 | Computer Name = blackbook | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 20.12.2016 9:13:41 | Computer Name = blackbook | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 20.12.2016 12:42:11 | Computer Name = blackbook | Source = Application Hang | ID = 1002
Description = Program firefox.exe verze 50.1.0.6186 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID
procesu: 36e8 Čas spuštění: 01d25a51aed6a3c3 Čas ukončení: 4294967295 Cesta k aplikaci:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe ID hlášení: 3cdd1170-c6d3-11e6-8f47-3065ec8c4be6

Úplný
název balíčku s chybou: ID aplikace související s balíčkem s chybou:

Error - 20.12.2016 21:03:09 | Computer Name = blackbook | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 21.12.2016 10:06:26 | Computer Name = blackbook | Source = Application Error | ID = 1000
Description = Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové
razítko: 0x4e4594ce Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.479,
časové razítko: 0x58256ca0 Kód výjimky: 0xc0000005 Posun chyby: 0x00045b0e ID chybujícího
procesu: 0xe74 Čas spuštění chybující aplikace: 0x01d25b2d15f80e79 Cesta k chybující
aplikaci: C:\programy\uTorrent\utorrent.exe Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID
zprávy: a4f6e9bd-95bd-4866-8448-1c7c196233c2 Úplný název chybujícího balíčku: ID
aplikace související s chybujícím balíčkem:

Error - 21.12.2016 10:06:31 | Computer Name = blackbook | Source = Application Error | ID = 1000
Description = Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové
razítko: 0x4e4594ce Název chybujícího modulu: GDI32.dll, verze: 10.0.14393.206,
časové razítko: 0x57dad2ca Kód výjimky: 0xc000041d Posun chyby: 0x00003e82 ID chybujícího
procesu: 0xe74 Čas spuštění chybující aplikace: 0x01d25b2d15f80e79 Cesta k chybující
aplikaci: C:\programy\uTorrent\utorrent.exe Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID
zprávy: b2da0c4f-098f-467a-baee-bc4fd876b05c Úplný název chybujícího balíčku: ID
aplikace související s chybujícím balíčkem:

Error - 21.12.2016 12:53:01 | Computer Name = blackbook | Source = Application Error | ID = 1000
Description = Název chybující aplikace: comm2.exe, verze: 0.0.0.0, časové razítko:
0x5714b51e Název chybujícího modulu: comm2.exe, verze: 0.0.0.0, časové razítko:
0x5714b51e Kód výjimky: 0xc0000005 Posun chyby: 0x00120e64 ID chybujícího procesu:
0x3980 Čas spuštění chybující aplikace: 0x01d25b9e64a4f6e8 Cesta k chybující aplikaci:
C:\Programy\Steam\steamapps\common\Commandos 2 Men of Courage\comm2.exe Cesta k
chybujícímu modulu: C:\Programy\Steam\steamapps\common\Commandos 2 Men of Courage\comm2.exe
ID
zprávy: 6de8b5ca-9b25-47cf-b75c-54c4bb0cbaec Úplný název chybujícího balíčku: ID
aplikace související s chybujícím balíčkem:

Error - 21.12.2016 13:01:08 | Computer Name = blackbook | Source = Application Error | ID = 1000
Description = Název chybující aplikace: comm2.exe, verze: 0.0.0.0, časové razítko:
0x5714b51e Název chybujícího modulu: comm2.exe, verze: 0.0.0.0, časové razítko:
0x5714b51e Kód výjimky: 0xc0000005 Posun chyby: 0x00120e64 ID chybujícího procesu:
0x1340 Čas spuštění chybující aplikace: 0x01d25bab9b037d8c Cesta k chybující aplikaci:
C:\Programy\Steam\steamapps\common\Commandos 2 Men of Courage\comm2.exe Cesta k
chybujícímu modulu: C:\Programy\Steam\steamapps\common\Commandos 2 Men of Courage\comm2.exe
ID
zprávy: d443daec-e8ce-4e4b-b26a-09f5c64c3aba Úplný název chybujícího balíčku: ID
aplikace související s chybujícím balíčkem:

Error - 21.12.2016 13:30:32 | Computer Name = blackbook | Source = Application Hang | ID = 1002
Description = Program il2fb.exe verze 0.0.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID
procesu: 898 Čas spuštění: 01d25baf9e8a977a Čas ukončení: 4294967295 Cesta k aplikaci:
C:\Programy\Steam\steamapps\common\IL 2 Sturmovik 1946\il2fb.exe ID hlášení: 2ade9d4f-c7a3-11e6-8f47-3065ec8c4be6

Úplný
název balíčku s chybou: ID aplikace související s balíčkem s chybou:

[ isaAgentLog Events ]
Error - 01.11.2016 11:09:16 | Computer Name = blackbook | Source = isaAgent | ID = 1135
Description = 1.0.0.532: Unexpected error: Vzdálený server vrátil chybu: (404) Nenalezeno.

Error - 08.11.2016 11:09:17 | Computer Name = blackbook | Source = isaAgent | ID = 1135
Description = 1.0.0.532: Unexpected error: Vzdálený server vrátil chybu: (404) Nenalezeno.

Error - 15.11.2016 13:00:53 | Computer Name = blackbook | Source = isaAgent | ID = 1135
Description = 1.0.0.532: Unexpected error: Vzdálený server vrátil chybu: (404) Nenalezeno.

Error - 22.11.2016 13:00:55 | Computer Name = blackbook | Source = isaAgent | ID = 1135
Description = 1.0.0.532: Unexpected error: Vzdálený server vrátil chybu: (404) Nenalezeno.

Error - 29.11.2016 13:00:57 | Computer Name = blackbook | Source = isaAgent | ID = 1135
Description = 1.0.0.532: Unexpected error: Vzdálený server vrátil chybu: (404) Nenalezeno.

Error - 06.12.2016 13:00:58 | Computer Name = blackbook | Source = isaAgent | ID = 1135
Description = 1.0.0.532: Unexpected error: Vzdálený server vrátil chybu: (404) Nenalezeno.

Error - 13.12.2016 13:01:00 | Computer Name = blackbook | Source = isaAgent | ID = 1135
Description = 1.0.0.532: Unexpected error: Vzdálený server vrátil chybu: (404) Nenalezeno.

Error - 20.12.2016 13:01:03 | Computer Name = blackbook | Source = isaAgent | ID = 1135
Description = 1.0.0.532: Unexpected error: Vzdálený server vrátil chybu: (404) Nenalezeno.

Error - 27.12.2016 13:01:05 | Computer Name = blackbook | Source = isaAgent | ID = 1135
Description = 1.0.0.532: Unexpected error: Vzdálený server vrátil chybu: (404) Nenalezeno.

Error - 03.01.2017 13:01:06 | Computer Name = blackbook | Source = isaAgent | ID = 1135
Description = 1.0.0.532: Unexpected error: Vzdálený server vrátil chybu: (404) Nenalezeno.

[ System Events ]
Error - 04.01.2017 13:54:49 | Computer Name = blackbook | Source = Service Control Manager | ID = 7022
Description = Služba Optimalizace doručení přestala během spouštění reagovat.

Error - 04.01.2017 13:55:38 | Computer Name = blackbook | Source = DCOM | ID = 10016
Description =

Error - 04.01.2017 16:24:15 | Computer Name = blackbook | Source = Microsoft-Windows-Ntfs | ID = 98
Description =

Error - 04.01.2017 16:24:44 | Computer Name = blackbook | Source = Microsoft-Windows-Ntfs | ID = 98
Description =

Error - 04.01.2017 21:34:45 | Computer Name = blackbook | Source = Service Control Manager | ID = 7034
Description = Služba Malwarebytes Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 04.01.2017 22:16:22 | Computer Name = blackbook | Source = DCOM | ID = 10016
Description =

Error - 05.01.2017 10:36:19 | Computer Name = blackbook | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 05.01.2017 14:42:00 | Computer Name = blackbook | Source = DCOM | ID = 10016
Description =

Error - 05.01.2017 14:52:06 | Computer Name = blackbook | Source = Service Control Manager | ID = 7034
Description = Služba Malwarebytes Service byla neočekávaně ukončena. Tento stav
nastal již 1krát.

Error - 05.01.2017 16:29:49 | Computer Name = blackbook | Source = Service Control Manager | ID = 7031
Description = Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo
se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat
službu.


< End of report >

[vantyto]

a ješte projistotu HJT aktuální:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:35:02, on 05.01.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Programy\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Users\Public\Downloads\programy\hijack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Programy\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StereoLinksInstall] "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1
O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Programy\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [EADM] "C:\Programy\Origin\Origin.exe" -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01052017194321008\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01052017194321252\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
O4 - HKUS\S-1-5-21-3880423963-3014309569-130014225-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01052017194321445\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User '?')
O4 - HKUS\S-1-5-21-3880423963-3014309569-130014225-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-01052017194322322\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User '?')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: AtherosSvc - Qualcomm Atheros - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Unknown owner - C:\WINDOWS\system32\IntelCpHDCPSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Unknown owner - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Wireless Controller Service - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Programy\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Programy\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Quick Access Local Service (QALSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
O23 - Service: Quick Access Service (QASvc) - Acer Incorporated - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Programy\TeamViewer\TeamViewer_Service.exe
O23 - Service: Thunderbolt(TM) Service (ThunderboltService) - Intel Corporation - C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Programy\Tunngle\TnglCtrl.exe
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Unknown owner - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (file missing)

--
End of file - 14384 bytes