Už jsem log poslal, přes noc to doběhlo.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:19:44, on 7. 12. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
FIREFOX: 50.0.2 (x86 cs)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Bezrayer\AppData\Roaming\Telegram Desktop\Telegram.exe
C:\Users\Bezrayer\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [DU Meter] "C:\Program Files (x86)\DU Meter\DUMeter.exe" /autostart
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Bezrayer\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Bezrayer\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Spotify] "C:\Users\Bezrayer\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [NetBalancer] C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [gmSWG] C:\Program Files\RAVEN Gaming Mouse\gmSWG.exe
O4 - HKCU\..\Run: [gmPoint] C:\Program Files\RAVEN Gaming Mouse\gmPoint.exe
O4 - HKCU\..\Run: [NetLimiter] "D:\Games\Netlimit\nlclientapp.exe" /minimized
O4 - HKCU\..\Run: [MyComGames] "C:\Users\Bezrayer\AppData\Local\MyComGames\MyComGames.exe" -autostart
O4 - HKCU\..\Run: [GalaxyClient] C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Bezrayer\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Bezrayer\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: CurseClientStartup.ccip
O4 - Startup: MEGAsync.lnk = Bezrayer\AppData\Local\MEGAsync\MEGAsync.exe
O4 - Startup: Telegram.lnk = Bezrayer\AppData\Roaming\Telegram Desktop\Telegram.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AODService - Unknown owner - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Tjänsten Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Tjänsten Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: NetBalancerService - SeriousBit - C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NitroPDFDriverCreatorReadSpool11 (NitroDriverReadSpool11) - Nitro Software, Inc. - C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe
O23 - Service: NitroUpdateService - Unknown owner - C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
O23 - Service: NetLimiter 4 Service (nlsvc) - Locktime Software - D:\Games\Netlimit\NLSvc.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\SysWOW64\NLSSRV32.EXE
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13241 bytes
Preventivní kontrola
Re: Preventivní kontrola
Asus M5A78L-M LX V2
AMD Athlon II X4 640
8GB DDR3 1333MHz
MSI Radeon HD5670 Cyclone 1G
Windows 10 Pro 64-bit
AMD Athlon II X4 640
8GB DDR3 1333MHz
MSI Radeon HD5670 Cyclone 1G
Windows 10 Pro 64-bit
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Preventivní kontrola
Už jsem to opravil..
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Ještě to další , Zemana a FRST , problémy žádné?
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Kód: Vybrat vše
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Bezrayer\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Bezrayer\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.comJeště to další , Zemana a FRST , problémy žádné?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Preventivní kontrola
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-12-2016
Ran by Bezrayer (administrator) on SELDA (07-12-2016 09:22:10)
Running from C:\Users\Bezrayer\Downloads
Loaded Profiles: Bezrayer (Available Profiles: Bezrayer & Administrator)
Platform: Windows 10 Pro Version 1607 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Hagel Technologies Ltd.) C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(SeriousBit) C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
() C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
(Hi-Rez Studios) F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Nitro Software, Inc.) C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Locktime Software) D:\Games\Netlimit\NLSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Telegram Messenger LLP) C:\Users\Bezrayer\AppData\Roaming\Telegram Desktop\Telegram.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1159192 2016-05-14] (Highresolution Enterprises)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4926664 2016-02-26] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-07-24] (Sony)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [DU Meter] => C:\Program Files (x86)\DU Meter\DUMeter.exe [9797488 2016-07-06] (Hagel Technologies Ltd.)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [Spotify Web Helper] => C:\Users\Bezrayer\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-12-01] (Spotify Ltd)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [Spotify] => C:\Users\Bezrayer\AppData\Roaming\Spotify\Spotify.exe [6987376 2016-12-01] (Spotify Ltd)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [NetBalancer] => C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe [1915256 2016-06-23] (SeriousBit)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-06-22] (Disc Soft Ltd)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [gmSWG] => C:\Program Files\RAVEN Gaming Mouse\gmSWG.exe [892416 2008-11-12] ()
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [gmPoint] => C:\Program Files\RAVEN Gaming Mouse\gmPoint.exe [55808 2008-04-16] ()
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [NetLimiter] => D:\Games\Netlimit\nlclientapp.exe [56368 2016-09-05] (Locktime Software)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [MyComGames] => C:\Users\Bezrayer\AppData\Local\MyComGames\MyComGames.exe [4974992 2016-11-15] (MY.COM B.V.)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [3970112 2016-12-01] (GOG.com)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\RunOnce: [Uninstall C:\Users\Bezrayer\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Bezrayer\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Bezrayer\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-15] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Bezrayer\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-15] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Bezrayer\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-15] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Bezrayer\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-15] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Bezrayer\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-15] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Bezrayer\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-15] ()
Startup: C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-09-23] ()
Startup: C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-11-10]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Bezrayer\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2016-10-30]
ShortcutTarget: Telegram.lnk -> C:\Users\Bezrayer\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram Messenger LLP)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0e26a90a-bf36-4945-be7f-e4fedf27d807}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{23b4749e-67cd-4317-a5c5-f580c6f40dfa}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{2b9c873e-45a2-4d3b-a30c-34cfb0aac029}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4cc48c93-40a5-487d-8eb1-961602931a03}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3025460961-235328027-311272571-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-10-11] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-27] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2016-07-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-18] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2016-09-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-18] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: hgsmjkuf.default
FF ProfilePath: C:\Users\Bezrayer\AppData\Roaming\Mozilla\Firefox\Profiles\hgsmjkuf.default [2016-12-06]
FF NewTab: Mozilla\Firefox\Profiles\hgsmjkuf.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\hgsmjkuf.default -> about:home
FF Extension: (Twitch Now) - C:\Users\Bezrayer\AppData\Roaming\Mozilla\Firefox\Profiles\hgsmjkuf.default\Extensions\jid1-jwVSihNsgAw5jA@jetpack.xpi [2016-12-06]
FF Extension: (uBlock Origin) - C:\Users\Bezrayer\AppData\Roaming\Mozilla\Firefox\Profiles\hgsmjkuf.default\Extensions\uBlock0@raymondhill.net.xpi [2016-12-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-10-04] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-11] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2015-10-04] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3025460961-235328027-311272571-1001: @my.com/Games -> C:\Users\Bezrayer\AppData\Local\MyComGames\NPMyComDetector.dll [2016-11-15] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-3025460961-235328027-311272571-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-02-19] ()
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Bezrayer\AppData\Local\Google\Chrome\User Data\Default [2016-12-07]
CHR Extension: (Prezentace Google) - C:\Users\Bezrayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-07]
CHR Extension: (Dokumenty Google) - C:\Users\Bezrayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-07]
CHR Extension: (Disk Google) - C:\Users\Bezrayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-07]
CHR Extension: (YouTube) - C:\Users\Bezrayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-07]
CHR Extension: (Tabulky Google) - C:\Users\Bezrayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Bezrayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Bezrayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-07]
CHR Extension: (Gmail) - C:\Users\Bezrayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-07]
CHR Extension: (Chrome Media Router) - C:\Users\Bezrayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-07]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-09-19] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3040496 2016-10-04] (Microsoft Corporation)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-11-07] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd)
R2 DUMeterSvc; C:\Program Files (x86)\DU Meter\DUMeterSvc.exe [5833584 2016-07-06] (Hagel Technologies Ltd.) [File not signed]
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [284224 2016-12-01] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-11-17] (GOG.com)
U2 HiPatchService; F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-10-10] (Hi-Rez Studios) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NetBalancerService; C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [179064 2016-06-23] (SeriousBit)
R2 NitroDriverReadSpool11; C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe [327360 2016-10-25] (Nitro Software, Inc.)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe [413888 2016-10-25] ()
R2 nlsvc; D:\Games\Netlimit\NLSvc.exe [323632 2016-09-05] (Locktime Software)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3806032 2015-10-13] (INCA Internet Co., Ltd.)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37504 2016-11-03] (The OpenVPN Project)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2142728 2016-10-26] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2209296 2016-10-26] (Electronic Arts)
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [133376 2016-09-28] (Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [23240 2016-02-26] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [60104 2014-09-19] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102400 2016-02-26] (Advanced Micro Devices)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-07-17] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-07-17] (Disc Soft Ltd)
R3 DUMeterDrv; C:\Program Files (x86)\DU Meter\DUMETR64.SYS [22976 2016-07-06] (Hagel Technologies Ltd.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-12-07] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 MOSUMAC; C:\WINDOWS\System32\drivers\MOSUMAC.sys [57208 2014-04-02] (ASIX Electronics Corp.)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R1 nbdrv; C:\WINDOWS\system32\DRIVERS\nbdrv.sys [41392 2013-11-25] (SeriousBit)
S3 NdisImPlatformMp; C:\WINDOWS\System32\drivers\NdisImPlatform.sys [126464 2016-07-16] (Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 nldrv; D:\Games\Netlimit\nldrv.sys [140256 2016-09-05] (Locktime Software)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-10-10] (Realtek )
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
R3 RtlWlanu_OldIC; C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [3814400 2016-07-16] (Realtek Semiconductor Corporation )
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 Andbus; \SystemRoot\System32\drivers\lgandbus64.sys [X]
S3 AndDiag; \SystemRoot\system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; \SystemRoot\system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; \SystemRoot\system32\DRIVERS\lgandmodem64.sys [X]
S3 androidusb; \SystemRoot\System32\Drivers\lgandadb.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-07 09:22 - 2016-12-07 09:23 - 00020682 _____ C:\Users\Bezrayer\Downloads\FRST.txt
2016-12-07 09:22 - 2016-12-07 09:22 - 00000000 ____D C:\FRST
2016-12-07 09:17 - 2016-12-07 09:17 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\CrashDumps
2016-12-07 09:11 - 2016-12-06 22:42 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-12-06 23:56 - 2016-12-06 23:56 - 02419712 _____ (Farbar) C:\Users\Bezrayer\Downloads\FRST64.exe
2016-12-06 22:42 - 2016-12-07 09:09 - 00000000 ____D C:\zoek_backup
2016-12-06 22:41 - 2016-12-06 22:41 - 00010786 _____ C:\Users\Bezrayer\Desktop\ROGUE.txt
2016-12-06 22:40 - 2016-12-06 22:40 - 01309184 _____ C:\Users\Bezrayer\Desktop\zoek.exe
2016-12-06 18:29 - 2016-12-06 18:29 - 00001291 _____ C:\Users\Bezrayer\Desktop\Google Chrome.lnk
2016-12-06 18:13 - 2016-12-06 22:42 - 00000000 ____D C:\ProgramData\RogueKiller
2016-12-06 18:13 - 2016-12-06 18:13 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-12-06 17:51 - 2016-12-06 17:51 - 00001390 _____ C:\Users\Bezrayer\Desktop\JRT.txt
2016-12-06 17:36 - 2016-12-06 17:39 - 25550920 _____ C:\Users\Bezrayer\Desktop\RogueKillerX64.exe
2016-12-06 17:36 - 2016-12-06 17:37 - 01631928 _____ (Malwarebytes) C:\Users\Bezrayer\Desktop\JRT.exe
2016-12-06 10:11 - 2016-12-07 09:17 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-12-06 10:11 - 2016-12-06 10:11 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-12-06 10:11 - 2016-12-06 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-12-06 10:11 - 2016-12-06 10:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-06 10:11 - 2016-12-06 10:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-12-06 10:11 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-12-06 10:11 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-12-06 10:11 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-12-06 10:06 - 2016-12-06 17:42 - 00000000 ____D C:\AdwCleaner
2016-12-06 09:56 - 2016-12-06 09:58 - 22851472 _____ (Malwarebytes ) C:\Users\Bezrayer\Desktop\mbam-setup-2.2.1.1043.exe
2016-12-06 09:56 - 2016-12-06 09:56 - 03968464 _____ C:\Users\Bezrayer\Desktop\AdwCleaner.exe
2016-12-06 09:55 - 2016-12-06 09:55 - 00448512 _____ (OldTimer Tools) C:\Users\Bezrayer\Desktop\TFC.exe
2016-12-05 23:56 - 2016-12-05 23:56 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\Macromedia
2016-12-05 23:55 - 2016-12-06 22:13 - 00000000 ____D C:\Users\Bezrayer\AppData\LocalLow\Mozilla
2016-12-05 23:55 - 2016-12-06 00:01 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\Mozilla
2016-12-05 23:55 - 2016-12-05 23:55 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Mozilla
2016-12-05 23:54 - 2016-12-05 23:54 - 00001216 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-12-05 23:54 - 2016-12-05 23:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-05 23:54 - 2016-12-05 23:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-05 23:49 - 2016-12-05 23:49 - 00243624 _____ C:\Users\Bezrayer\Desktop\Firefox Setup Stub 50.0.2.exe
2016-12-05 23:31 - 2016-12-05 23:31 - 00388608 _____ (Trend Micro Inc.) C:\Users\Bezrayer\Desktop\HijackThis.exe
2016-12-02 14:38 - 2016-12-02 14:38 - 01030500 _____ C:\Users\Bezrayer\Desktop\adq1N2Q_460sv.mp4
2016-12-01 23:33 - 2016-12-01 23:33 - 00012232 _____ C:\Users\Bezrayer\Desktop\6F231138F33593075FDE464F61476AC046276DB6.torrent
2016-11-30 22:18 - 2016-11-30 22:18 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\TMPlayer
2016-11-30 22:18 - 2016-11-30 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TMPlayer
2016-11-30 22:18 - 2016-11-30 22:18 - 00000000 ____D C:\Program Files (x86)\TMPlayer
2016-11-30 21:42 - 2016-11-30 21:42 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\orion
2016-11-30 21:42 - 2016-11-30 21:42 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\orion
2016-11-30 21:41 - 2016-11-30 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orion
2016-11-30 21:41 - 2016-11-30 21:41 - 00000000 ____D C:\Program Files (x86)\Orion
2016-11-30 21:30 - 2016-12-01 16:47 - 00000000 ____D C:\Users\Bezrayer\Desktop\PoESkillTree
2016-11-27 22:14 - 2016-11-27 22:14 - 00000773 _____ C:\Users\Public\Desktop\Banished.lnk
2016-11-27 22:14 - 2016-11-27 22:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Banished [GOG.com]
2016-11-27 22:13 - 2016-11-27 22:13 - 00000000 ____D C:\Users\Bezrayer\Documents\Banished
2016-11-27 22:13 - 2016-05-23 10:17 - 00000000 ____D C:\Users\Bezrayer\Desktop\IGG-Banished.v1.0.6.GOG
2016-11-27 00:40 - 2016-11-24 22:58 - 17307379 _____ C:\Users\Bezrayer\Desktop\KATHY-RAIN-APK.apk
2016-11-27 00:40 - 2016-11-23 13:15 - 00000000 ____D C:\Users\Bezrayer\Desktop\com.rawfury.kathy
2016-11-27 00:11 - 2016-11-27 00:11 - 00009728 _____ C:\Users\Bezrayer\Desktop\vyhledávání.xls
2016-11-26 19:38 - 2016-11-26 19:38 - 00001255 _____ C:\Users\Bezrayer\Desktop\AIDA64 Engineer.lnk
2016-11-26 19:38 - 2016-11-26 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2016-11-26 19:38 - 2016-11-26 19:38 - 00000000 ____D C:\Program Files (x86)\FinalWire
2016-11-26 18:35 - 2010-12-10 16:34 - 01461066 _____ C:\Users\Bezrayer\Desktop\AMD_Radeon_HD_6950_6970_ENU.pdf
2016-11-25 23:56 - 2016-12-01 10:14 - 00000044 _____ C:\Users\Bezrayer\Documents\saaassseeee dh.txt
2016-11-24 21:21 - 2016-11-24 21:21 - 00001848 _____ C:\Users\Bezrayer\Desktop\powerpnt – zástupce.lnk
2016-11-24 21:21 - 2016-11-24 21:21 - 00001837 _____ C:\Users\Bezrayer\Desktop\winword – zástupce.lnk
2016-11-24 21:04 - 2016-11-24 21:04 - 00004581 _____ C:\Users\Bezrayer\Desktop\excel – zástupce.lnk
2016-11-24 20:59 - 2016-11-24 20:59 - 00012792 _____ C:\Users\Bezrayer\Desktop\test_dalakari8_1_2016.xlsx
2016-11-24 00:12 - 2016-11-24 00:12 - 01770315 _____ C:\Users\Bezrayer\Desktop\CNPS8000B_ENG_130401_0.pdf
2016-11-23 20:26 - 2016-11-23 20:26 - 00000000 ____D C:\Users\Bezrayer\AppData\LocalLow\Nitro
2016-11-23 20:17 - 2016-11-23 20:26 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Nitro
2016-11-23 20:16 - 2016-11-23 20:16 - 00002012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro.lnk
2016-11-23 20:16 - 2016-11-23 20:16 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Downloaded Installations
2016-11-23 20:16 - 2016-11-23 20:16 - 00000000 ____D C:\ProgramData\Nitro
2016-11-23 20:16 - 2016-11-23 20:16 - 00000000 ____D C:\Program Files\Nitro
2016-11-23 20:16 - 2016-11-23 20:16 - 00000000 ____D C:\Program Files\Common Files\Nitro
2016-11-23 20:16 - 2016-11-23 20:16 - 00000000 ____D C:\Program Files (x86)\Nitro
2016-11-23 20:16 - 2016-10-25 05:17 - 00031936 _____ (Nitro Software, Inc.) C:\WINDOWS\system32\nitrolocalmon11.dll
2016-11-23 20:16 - 2016-10-25 05:17 - 00020160 _____ (Nitro Software, Inc.) C:\WINDOWS\system32\nitrolocalui11.dll
2016-11-23 19:48 - 2016-11-24 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-11-23 19:34 - 2016-11-23 19:34 - 00000000 ____D C:\Users\Bezrayer\AppData\LocalLow\Adobe
2016-11-23 19:31 - 2016-11-23 20:06 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-11-23 19:30 - 2016-11-23 20:06 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-23 19:30 - 2016-11-23 19:30 - 00002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-11-23 19:18 - 2016-11-23 19:20 - 30300790 _____ C:\Users\Bezrayer\Desktop\anglictina-pro-samouky-a-vecne-zacatecniky-cd-mp3-e-kniha.pdf
2016-11-23 00:31 - 2016-11-23 00:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2016-11-23 00:30 - 2016-11-23 00:30 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\PlaysTV
2016-11-23 00:28 - 2016-11-23 00:28 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\library_dir
2016-11-23 00:26 - 2016-11-23 00:28 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Raptr
2016-11-23 00:04 - 2016-11-23 00:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-11-22 20:35 - 2016-11-22 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2016-11-22 20:35 - 2016-11-22 20:36 - 00000000 ____D C:\Program Files\TAP-Windows
2016-11-22 20:35 - 2016-11-22 20:36 - 00000000 ____D C:\Program Files\OpenVPN
2016-11-22 20:35 - 2016-11-22 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2016-11-22 18:56 - 2016-11-22 18:56 - 00001769 _____ C:\WINDOWS\Language_trs.ini
2016-11-22 18:56 - 2016-11-22 18:56 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-11-22 09:56 - 2016-11-22 09:56 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\GalaxyCommunicationService
2016-11-22 09:55 - 2016-11-22 09:55 - 00000000 ____D C:\Users\Bezrayer\AppData\LocalLow\CDProjektRED
2016-11-22 09:55 - 2016-11-22 09:55 - 00000000 ____D C:\ProgramData\CDProjekt RED
2016-11-22 08:27 - 2016-12-01 12:56 - 00000000 ____D C:\Program Files (x86)\GOG Galaxy
2016-11-22 08:27 - 2016-11-22 08:27 - 00000000 ____D C:\ProgramData\GOG.com
2016-11-20 20:57 - 2016-11-20 20:57 - 00001699 _____ C:\Users\Public\Desktop\Path of Diablo Launcher.lnk
2016-11-20 20:57 - 2016-11-20 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Path of Diablo Launcher
2016-11-20 20:52 - 2016-11-20 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
2016-11-20 14:56 - 2016-11-18 13:31 - 00000000 ____D C:\Users\Bezrayer\Desktop\Orwell.Episode.1-5
2016-11-19 00:09 - 2016-11-19 00:10 - 00000000 ____D C:\Users\Bezrayer\Downloads\Hra o trůny
2016-11-18 13:50 - 2016-11-18 13:50 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\2K Games
2016-11-18 09:38 - 2016-11-18 09:38 - 00000000 ____D C:\Users\Bezrayer\Documents\NeocoreGames
2016-11-17 22:40 - 2016-11-17 22:40 - 00086528 _____ C:\WINDOWS\bnetunin.exe
2016-11-17 22:40 - 2016-11-17 22:40 - 00061440 _____ C:\WINDOWS\diabunin.exe
2016-11-17 22:40 - 2016-11-17 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo
2016-11-17 16:55 - 2016-11-17 16:55 - 00000000 ____D C:\Users\Bezrayer\Documents\PassMark
2016-11-17 16:55 - 2016-11-17 16:55 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\PassMark
2016-11-17 16:55 - 2016-11-17 16:55 - 00000000 ____D C:\ProgramData\Passmark
2016-11-17 16:55 - 2016-11-17 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest
2016-11-17 16:54 - 2016-11-17 16:55 - 00000000 ____D C:\Program Files\PerformanceTest
2016-11-17 10:18 - 2016-11-17 10:18 - 00001155 _____ C:\Users\Bezrayer\Desktop\MSI Afterburner.lnk
2016-11-17 10:18 - 2016-11-17 10:18 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2016-11-17 10:18 - 2016-11-17 10:18 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2016-11-17 10:18 - 2016-11-17 10:18 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2016-11-17 10:17 - 2016-11-27 21:09 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2016-11-16 08:55 - 2016-11-16 08:55 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com
2016-11-15 20:36 - 2016-11-15 20:36 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\edu.media.mit.Scratch2Editor
2016-11-15 20:05 - 2016-11-15 20:05 - 00000962 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scratch 2.lnk
2016-11-15 17:40 - 2016-11-15 17:40 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2016-11-15 17:39 - 2016-11-23 00:14 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\MyComGames
2016-11-12 09:11 - 2016-11-12 09:11 - 00000000 ____D C:\Users\Bezrayer\Documents\Warm Lamp Games
2016-11-10 23:33 - 2016-11-10 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-11-10 22:36 - 2016-11-15 11:08 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\MEGAsync
2016-11-10 22:36 - 2016-11-10 22:36 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2016-11-10 22:36 - 2016-11-10 22:36 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\Mega Limited
2016-11-10 18:42 - 2016-11-10 18:42 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2016-11-10 18:42 - 2016-11-10 18:42 - 00000000 ____D C:\Program Files (x86)\GPU-Z
2016-11-09 17:31 - 2016-11-02 12:22 - 01570672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-11-09 17:31 - 2016-11-02 12:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-11-09 17:31 - 2016-11-02 12:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-09 17:31 - 2016-11-02 12:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-09 17:31 - 2016-11-02 12:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-11-09 17:31 - 2016-11-02 12:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-11-09 17:31 - 2016-11-02 12:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-11-09 17:31 - 2016-11-02 12:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-09 17:31 - 2016-11-02 12:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-11-09 17:31 - 2016-11-02 12:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-09 17:31 - 2016-11-02 12:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2016-11-09 17:31 - 2016-11-02 12:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-11-09 17:31 - 2016-11-02 12:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-09 17:31 - 2016-11-02 12:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-09 17:31 - 2016-11-02 11:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-11-09 17:31 - 2016-11-02 11:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-11-09 17:31 - 2016-11-02 11:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2016-11-09 17:31 - 2016-11-02 11:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-09 17:31 - 2016-11-02 11:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-09 17:31 - 2016-11-02 11:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-09 17:31 - 2016-11-02 11:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-09 17:31 - 2016-11-02 11:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-09 17:31 - 2016-11-02 11:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-11-09 17:31 - 2016-11-02 11:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-11-09 17:31 - 2016-11-02 11:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2016-11-09 17:31 - 2016-11-02 11:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2016-11-09 17:31 - 2016-11-02 11:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-11-09 17:31 - 2016-11-02 11:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-09 17:31 - 2016-11-02 11:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-11-09 17:31 - 2016-11-02 11:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-09 17:31 - 2016-11-02 11:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-09 17:31 - 2016-11-02 11:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-11-09 17:31 - 2016-11-02 11:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-11-09 17:31 - 2016-11-02 11:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-11-09 17:31 - 2016-11-02 11:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-11-09 17:31 - 2016-11-02 11:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-11-09 17:31 - 2016-11-02 11:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-11-09 17:31 - 2016-11-02 11:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2016-11-09 17:31 - 2016-11-02 11:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-11-09 17:31 - 2016-11-02 11:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-09 17:31 - 2016-11-02 11:39 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-11-09 17:31 - 2016-11-02 11:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-09 17:31 - 2016-11-02 11:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-09 17:31 - 2016-11-02 11:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-11-09 17:31 - 2016-11-02 11:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-09 17:31 - 2016-11-02 11:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-11-09 17:31 - 2016-11-02 11:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-11-09 17:31 - 2016-11-02 11:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-09 17:31 - 2016-11-02 11:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-09 17:31 - 2016-11-02 11:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-11-09 17:31 - 2016-11-02 11:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-09 17:31 - 2016-11-02 11:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-09 17:31 - 2016-11-02 11:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-09 17:31 - 2016-11-02 11:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-09 17:31 - 2016-11-02 11:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-09 17:31 - 2016-11-02 11:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-09 17:31 - 2016-11-02 11:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-11-09 17:31 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-09 17:31 - 2016-11-02 11:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-09 17:31 - 2016-11-02 11:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-09 17:31 - 2016-11-02 11:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-09 17:31 - 2016-11-02 11:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-09 17:31 - 2016-11-02 11:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-11-09 17:31 - 2016-11-02 11:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-09 17:31 - 2016-11-02 11:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-09 17:31 - 2016-11-02 11:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-09 17:31 - 2016-11-02 11:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-11-09 17:31 - 2016-11-02 11:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-09 17:31 - 2016-11-02 11:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-09 17:31 - 2016-11-02 11:26 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-11-09 17:31 - 2016-11-02 11:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-11-09 17:31 - 2016-11-02 11:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-09 17:31 - 2016-11-02 11:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-09 17:31 - 2016-11-02 11:25 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-11-09 17:31 - 2016-11-02 11:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-09 17:31 - 2016-11-02 11:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-09 17:31 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-11-09 17:30 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-11-09 17:30 - 2016-11-02 13:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-09 17:30 - 2016-11-02 12:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-11-09 17:30 - 2016-11-02 12:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-11-09 17:30 - 2016-11-02 12:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-11-09 17:30 - 2016-11-02 12:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-09 17:30 - 2016-11-02 12:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-11-09 17:30 - 2016-11-02 12:01 - 01415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-11-09 17:30 - 2016-11-02 12:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-09 17:30 - 2016-11-02 11:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-09 17:30 - 2016-11-02 11:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-11-09 17:30 - 2016-11-02 11:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-11-09 17:30 - 2016-11-02 11:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-11-09 17:30 - 2016-11-02 11:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-11-09 17:30 - 2016-11-02 11:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 17:30 - 2016-11-02 11:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 17:30 - 2016-11-02 11:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-11-09 17:30 - 2016-11-02 11:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
2016-11-09 17:30 - 2016-11-02 11:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-11-09 17:30 - 2016-11-02 11:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2016-11-09 17:30 - 2016-11-02 11:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-09 17:30 - 2016-11-02 11:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-09 17:30 - 2016-11-02 11:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-11-09 17:30 - 2016-11-02 11:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-11-09 17:30 - 2016-11-02 11:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-09 17:30 - 2016-11-02 10:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-11-09 17:30 - 2016-11-02 10:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
Ran by Bezrayer (administrator) on SELDA (07-12-2016 09:22:10)
Running from C:\Users\Bezrayer\Downloads
Loaded Profiles: Bezrayer (Available Profiles: Bezrayer & Administrator)
Platform: Windows 10 Pro Version 1607 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Hagel Technologies Ltd.) C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(SeriousBit) C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
() C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
(Hi-Rez Studios) F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Nitro Software, Inc.) C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Locktime Software) D:\Games\Netlimit\NLSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Telegram Messenger LLP) C:\Users\Bezrayer\AppData\Roaming\Telegram Desktop\Telegram.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1159192 2016-05-14] (Highresolution Enterprises)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4926664 2016-02-26] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-07-24] (Sony)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [DU Meter] => C:\Program Files (x86)\DU Meter\DUMeter.exe [9797488 2016-07-06] (Hagel Technologies Ltd.)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [Spotify Web Helper] => C:\Users\Bezrayer\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-12-01] (Spotify Ltd)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [Spotify] => C:\Users\Bezrayer\AppData\Roaming\Spotify\Spotify.exe [6987376 2016-12-01] (Spotify Ltd)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [NetBalancer] => C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe [1915256 2016-06-23] (SeriousBit)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-06-22] (Disc Soft Ltd)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [gmSWG] => C:\Program Files\RAVEN Gaming Mouse\gmSWG.exe [892416 2008-11-12] ()
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [gmPoint] => C:\Program Files\RAVEN Gaming Mouse\gmPoint.exe [55808 2008-04-16] ()
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [NetLimiter] => D:\Games\Netlimit\nlclientapp.exe [56368 2016-09-05] (Locktime Software)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [MyComGames] => C:\Users\Bezrayer\AppData\Local\MyComGames\MyComGames.exe [4974992 2016-11-15] (MY.COM B.V.)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [3970112 2016-12-01] (GOG.com)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\RunOnce: [Uninstall C:\Users\Bezrayer\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Bezrayer\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37376 2016-07-16] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-27] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Bezrayer\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-15] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Bezrayer\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-15] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Bezrayer\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-15] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Bezrayer\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-15] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Bezrayer\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-15] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Bezrayer\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-15] ()
Startup: C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-09-23] ()
Startup: C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-11-10]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Bezrayer\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2016-10-30]
ShortcutTarget: Telegram.lnk -> C:\Users\Bezrayer\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram Messenger LLP)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0e26a90a-bf36-4945-be7f-e4fedf27d807}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{23b4749e-67cd-4317-a5c5-f580c6f40dfa}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{2b9c873e-45a2-4d3b-a30c-34cfb0aac029}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4cc48c93-40a5-487d-8eb1-961602931a03}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3025460961-235328027-311272571-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-10-11] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-09-27] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2016-07-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-18] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2016-09-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-18] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: hgsmjkuf.default
FF ProfilePath: C:\Users\Bezrayer\AppData\Roaming\Mozilla\Firefox\Profiles\hgsmjkuf.default [2016-12-06]
FF NewTab: Mozilla\Firefox\Profiles\hgsmjkuf.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\hgsmjkuf.default -> about:home
FF Extension: (Twitch Now) - C:\Users\Bezrayer\AppData\Roaming\Mozilla\Firefox\Profiles\hgsmjkuf.default\Extensions\jid1-jwVSihNsgAw5jA@jetpack.xpi [2016-12-06]
FF Extension: (uBlock Origin) - C:\Users\Bezrayer\AppData\Roaming\Mozilla\Firefox\Profiles\hgsmjkuf.default\Extensions\uBlock0@raymondhill.net.xpi [2016-12-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-10-04] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-11] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2015-10-04] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3025460961-235328027-311272571-1001: @my.com/Games -> C:\Users\Bezrayer\AppData\Local\MyComGames\NPMyComDetector.dll [2016-11-15] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-3025460961-235328027-311272571-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-02-19] ()
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Bezrayer\AppData\Local\Google\Chrome\User Data\Default [2016-12-07]
CHR Extension: (Prezentace Google) - C:\Users\Bezrayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-07]
CHR Extension: (Dokumenty Google) - C:\Users\Bezrayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-07]
CHR Extension: (Disk Google) - C:\Users\Bezrayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-07]
CHR Extension: (YouTube) - C:\Users\Bezrayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-07]
CHR Extension: (Tabulky Google) - C:\Users\Bezrayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Bezrayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Bezrayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-07]
CHR Extension: (Gmail) - C:\Users\Bezrayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-07]
CHR Extension: (Chrome Media Router) - C:\Users\Bezrayer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-07]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-09-19] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3040496 2016-10-04] (Microsoft Corporation)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-11-07] (Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd)
R2 DUMeterSvc; C:\Program Files (x86)\DU Meter\DUMeterSvc.exe [5833584 2016-07-06] (Hagel Technologies Ltd.) [File not signed]
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [284224 2016-12-01] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-11-17] (GOG.com)
U2 HiPatchService; F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-10-10] (Hi-Rez Studios) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NetBalancerService; C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [179064 2016-06-23] (SeriousBit)
R2 NitroDriverReadSpool11; C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe [327360 2016-10-25] (Nitro Software, Inc.)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe [413888 2016-10-25] ()
R2 nlsvc; D:\Games\Netlimit\NLSvc.exe [323632 2016-09-05] (Locktime Software)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3806032 2015-10-13] (INCA Internet Co., Ltd.)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37504 2016-11-03] (The OpenVPN Project)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2142728 2016-10-26] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2209296 2016-10-26] (Electronic Arts)
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [133376 2016-09-28] (Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [23240 2016-02-26] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [60104 2014-09-19] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102400 2016-02-26] (Advanced Micro Devices)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-07-17] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-07-17] (Disc Soft Ltd)
R3 DUMeterDrv; C:\Program Files (x86)\DU Meter\DUMETR64.SYS [22976 2016-07-06] (Hagel Technologies Ltd.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-12-07] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S3 MOSUMAC; C:\WINDOWS\System32\drivers\MOSUMAC.sys [57208 2014-04-02] (ASIX Electronics Corp.)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R1 nbdrv; C:\WINDOWS\system32\DRIVERS\nbdrv.sys [41392 2013-11-25] (SeriousBit)
S3 NdisImPlatformMp; C:\WINDOWS\System32\drivers\NdisImPlatform.sys [126464 2016-07-16] (Microsoft Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 nldrv; D:\Games\Netlimit\nldrv.sys [140256 2016-09-05] (Locktime Software)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-10-10] (Realtek )
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
R3 RtlWlanu_OldIC; C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [3814400 2016-07-16] (Realtek Semiconductor Corporation )
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 Andbus; \SystemRoot\System32\drivers\lgandbus64.sys [X]
S3 AndDiag; \SystemRoot\system32\DRIVERS\lganddiag64.sys [X]
S3 AndGps; \SystemRoot\system32\DRIVERS\lgandgps64.sys [X]
S3 ANDModem; \SystemRoot\system32\DRIVERS\lgandmodem64.sys [X]
S3 androidusb; \SystemRoot\System32\Drivers\lgandadb.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-07 09:22 - 2016-12-07 09:23 - 00020682 _____ C:\Users\Bezrayer\Downloads\FRST.txt
2016-12-07 09:22 - 2016-12-07 09:22 - 00000000 ____D C:\FRST
2016-12-07 09:17 - 2016-12-07 09:17 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\CrashDumps
2016-12-07 09:11 - 2016-12-06 22:42 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-12-06 23:56 - 2016-12-06 23:56 - 02419712 _____ (Farbar) C:\Users\Bezrayer\Downloads\FRST64.exe
2016-12-06 22:42 - 2016-12-07 09:09 - 00000000 ____D C:\zoek_backup
2016-12-06 22:41 - 2016-12-06 22:41 - 00010786 _____ C:\Users\Bezrayer\Desktop\ROGUE.txt
2016-12-06 22:40 - 2016-12-06 22:40 - 01309184 _____ C:\Users\Bezrayer\Desktop\zoek.exe
2016-12-06 18:29 - 2016-12-06 18:29 - 00001291 _____ C:\Users\Bezrayer\Desktop\Google Chrome.lnk
2016-12-06 18:13 - 2016-12-06 22:42 - 00000000 ____D C:\ProgramData\RogueKiller
2016-12-06 18:13 - 2016-12-06 18:13 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-12-06 17:51 - 2016-12-06 17:51 - 00001390 _____ C:\Users\Bezrayer\Desktop\JRT.txt
2016-12-06 17:36 - 2016-12-06 17:39 - 25550920 _____ C:\Users\Bezrayer\Desktop\RogueKillerX64.exe
2016-12-06 17:36 - 2016-12-06 17:37 - 01631928 _____ (Malwarebytes) C:\Users\Bezrayer\Desktop\JRT.exe
2016-12-06 10:11 - 2016-12-07 09:17 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-12-06 10:11 - 2016-12-06 10:11 - 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-12-06 10:11 - 2016-12-06 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-12-06 10:11 - 2016-12-06 10:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-06 10:11 - 2016-12-06 10:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-12-06 10:11 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-12-06 10:11 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-12-06 10:11 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-12-06 10:06 - 2016-12-06 17:42 - 00000000 ____D C:\AdwCleaner
2016-12-06 09:56 - 2016-12-06 09:58 - 22851472 _____ (Malwarebytes ) C:\Users\Bezrayer\Desktop\mbam-setup-2.2.1.1043.exe
2016-12-06 09:56 - 2016-12-06 09:56 - 03968464 _____ C:\Users\Bezrayer\Desktop\AdwCleaner.exe
2016-12-06 09:55 - 2016-12-06 09:55 - 00448512 _____ (OldTimer Tools) C:\Users\Bezrayer\Desktop\TFC.exe
2016-12-05 23:56 - 2016-12-05 23:56 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\Macromedia
2016-12-05 23:55 - 2016-12-06 22:13 - 00000000 ____D C:\Users\Bezrayer\AppData\LocalLow\Mozilla
2016-12-05 23:55 - 2016-12-06 00:01 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\Mozilla
2016-12-05 23:55 - 2016-12-05 23:55 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Mozilla
2016-12-05 23:54 - 2016-12-05 23:54 - 00001216 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-12-05 23:54 - 2016-12-05 23:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-05 23:54 - 2016-12-05 23:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-05 23:49 - 2016-12-05 23:49 - 00243624 _____ C:\Users\Bezrayer\Desktop\Firefox Setup Stub 50.0.2.exe
2016-12-05 23:31 - 2016-12-05 23:31 - 00388608 _____ (Trend Micro Inc.) C:\Users\Bezrayer\Desktop\HijackThis.exe
2016-12-02 14:38 - 2016-12-02 14:38 - 01030500 _____ C:\Users\Bezrayer\Desktop\adq1N2Q_460sv.mp4
2016-12-01 23:33 - 2016-12-01 23:33 - 00012232 _____ C:\Users\Bezrayer\Desktop\6F231138F33593075FDE464F61476AC046276DB6.torrent
2016-11-30 22:18 - 2016-11-30 22:18 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\TMPlayer
2016-11-30 22:18 - 2016-11-30 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TMPlayer
2016-11-30 22:18 - 2016-11-30 22:18 - 00000000 ____D C:\Program Files (x86)\TMPlayer
2016-11-30 21:42 - 2016-11-30 21:42 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\orion
2016-11-30 21:42 - 2016-11-30 21:42 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\orion
2016-11-30 21:41 - 2016-11-30 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orion
2016-11-30 21:41 - 2016-11-30 21:41 - 00000000 ____D C:\Program Files (x86)\Orion
2016-11-30 21:30 - 2016-12-01 16:47 - 00000000 ____D C:\Users\Bezrayer\Desktop\PoESkillTree
2016-11-27 22:14 - 2016-11-27 22:14 - 00000773 _____ C:\Users\Public\Desktop\Banished.lnk
2016-11-27 22:14 - 2016-11-27 22:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Banished [GOG.com]
2016-11-27 22:13 - 2016-11-27 22:13 - 00000000 ____D C:\Users\Bezrayer\Documents\Banished
2016-11-27 22:13 - 2016-05-23 10:17 - 00000000 ____D C:\Users\Bezrayer\Desktop\IGG-Banished.v1.0.6.GOG
2016-11-27 00:40 - 2016-11-24 22:58 - 17307379 _____ C:\Users\Bezrayer\Desktop\KATHY-RAIN-APK.apk
2016-11-27 00:40 - 2016-11-23 13:15 - 00000000 ____D C:\Users\Bezrayer\Desktop\com.rawfury.kathy
2016-11-27 00:11 - 2016-11-27 00:11 - 00009728 _____ C:\Users\Bezrayer\Desktop\vyhledávání.xls
2016-11-26 19:38 - 2016-11-26 19:38 - 00001255 _____ C:\Users\Bezrayer\Desktop\AIDA64 Engineer.lnk
2016-11-26 19:38 - 2016-11-26 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2016-11-26 19:38 - 2016-11-26 19:38 - 00000000 ____D C:\Program Files (x86)\FinalWire
2016-11-26 18:35 - 2010-12-10 16:34 - 01461066 _____ C:\Users\Bezrayer\Desktop\AMD_Radeon_HD_6950_6970_ENU.pdf
2016-11-25 23:56 - 2016-12-01 10:14 - 00000044 _____ C:\Users\Bezrayer\Documents\saaassseeee dh.txt
2016-11-24 21:21 - 2016-11-24 21:21 - 00001848 _____ C:\Users\Bezrayer\Desktop\powerpnt – zástupce.lnk
2016-11-24 21:21 - 2016-11-24 21:21 - 00001837 _____ C:\Users\Bezrayer\Desktop\winword – zástupce.lnk
2016-11-24 21:04 - 2016-11-24 21:04 - 00004581 _____ C:\Users\Bezrayer\Desktop\excel – zástupce.lnk
2016-11-24 20:59 - 2016-11-24 20:59 - 00012792 _____ C:\Users\Bezrayer\Desktop\test_dalakari8_1_2016.xlsx
2016-11-24 00:12 - 2016-11-24 00:12 - 01770315 _____ C:\Users\Bezrayer\Desktop\CNPS8000B_ENG_130401_0.pdf
2016-11-23 20:26 - 2016-11-23 20:26 - 00000000 ____D C:\Users\Bezrayer\AppData\LocalLow\Nitro
2016-11-23 20:17 - 2016-11-23 20:26 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Nitro
2016-11-23 20:16 - 2016-11-23 20:16 - 00002012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro.lnk
2016-11-23 20:16 - 2016-11-23 20:16 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Downloaded Installations
2016-11-23 20:16 - 2016-11-23 20:16 - 00000000 ____D C:\ProgramData\Nitro
2016-11-23 20:16 - 2016-11-23 20:16 - 00000000 ____D C:\Program Files\Nitro
2016-11-23 20:16 - 2016-11-23 20:16 - 00000000 ____D C:\Program Files\Common Files\Nitro
2016-11-23 20:16 - 2016-11-23 20:16 - 00000000 ____D C:\Program Files (x86)\Nitro
2016-11-23 20:16 - 2016-10-25 05:17 - 00031936 _____ (Nitro Software, Inc.) C:\WINDOWS\system32\nitrolocalmon11.dll
2016-11-23 20:16 - 2016-10-25 05:17 - 00020160 _____ (Nitro Software, Inc.) C:\WINDOWS\system32\nitrolocalui11.dll
2016-11-23 19:48 - 2016-11-24 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-11-23 19:34 - 2016-11-23 19:34 - 00000000 ____D C:\Users\Bezrayer\AppData\LocalLow\Adobe
2016-11-23 19:31 - 2016-11-23 20:06 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-11-23 19:30 - 2016-11-23 20:06 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-23 19:30 - 2016-11-23 19:30 - 00002124 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-11-23 19:18 - 2016-11-23 19:20 - 30300790 _____ C:\Users\Bezrayer\Desktop\anglictina-pro-samouky-a-vecne-zacatecniky-cd-mp3-e-kniha.pdf
2016-11-23 00:31 - 2016-11-23 00:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2016-11-23 00:30 - 2016-11-23 00:30 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\PlaysTV
2016-11-23 00:28 - 2016-11-23 00:28 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\library_dir
2016-11-23 00:26 - 2016-11-23 00:28 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Raptr
2016-11-23 00:04 - 2016-11-23 00:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-11-22 20:35 - 2016-11-22 20:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2016-11-22 20:35 - 2016-11-22 20:36 - 00000000 ____D C:\Program Files\TAP-Windows
2016-11-22 20:35 - 2016-11-22 20:36 - 00000000 ____D C:\Program Files\OpenVPN
2016-11-22 20:35 - 2016-11-22 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2016-11-22 18:56 - 2016-11-22 18:56 - 00001769 _____ C:\WINDOWS\Language_trs.ini
2016-11-22 18:56 - 2016-11-22 18:56 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-11-22 09:56 - 2016-11-22 09:56 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\GalaxyCommunicationService
2016-11-22 09:55 - 2016-11-22 09:55 - 00000000 ____D C:\Users\Bezrayer\AppData\LocalLow\CDProjektRED
2016-11-22 09:55 - 2016-11-22 09:55 - 00000000 ____D C:\ProgramData\CDProjekt RED
2016-11-22 08:27 - 2016-12-01 12:56 - 00000000 ____D C:\Program Files (x86)\GOG Galaxy
2016-11-22 08:27 - 2016-11-22 08:27 - 00000000 ____D C:\ProgramData\GOG.com
2016-11-20 20:57 - 2016-11-20 20:57 - 00001699 _____ C:\Users\Public\Desktop\Path of Diablo Launcher.lnk
2016-11-20 20:57 - 2016-11-20 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Path of Diablo Launcher
2016-11-20 20:52 - 2016-11-20 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
2016-11-20 14:56 - 2016-11-18 13:31 - 00000000 ____D C:\Users\Bezrayer\Desktop\Orwell.Episode.1-5
2016-11-19 00:09 - 2016-11-19 00:10 - 00000000 ____D C:\Users\Bezrayer\Downloads\Hra o trůny
2016-11-18 13:50 - 2016-11-18 13:50 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\2K Games
2016-11-18 09:38 - 2016-11-18 09:38 - 00000000 ____D C:\Users\Bezrayer\Documents\NeocoreGames
2016-11-17 22:40 - 2016-11-17 22:40 - 00086528 _____ C:\WINDOWS\bnetunin.exe
2016-11-17 22:40 - 2016-11-17 22:40 - 00061440 _____ C:\WINDOWS\diabunin.exe
2016-11-17 22:40 - 2016-11-17 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo
2016-11-17 16:55 - 2016-11-17 16:55 - 00000000 ____D C:\Users\Bezrayer\Documents\PassMark
2016-11-17 16:55 - 2016-11-17 16:55 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\PassMark
2016-11-17 16:55 - 2016-11-17 16:55 - 00000000 ____D C:\ProgramData\Passmark
2016-11-17 16:55 - 2016-11-17 16:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest
2016-11-17 16:54 - 2016-11-17 16:55 - 00000000 ____D C:\Program Files\PerformanceTest
2016-11-17 10:18 - 2016-11-17 10:18 - 00001155 _____ C:\Users\Bezrayer\Desktop\MSI Afterburner.lnk
2016-11-17 10:18 - 2016-11-17 10:18 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2016-11-17 10:18 - 2016-11-17 10:18 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2016-11-17 10:18 - 2016-11-17 10:18 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2016-11-17 10:17 - 2016-11-27 21:09 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2016-11-16 08:55 - 2016-11-16 08:55 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com
2016-11-15 20:36 - 2016-11-15 20:36 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\edu.media.mit.Scratch2Editor
2016-11-15 20:05 - 2016-11-15 20:05 - 00000962 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scratch 2.lnk
2016-11-15 17:40 - 2016-11-15 17:40 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2016-11-15 17:39 - 2016-11-23 00:14 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\MyComGames
2016-11-12 09:11 - 2016-11-12 09:11 - 00000000 ____D C:\Users\Bezrayer\Documents\Warm Lamp Games
2016-11-10 23:33 - 2016-11-10 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-11-10 22:36 - 2016-11-15 11:08 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\MEGAsync
2016-11-10 22:36 - 2016-11-10 22:36 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2016-11-10 22:36 - 2016-11-10 22:36 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\Mega Limited
2016-11-10 18:42 - 2016-11-10 18:42 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2016-11-10 18:42 - 2016-11-10 18:42 - 00000000 ____D C:\Program Files (x86)\GPU-Z
2016-11-09 17:31 - 2016-11-02 12:22 - 01570672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-11-09 17:31 - 2016-11-02 12:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-11-09 17:31 - 2016-11-02 12:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-09 17:31 - 2016-11-02 12:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-09 17:31 - 2016-11-02 12:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-11-09 17:31 - 2016-11-02 12:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-11-09 17:31 - 2016-11-02 12:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-11-09 17:31 - 2016-11-02 12:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-09 17:31 - 2016-11-02 12:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-11-09 17:31 - 2016-11-02 12:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-09 17:31 - 2016-11-02 12:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2016-11-09 17:31 - 2016-11-02 12:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-11-09 17:31 - 2016-11-02 12:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-09 17:31 - 2016-11-02 12:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-09 17:31 - 2016-11-02 11:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-11-09 17:31 - 2016-11-02 11:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-11-09 17:31 - 2016-11-02 11:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2016-11-09 17:31 - 2016-11-02 11:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-09 17:31 - 2016-11-02 11:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-09 17:31 - 2016-11-02 11:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-09 17:31 - 2016-11-02 11:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-09 17:31 - 2016-11-02 11:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-09 17:31 - 2016-11-02 11:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-11-09 17:31 - 2016-11-02 11:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-11-09 17:31 - 2016-11-02 11:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2016-11-09 17:31 - 2016-11-02 11:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2016-11-09 17:31 - 2016-11-02 11:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-11-09 17:31 - 2016-11-02 11:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-09 17:31 - 2016-11-02 11:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-11-09 17:31 - 2016-11-02 11:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-09 17:31 - 2016-11-02 11:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-09 17:31 - 2016-11-02 11:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-11-09 17:31 - 2016-11-02 11:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-11-09 17:31 - 2016-11-02 11:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-11-09 17:31 - 2016-11-02 11:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-11-09 17:31 - 2016-11-02 11:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-11-09 17:31 - 2016-11-02 11:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-11-09 17:31 - 2016-11-02 11:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2016-11-09 17:31 - 2016-11-02 11:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-11-09 17:31 - 2016-11-02 11:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-09 17:31 - 2016-11-02 11:39 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-11-09 17:31 - 2016-11-02 11:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-09 17:31 - 2016-11-02 11:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-09 17:31 - 2016-11-02 11:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-11-09 17:31 - 2016-11-02 11:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-09 17:31 - 2016-11-02 11:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-11-09 17:31 - 2016-11-02 11:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-11-09 17:31 - 2016-11-02 11:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-09 17:31 - 2016-11-02 11:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-09 17:31 - 2016-11-02 11:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-11-09 17:31 - 2016-11-02 11:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-09 17:31 - 2016-11-02 11:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-09 17:31 - 2016-11-02 11:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-09 17:31 - 2016-11-02 11:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-09 17:31 - 2016-11-02 11:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-09 17:31 - 2016-11-02 11:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-09 17:31 - 2016-11-02 11:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-11-09 17:31 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-09 17:31 - 2016-11-02 11:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-09 17:31 - 2016-11-02 11:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-09 17:31 - 2016-11-02 11:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-09 17:31 - 2016-11-02 11:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-09 17:31 - 2016-11-02 11:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-11-09 17:31 - 2016-11-02 11:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-09 17:31 - 2016-11-02 11:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-09 17:31 - 2016-11-02 11:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-09 17:31 - 2016-11-02 11:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-11-09 17:31 - 2016-11-02 11:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-09 17:31 - 2016-11-02 11:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-09 17:31 - 2016-11-02 11:26 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-11-09 17:31 - 2016-11-02 11:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-11-09 17:31 - 2016-11-02 11:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-09 17:31 - 2016-11-02 11:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-09 17:31 - 2016-11-02 11:25 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-11-09 17:31 - 2016-11-02 11:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-09 17:31 - 2016-11-02 11:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-09 17:31 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-11-09 17:30 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-11-09 17:30 - 2016-11-02 13:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-09 17:30 - 2016-11-02 12:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-11-09 17:30 - 2016-11-02 12:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-11-09 17:30 - 2016-11-02 12:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-11-09 17:30 - 2016-11-02 12:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-09 17:30 - 2016-11-02 12:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-11-09 17:30 - 2016-11-02 12:01 - 01415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-11-09 17:30 - 2016-11-02 12:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-09 17:30 - 2016-11-02 11:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-09 17:30 - 2016-11-02 11:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-11-09 17:30 - 2016-11-02 11:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-11-09 17:30 - 2016-11-02 11:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-11-09 17:30 - 2016-11-02 11:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-11-09 17:30 - 2016-11-02 11:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 17:30 - 2016-11-02 11:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 17:30 - 2016-11-02 11:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-11-09 17:30 - 2016-11-02 11:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
2016-11-09 17:30 - 2016-11-02 11:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-11-09 17:30 - 2016-11-02 11:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2016-11-09 17:30 - 2016-11-02 11:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-09 17:30 - 2016-11-02 11:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-09 17:30 - 2016-11-02 11:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-11-09 17:30 - 2016-11-02 11:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-11-09 17:30 - 2016-11-02 11:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-09 17:30 - 2016-11-02 10:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-11-09 17:30 - 2016-11-02 10:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
Asus M5A78L-M LX V2
AMD Athlon II X4 640
8GB DDR3 1333MHz
MSI Radeon HD5670 Cyclone 1G
Windows 10 Pro 64-bit
AMD Athlon II X4 640
8GB DDR3 1333MHz
MSI Radeon HD5670 Cyclone 1G
Windows 10 Pro 64-bit
Re: Preventivní kontrola
2016-11-09 17:25 - 2016-11-02 12:00 - 08156080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-09 17:25 - 2016-11-02 11:23 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-09 17:24 - 2016-11-02 12:14 - 07816544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-09 17:24 - 2016-11-02 12:13 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-09 17:24 - 2016-11-02 12:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-09 17:24 - 2016-11-02 12:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-11-09 17:24 - 2016-11-02 12:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-09 17:24 - 2016-11-02 12:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-09 17:24 - 2016-11-02 12:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-09 17:24 - 2016-11-02 12:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-09 17:24 - 2016-11-02 12:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-09 17:24 - 2016-11-02 12:00 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-09 17:24 - 2016-11-02 12:00 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-09 17:24 - 2016-11-02 12:00 - 01061968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-09 17:24 - 2016-11-02 11:56 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-09 17:24 - 2016-11-02 11:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-09 17:24 - 2016-11-02 11:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-09 17:24 - 2016-11-02 11:37 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2016-11-09 17:24 - 2016-11-02 11:36 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2016-11-09 17:24 - 2016-11-02 11:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 17:24 - 2016-11-02 11:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-09 17:24 - 2016-11-02 11:33 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-09 17:24 - 2016-11-02 11:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-09 17:24 - 2016-11-02 11:30 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-09 17:24 - 2016-11-02 11:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-09 17:24 - 2016-11-02 11:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-09 17:24 - 2016-11-02 11:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-09 17:24 - 2016-11-02 11:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 17:24 - 2016-11-02 11:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 17:24 - 2016-11-02 11:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-09 17:24 - 2016-11-02 11:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-09 17:24 - 2016-11-02 11:29 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-11-09 17:24 - 2016-11-02 11:28 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-11-09 17:24 - 2016-11-02 11:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-09 17:24 - 2016-11-02 11:28 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-09 17:24 - 2016-11-02 11:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-09 17:24 - 2016-11-02 11:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-09 17:24 - 2016-11-02 11:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-09 17:24 - 2016-11-02 11:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-09 17:24 - 2016-11-02 11:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-11-09 17:24 - 2016-11-02 11:27 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-09 17:24 - 2016-11-02 11:26 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-09 17:24 - 2016-11-02 11:26 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-11-09 17:24 - 2016-11-02 11:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 17:24 - 2016-11-02 11:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-09 17:24 - 2016-11-02 11:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-09 17:24 - 2016-11-02 11:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-09 17:24 - 2016-11-02 11:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 17:24 - 2016-11-02 11:24 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-09 17:24 - 2016-11-02 11:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-09 17:24 - 2016-11-02 11:22 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-09 17:24 - 2016-11-02 11:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-09 17:24 - 2016-11-02 11:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-11-09 17:24 - 2016-11-02 11:19 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-09 17:24 - 2016-11-02 11:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-09 17:24 - 2016-11-02 11:19 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-09 17:24 - 2016-11-02 11:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-09 17:24 - 2016-11-02 11:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-09 17:24 - 2016-11-02 11:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-09 17:24 - 2016-11-02 11:18 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-11-09 17:24 - 2016-11-02 11:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-11-09 17:24 - 2016-11-02 11:17 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-09 17:24 - 2016-11-02 11:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-09 17:24 - 2016-11-02 11:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-09 17:24 - 2016-11-02 11:17 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-09 17:24 - 2016-11-02 11:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-11-09 17:24 - 2016-11-02 11:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-09 17:24 - 2016-11-02 11:16 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-11-09 17:24 - 2016-11-02 11:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-09 17:24 - 2016-11-02 11:16 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-09 17:24 - 2016-11-02 11:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-09 17:24 - 2016-11-02 11:16 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-09 17:24 - 2016-11-02 11:16 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-09 17:24 - 2016-11-02 11:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-09 17:24 - 2016-11-02 11:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-09 17:24 - 2016-11-02 11:15 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-09 17:24 - 2016-11-02 11:15 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-09 17:24 - 2016-11-02 11:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-09 17:24 - 2016-11-02 11:15 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-11-09 17:24 - 2016-11-02 11:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-09 17:24 - 2016-11-02 11:14 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-09 17:24 - 2016-11-02 11:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 17:24 - 2016-11-02 11:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-09 17:24 - 2016-11-02 09:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-09 17:23 - 2016-11-02 12:20 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-11-09 17:23 - 2016-11-02 12:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-09 17:23 - 2016-11-02 12:15 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-09 17:23 - 2016-11-02 12:15 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-09 17:23 - 2016-11-02 12:13 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-09 17:23 - 2016-11-02 12:13 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-09 17:23 - 2016-11-02 12:12 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-09 17:23 - 2016-11-02 12:04 - 02678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-09 17:23 - 2016-11-02 12:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-09 17:23 - 2016-11-02 12:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-11-09 17:23 - 2016-11-02 12:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-11-09 17:23 - 2016-11-02 12:00 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-09 17:23 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-11-09 17:23 - 2016-11-02 11:59 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-09 17:23 - 2016-11-02 11:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-09 17:23 - 2016-11-02 11:56 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-11-09 17:23 - 2016-11-02 11:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-09 17:23 - 2016-11-02 11:38 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-09 17:23 - 2016-11-02 11:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-09 17:23 - 2016-11-02 11:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-11-09 17:23 - 2016-11-02 11:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-09 17:23 - 2016-11-02 11:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-09 17:23 - 2016-11-02 11:31 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-11-09 17:23 - 2016-11-02 11:31 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-09 17:23 - 2016-11-02 11:31 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-09 17:23 - 2016-11-02 11:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-09 17:23 - 2016-11-02 11:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-09 17:23 - 2016-11-02 11:30 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-09 17:23 - 2016-11-02 11:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-09 17:23 - 2016-11-02 11:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-09 17:23 - 2016-11-02 11:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-09 17:23 - 2016-11-02 11:28 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-11-09 17:23 - 2016-11-02 11:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-09 17:23 - 2016-11-02 11:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-09 17:23 - 2016-11-02 11:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-11-09 17:23 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 17:23 - 2016-11-02 11:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 17:23 - 2016-11-02 11:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-09 17:23 - 2016-11-02 11:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-11-09 17:23 - 2016-11-02 11:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-09 17:23 - 2016-11-02 11:27 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-09 17:23 - 2016-11-02 11:27 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-11-09 17:23 - 2016-11-02 11:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-11-09 17:23 - 2016-11-02 11:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-09 17:23 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-09 17:23 - 2016-11-02 11:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-09 17:23 - 2016-11-02 11:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-09 17:23 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-09 17:23 - 2016-11-02 11:21 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-11-09 17:23 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-09 17:23 - 2016-11-02 11:20 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-09 17:23 - 2016-11-02 11:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-09 17:23 - 2016-11-02 11:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-11-09 17:23 - 2016-11-02 11:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-09 17:23 - 2016-11-02 11:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-09 17:23 - 2016-11-02 11:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-09 17:23 - 2016-11-02 11:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-09 17:23 - 2016-11-02 11:16 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-09 17:23 - 2016-11-02 11:16 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-09 17:23 - 2016-11-02 11:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 17:23 - 2016-11-02 11:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-09 17:23 - 2016-11-02 11:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-09 17:23 - 2016-11-02 11:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-09 17:23 - 2016-11-02 11:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-11-09 17:23 - 2016-11-02 11:15 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-09 17:23 - 2016-11-02 11:15 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-09 17:23 - 2016-11-02 11:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-09 17:22 - 2016-11-02 12:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-09 17:22 - 2016-11-02 11:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-09 17:22 - 2016-11-02 11:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-09 15:02 - 2016-11-09 15:02 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\League client alpha
2016-11-09 14:43 - 2016-11-09 14:47 - 115212152 _____ (Riot Games, Inc) C:\Users\Bezrayer\Desktop\League client alpha installer EUNE.exe
2016-11-09 09:25 - 2016-11-09 09:30 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Transport Fever
2016-11-09 08:52 - 2016-11-09 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transport Fever [GOG.com]
2016-11-08 23:39 - 2016-11-08 23:39 - 00000000 ____D C:\Users\Bezrayer\Documents\MumboJumbo
2016-11-08 23:39 - 2016-11-08 23:39 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\MumboJumbo
2016-11-07 23:49 - 2016-11-07 23:49 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-11-07 23:49 - 2016-11-07 23:49 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-11-07 23:49 - 2016-11-07 23:49 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-11-07 23:49 - 2016-11-07 23:49 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2016-11-07 00:00 - 2016-11-07 00:01 - 00000000 ____D C:\Users\Bezrayer\Downloads\Rupture.2016.HDRip.XViD-ETRG
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-07 09:17 - 2015-06-06 06:37 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Telegram Desktop
2016-12-07 09:15 - 2016-09-02 02:13 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-07 09:15 - 2015-08-06 02:32 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-12-07 09:14 - 2016-09-02 01:55 - 00000000 ____D C:\Users\Bezrayer
2016-12-07 09:14 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-12-06 23:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-12-06 23:03 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-12-06 22:35 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-06 22:35 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-06 21:55 - 2016-09-02 01:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-06 21:33 - 2015-06-06 07:00 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\vlc
2016-12-06 18:55 - 2015-06-06 06:37 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\uTorrent
2016-12-06 18:05 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-06 18:04 - 2016-01-18 17:05 - 00000000 ____D C:\Program Files (x86)\DU Meter
2016-12-06 18:04 - 2015-07-14 18:34 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\FlvtoConverter
2016-12-05 23:32 - 2015-06-06 05:37 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\VirtualStore
2016-12-01 21:47 - 2015-06-14 17:06 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-12-01 21:46 - 2015-06-14 17:06 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\Battle.net
2016-12-01 13:26 - 2015-06-17 13:08 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\Spotify
2016-12-01 13:26 - 2015-06-17 13:05 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Spotify
2016-11-30 20:21 - 2015-06-06 06:17 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2016-11-30 14:42 - 2016-09-02 01:46 - 00423960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-27 23:50 - 2016-09-07 15:10 - 00238079 ____H C:\Users\Bezrayer\AppData\Local\IconCache.db.backup
2016-11-27 00:11 - 2015-06-06 05:36 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\Packages
2016-11-26 19:38 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-24 22:05 - 2015-11-27 18:04 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\SpinTires
2016-11-24 20:58 - 2016-09-07 15:16 - 00000000 ____D C:\Users\Bezrayer\Desktop\HRY
2016-11-23 20:25 - 2015-01-27 21:12 - 00000000 ____D C:\Users\Bezrayer\Desktop\Prac
2016-11-23 19:54 - 2015-01-26 11:59 - 00000000 ____D C:\Users\Bezrayer\Desktop\tox
2016-11-23 19:39 - 2015-10-04 16:49 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-11-23 19:35 - 2015-07-10 12:53 - 00000000 ____D C:\ProgramData\Adobe
2016-11-23 19:34 - 2015-07-10 12:53 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\Adobe
2016-11-23 19:34 - 2015-06-06 13:53 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\ElevatedDiagnostics
2016-11-23 19:34 - 2015-06-06 05:37 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Adobe
2016-11-23 19:29 - 2015-07-10 12:53 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-11-23 00:01 - 2015-01-20 16:42 - 00000000 ____D C:\AMD
2016-11-22 19:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-11-22 18:57 - 2015-06-06 12:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-22 09:55 - 2016-10-29 11:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-11-20 20:53 - 2016-07-17 08:35 - 00031121 _____ C:\WINDOWS\DIIUnin.dat
2016-11-20 15:10 - 2016-04-05 15:19 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\SmartSteamEmu
2016-11-20 15:10 - 2015-01-20 21:00 - 00000000 ____D C:\Users\Bezrayer\Documents\My Games
2016-11-19 21:45 - 2016-03-24 08:05 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\AIMP
2016-11-18 06:45 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-17 10:19 - 2016-09-16 07:36 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-11-15 10:59 - 2015-07-14 18:22 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-11-14 22:09 - 2015-06-06 06:15 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-11 10:17 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-11 08:13 - 2016-07-21 06:38 - 00000000 ____D C:\Users\Bezrayer\AppData\LocalLow\Obsidian Entertainment
2016-11-11 01:00 - 2016-09-02 02:13 - 00003900 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-11-11 01:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-11-11 01:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-11-10 23:33 - 2015-09-27 09:46 - 00000000 ____D C:\Program Files\VS Revo Group
2016-11-09 20:29 - 2015-05-13 21:57 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-09 20:24 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-09 20:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-09 20:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-09 20:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-09 20:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-09 20:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-09 17:50 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-09 17:45 - 2015-06-06 14:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-09 17:39 - 2015-06-06 14:31 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-08 13:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-11-08 13:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-11-08 13:33 - 2016-07-16 12:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
==================== Files in the root of some directories =======
2016-08-18 16:40 - 2016-08-18 16:41 - 0000098 _____ () C:\Users\Bezrayer\AppData\Roaming\nuvotonISP.lua
2016-03-09 14:39 - 2016-03-14 14:29 - 0007606 _____ () C:\Users\Bezrayer\AppData\Local\resmon.resmoncfg
2016-09-02 01:50 - 2016-09-02 01:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-12-06 21:56
==================== End of FRST.txt ============================
2016-11-09 17:25 - 2016-11-02 11:23 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-09 17:24 - 2016-11-02 12:14 - 07816544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-09 17:24 - 2016-11-02 12:13 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-09 17:24 - 2016-11-02 12:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-09 17:24 - 2016-11-02 12:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-11-09 17:24 - 2016-11-02 12:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-09 17:24 - 2016-11-02 12:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-09 17:24 - 2016-11-02 12:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-09 17:24 - 2016-11-02 12:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-09 17:24 - 2016-11-02 12:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-09 17:24 - 2016-11-02 12:00 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-09 17:24 - 2016-11-02 12:00 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-09 17:24 - 2016-11-02 12:00 - 01061968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-09 17:24 - 2016-11-02 11:56 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-09 17:24 - 2016-11-02 11:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-09 17:24 - 2016-11-02 11:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-09 17:24 - 2016-11-02 11:37 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2016-11-09 17:24 - 2016-11-02 11:36 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2016-11-09 17:24 - 2016-11-02 11:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 17:24 - 2016-11-02 11:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-09 17:24 - 2016-11-02 11:33 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-09 17:24 - 2016-11-02 11:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-09 17:24 - 2016-11-02 11:30 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-09 17:24 - 2016-11-02 11:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-09 17:24 - 2016-11-02 11:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-09 17:24 - 2016-11-02 11:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-09 17:24 - 2016-11-02 11:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 17:24 - 2016-11-02 11:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 17:24 - 2016-11-02 11:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-09 17:24 - 2016-11-02 11:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-09 17:24 - 2016-11-02 11:29 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-11-09 17:24 - 2016-11-02 11:28 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-11-09 17:24 - 2016-11-02 11:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-09 17:24 - 2016-11-02 11:28 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-09 17:24 - 2016-11-02 11:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-09 17:24 - 2016-11-02 11:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-09 17:24 - 2016-11-02 11:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-09 17:24 - 2016-11-02 11:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-09 17:24 - 2016-11-02 11:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-11-09 17:24 - 2016-11-02 11:27 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-09 17:24 - 2016-11-02 11:26 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-09 17:24 - 2016-11-02 11:26 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-11-09 17:24 - 2016-11-02 11:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 17:24 - 2016-11-02 11:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-09 17:24 - 2016-11-02 11:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-09 17:24 - 2016-11-02 11:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-09 17:24 - 2016-11-02 11:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 17:24 - 2016-11-02 11:24 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-09 17:24 - 2016-11-02 11:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-09 17:24 - 2016-11-02 11:22 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-09 17:24 - 2016-11-02 11:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-09 17:24 - 2016-11-02 11:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-11-09 17:24 - 2016-11-02 11:19 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-09 17:24 - 2016-11-02 11:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-09 17:24 - 2016-11-02 11:19 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-09 17:24 - 2016-11-02 11:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-09 17:24 - 2016-11-02 11:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-09 17:24 - 2016-11-02 11:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-09 17:24 - 2016-11-02 11:18 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-11-09 17:24 - 2016-11-02 11:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-11-09 17:24 - 2016-11-02 11:17 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-09 17:24 - 2016-11-02 11:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-09 17:24 - 2016-11-02 11:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-09 17:24 - 2016-11-02 11:17 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-09 17:24 - 2016-11-02 11:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-11-09 17:24 - 2016-11-02 11:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-09 17:24 - 2016-11-02 11:16 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-11-09 17:24 - 2016-11-02 11:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-09 17:24 - 2016-11-02 11:16 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-09 17:24 - 2016-11-02 11:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-09 17:24 - 2016-11-02 11:16 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-09 17:24 - 2016-11-02 11:16 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-09 17:24 - 2016-11-02 11:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-09 17:24 - 2016-11-02 11:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-09 17:24 - 2016-11-02 11:15 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-09 17:24 - 2016-11-02 11:15 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-09 17:24 - 2016-11-02 11:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-09 17:24 - 2016-11-02 11:15 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-11-09 17:24 - 2016-11-02 11:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-09 17:24 - 2016-11-02 11:14 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-09 17:24 - 2016-11-02 11:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 17:24 - 2016-11-02 11:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-09 17:24 - 2016-11-02 09:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-09 17:23 - 2016-11-02 12:20 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-11-09 17:23 - 2016-11-02 12:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-09 17:23 - 2016-11-02 12:15 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-09 17:23 - 2016-11-02 12:15 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-09 17:23 - 2016-11-02 12:13 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-09 17:23 - 2016-11-02 12:13 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-09 17:23 - 2016-11-02 12:12 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-09 17:23 - 2016-11-02 12:04 - 02678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-09 17:23 - 2016-11-02 12:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-09 17:23 - 2016-11-02 12:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-11-09 17:23 - 2016-11-02 12:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-11-09 17:23 - 2016-11-02 12:00 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-09 17:23 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-11-09 17:23 - 2016-11-02 11:59 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-09 17:23 - 2016-11-02 11:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-09 17:23 - 2016-11-02 11:56 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-11-09 17:23 - 2016-11-02 11:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-09 17:23 - 2016-11-02 11:38 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-09 17:23 - 2016-11-02 11:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-09 17:23 - 2016-11-02 11:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-11-09 17:23 - 2016-11-02 11:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-09 17:23 - 2016-11-02 11:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-09 17:23 - 2016-11-02 11:31 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-11-09 17:23 - 2016-11-02 11:31 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-09 17:23 - 2016-11-02 11:31 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-09 17:23 - 2016-11-02 11:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-09 17:23 - 2016-11-02 11:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-09 17:23 - 2016-11-02 11:30 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-09 17:23 - 2016-11-02 11:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-09 17:23 - 2016-11-02 11:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-09 17:23 - 2016-11-02 11:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-09 17:23 - 2016-11-02 11:28 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-11-09 17:23 - 2016-11-02 11:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-09 17:23 - 2016-11-02 11:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-09 17:23 - 2016-11-02 11:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-11-09 17:23 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 17:23 - 2016-11-02 11:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 17:23 - 2016-11-02 11:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-09 17:23 - 2016-11-02 11:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-11-09 17:23 - 2016-11-02 11:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-09 17:23 - 2016-11-02 11:27 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-09 17:23 - 2016-11-02 11:27 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-11-09 17:23 - 2016-11-02 11:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-11-09 17:23 - 2016-11-02 11:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-09 17:23 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-09 17:23 - 2016-11-02 11:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-09 17:23 - 2016-11-02 11:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-09 17:23 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-09 17:23 - 2016-11-02 11:21 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-11-09 17:23 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-09 17:23 - 2016-11-02 11:20 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-09 17:23 - 2016-11-02 11:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-09 17:23 - 2016-11-02 11:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-11-09 17:23 - 2016-11-02 11:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-09 17:23 - 2016-11-02 11:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-09 17:23 - 2016-11-02 11:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-09 17:23 - 2016-11-02 11:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-09 17:23 - 2016-11-02 11:16 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-09 17:23 - 2016-11-02 11:16 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-09 17:23 - 2016-11-02 11:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 17:23 - 2016-11-02 11:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-09 17:23 - 2016-11-02 11:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-09 17:23 - 2016-11-02 11:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-09 17:23 - 2016-11-02 11:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-11-09 17:23 - 2016-11-02 11:15 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-09 17:23 - 2016-11-02 11:15 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-09 17:23 - 2016-11-02 11:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-09 17:22 - 2016-11-02 12:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-09 17:22 - 2016-11-02 11:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-09 17:22 - 2016-11-02 11:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-09 15:02 - 2016-11-09 15:02 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\League client alpha
2016-11-09 14:43 - 2016-11-09 14:47 - 115212152 _____ (Riot Games, Inc) C:\Users\Bezrayer\Desktop\League client alpha installer EUNE.exe
2016-11-09 09:25 - 2016-11-09 09:30 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Transport Fever
2016-11-09 08:52 - 2016-11-09 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transport Fever [GOG.com]
2016-11-08 23:39 - 2016-11-08 23:39 - 00000000 ____D C:\Users\Bezrayer\Documents\MumboJumbo
2016-11-08 23:39 - 2016-11-08 23:39 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\MumboJumbo
2016-11-07 23:49 - 2016-11-07 23:49 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-11-07 23:49 - 2016-11-07 23:49 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-11-07 23:49 - 2016-11-07 23:49 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-11-07 23:49 - 2016-11-07 23:49 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2016-11-07 00:00 - 2016-11-07 00:01 - 00000000 ____D C:\Users\Bezrayer\Downloads\Rupture.2016.HDRip.XViD-ETRG
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-07 09:17 - 2015-06-06 06:37 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Telegram Desktop
2016-12-07 09:15 - 2016-09-02 02:13 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-07 09:15 - 2015-08-06 02:32 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-12-07 09:14 - 2016-09-02 01:55 - 00000000 ____D C:\Users\Bezrayer
2016-12-07 09:14 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-12-06 23:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-12-06 23:03 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-12-06 22:35 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-06 22:35 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-06 21:55 - 2016-09-02 01:46 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-06 21:33 - 2015-06-06 07:00 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\vlc
2016-12-06 18:55 - 2015-06-06 06:37 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\uTorrent
2016-12-06 18:05 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-06 18:04 - 2016-01-18 17:05 - 00000000 ____D C:\Program Files (x86)\DU Meter
2016-12-06 18:04 - 2015-07-14 18:34 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\FlvtoConverter
2016-12-05 23:32 - 2015-06-06 05:37 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\VirtualStore
2016-12-01 21:47 - 2015-06-14 17:06 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-12-01 21:46 - 2015-06-14 17:06 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\Battle.net
2016-12-01 13:26 - 2015-06-17 13:08 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\Spotify
2016-12-01 13:26 - 2015-06-17 13:05 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Spotify
2016-11-30 20:21 - 2015-06-06 06:17 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2016-11-30 14:42 - 2016-09-02 01:46 - 00423960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-27 23:50 - 2016-09-07 15:10 - 00238079 ____H C:\Users\Bezrayer\AppData\Local\IconCache.db.backup
2016-11-27 00:11 - 2015-06-06 05:36 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\Packages
2016-11-26 19:38 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-24 22:05 - 2015-11-27 18:04 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\SpinTires
2016-11-24 20:58 - 2016-09-07 15:16 - 00000000 ____D C:\Users\Bezrayer\Desktop\HRY
2016-11-23 20:25 - 2015-01-27 21:12 - 00000000 ____D C:\Users\Bezrayer\Desktop\Prac
2016-11-23 19:54 - 2015-01-26 11:59 - 00000000 ____D C:\Users\Bezrayer\Desktop\tox
2016-11-23 19:39 - 2015-10-04 16:49 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-11-23 19:35 - 2015-07-10 12:53 - 00000000 ____D C:\ProgramData\Adobe
2016-11-23 19:34 - 2015-07-10 12:53 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\Adobe
2016-11-23 19:34 - 2015-06-06 13:53 - 00000000 ____D C:\Users\Bezrayer\AppData\Local\ElevatedDiagnostics
2016-11-23 19:34 - 2015-06-06 05:37 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\Adobe
2016-11-23 19:29 - 2015-07-10 12:53 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-11-23 00:01 - 2015-01-20 16:42 - 00000000 ____D C:\AMD
2016-11-22 19:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-11-22 18:57 - 2015-06-06 12:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-22 09:55 - 2016-10-29 11:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-11-20 20:53 - 2016-07-17 08:35 - 00031121 _____ C:\WINDOWS\DIIUnin.dat
2016-11-20 15:10 - 2016-04-05 15:19 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\SmartSteamEmu
2016-11-20 15:10 - 2015-01-20 21:00 - 00000000 ____D C:\Users\Bezrayer\Documents\My Games
2016-11-19 21:45 - 2016-03-24 08:05 - 00000000 ____D C:\Users\Bezrayer\AppData\Roaming\AIMP
2016-11-18 06:45 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-17 10:19 - 2016-09-16 07:36 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-11-15 10:59 - 2015-07-14 18:22 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-11-14 22:09 - 2015-06-06 06:15 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-11 10:17 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-11 08:13 - 2016-07-21 06:38 - 00000000 ____D C:\Users\Bezrayer\AppData\LocalLow\Obsidian Entertainment
2016-11-11 01:00 - 2016-09-02 02:13 - 00003900 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-11-11 01:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-11-11 01:00 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-11-10 23:33 - 2015-09-27 09:46 - 00000000 ____D C:\Program Files\VS Revo Group
2016-11-09 20:29 - 2015-05-13 21:57 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-09 20:24 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-09 20:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-09 20:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-09 20:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-09 20:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-09 20:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-09 17:50 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-09 17:45 - 2015-06-06 14:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-09 17:39 - 2015-06-06 14:31 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-08 13:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-11-08 13:34 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-11-08 13:33 - 2016-07-16 12:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
==================== Files in the root of some directories =======
2016-08-18 16:40 - 2016-08-18 16:41 - 0000098 _____ () C:\Users\Bezrayer\AppData\Roaming\nuvotonISP.lua
2016-03-09 14:39 - 2016-03-14 14:29 - 0007606 _____ () C:\Users\Bezrayer\AppData\Local\resmon.resmoncfg
2016-09-02 01:50 - 2016-09-02 01:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-12-06 21:56
==================== End of FRST.txt ============================
Asus M5A78L-M LX V2
AMD Athlon II X4 640
8GB DDR3 1333MHz
MSI Radeon HD5670 Cyclone 1G
Windows 10 Pro 64-bit
AMD Athlon II X4 640
8GB DDR3 1333MHz
MSI Radeon HD5670 Cyclone 1G
Windows 10 Pro 64-bit
Re: Preventivní kontrola
Task: {E8297D1C-D468-4774-A0FD-787855F4C323} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\D-Fend v2\Visit MabusSoft homepage.lnk -> hxxp://members.home.nl/mabus
Shortcut: C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\D-Fend v2\Visit the D-Fend forum.lnk -> hxxp://www.mypixels.dk/forums/index.php?showforum=12
ShortcutWithArgument: C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\AirMirror.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=macmgoeeggnlnmpiojbcniblabkdjphe
ShortcutWithArgument: C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hangouts Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hudba Google Play (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
ShortcutWithArgument: C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-30 12:09 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-04 16:49 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-09-19 01:35 - 2014-09-19 01:35 - 00137584 _____ () C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
2016-10-25 05:17 - 2016-10-25 05:17 - 00413888 _____ () C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
2016-10-25 05:17 - 2016-10-25 05:17 - 02735808 _____ () C:\Program Files\Nitro\Pro 11\Nitro_KissMetrics.dll
2016-09-30 12:09 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-02 04:47 - 2016-09-02 04:47 - 00959168 _____ () C:\Users\Bezrayer\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2014-05-01 15:13 - 2016-11-15 11:05 - 00592384 _____ () C:\Users\Bezrayer\AppData\Local\MEGAsync\ShellExtX64.dll
2016-09-30 12:10 - 2016-09-15 18:29 - 03388256 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2016-09-13 23:27 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-09 17:24 - 2016-11-02 11:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 17:23 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 17:23 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 17:23 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 17:23 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 17:23 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-09-19 01:35 - 2014-09-19 01:35 - 00625000 _____ () C:\Program Files (x86)\AMD\OverDrive\Device.dll
2014-09-19 01:35 - 2014-09-19 01:35 - 03860848 _____ () C:\Program Files (x86)\AMD\OverDrive\Platform.dll
2014-09-19 01:35 - 2014-09-19 01:35 - 01587560 _____ () C:\Program Files (x86)\AMD\OverDrive\QtCore4.dll
2014-09-19 01:35 - 2014-09-19 01:35 - 06441320 _____ () C:\Program Files (x86)\AMD\OverDrive\QtGui4.dll
2014-09-19 01:35 - 2014-09-19 01:35 - 00362856 _____ () C:\Program Files (x86)\AMD\OverDrive\QtXml4.dll
2016-01-18 17:05 - 2016-07-06 11:52 - 00848240 _____ () C:\Program Files (x86)\DU Meter\libeay32.dll
2016-01-18 17:05 - 2016-07-06 11:52 - 00168304 _____ () C:\Program Files (x86)\DU Meter\ssleay32.dll
2014-05-01 15:15 - 2016-11-15 11:05 - 00564736 _____ () C:\Users\Bezrayer\AppData\Local\MEGAsync\ShellExtX32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:FB6A21E3 [430]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\sharepoint.com -> hxxps://jucb.sharepoint.com
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\sony.com -> sony.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2016-12-06 22:44 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bezrayer\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{8360dd4f-e3d5-455a-9c73-e8c2ee74e68f}.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "XMouseButtonControl"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\StartupFolder: => "MyPC Backup.lnk"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "HydraVisionDesktopManager"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "Sony PC Companion"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "GlassWire"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "Flvto CENZURA"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "NetBalancer"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "NetLimiter"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "MyComGames"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [UDP Query User{DBA62347-84C0-4103-AA05-C8F7D4AA031C}D:\games\master of orion\masteroforion.exe] => D:\games\master of orion\masteroforion.exe
FirewallRules: [TCP Query User{62E20FB4-F326-4238-9472-27700F5C1DD5}D:\games\master of orion\masteroforion.exe] => D:\games\master of orion\masteroforion.exe
FirewallRules: [{0627E320-3294-469D-B8C2-36A267D35B4C}] => F:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{00D753C4-8ABE-4E92-A8A6-AB57E3585A7A}] => F:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{019CC884-2B90-4136-99BB-83B29989690D}] => F:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{6DD08EAA-0C0F-48F6-BFD5-60DB3A5885D3}] => F:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [UDP Query User{E54C6A8A-B4C4-4A21-B06C-E1517E314EA5}D:\okhlos\okhlos.exe] => D:\okhlos\okhlos.exe
FirewallRules: [TCP Query User{C4901DE4-9A91-4BDF-A38B-2A609FF1F7D1}D:\okhlos\okhlos.exe] => D:\okhlos\okhlos.exe
FirewallRules: [UDP Query User{2C9C39F1-4A0E-4E51-988C-B89E0803FD72}C:\users\bezrayer\desktop\igg-dicetiny.the.lord.of.the.dice.v1.1\dicetiny\binaries\win32\dicetiny-win32-shipping.exe] => C:\users\bezrayer\desktop\igg-dicetiny.the.lord.of.the.dice.v1.1\dicetiny\binaries\win32\dicetiny-win32-shipping.exe
FirewallRules: [TCP Query User{29511BA3-1F5E-4063-9E7B-5A3A6DD6FD6F}C:\users\bezrayer\desktop\igg-dicetiny.the.lord.of.the.dice.v1.1\dicetiny\binaries\win32\dicetiny-win32-shipping.exe] => C:\users\bezrayer\desktop\igg-dicetiny.the.lord.of.the.dice.v1.1\dicetiny\binaries\win32\dicetiny-win32-shipping.exe
FirewallRules: [UDP Query User{6D65DAC6-9096-4CB1-B8C8-64B8F20D2D12}F:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{250B87D3-AB8D-496C-8057-4A9457D38571}F:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
FirewallRules: [{32750302-601F-4039-8C6C-46624B0E2B5E}] => D:\Games\Mr DJ\Need For Speed Most Wanted Black Edition\speed.exe
FirewallRules: [{A962B86F-EAF8-40A7-BF8D-5235E6235298}] => D:\Games\Mr DJ\Need For Speed Most Wanted Black Edition\speed.exe
FirewallRules: [UDP Query User{3AEE086B-E808-4A50-8A29-827F0D54D28E}D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe] => D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{E12EF420-D8E8-40E9-BC91-BECE962C04EA}D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe] => D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [{53CC655A-D231-4865-9366-5374F4A28048}] => F:\Steam\steamapps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{DE045AD0-CF61-405C-8000-0B305A922480}] => F:\Steam\steamapps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{225CB7A4-1DAC-432A-8DFC-70093F943B79}] => F:\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{91FEFB24-2CB6-4748-973B-FCCA89E13607}] => F:\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{B3E3F45B-2226-4706-9689-142121E1956B}] => F:\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{990E9A11-BAEC-4446-A834-1A054FA8FB18}] => F:\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{F6D0CCFF-69A0-4C3E-B6C8-71C9B84F1A0C}] => F:\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{2DE5B0E6-6890-45C1-B47D-3E2D1025F6D7}] => F:\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [UDP Query User{189F2F29-7C52-4F5F-ADF3-EBBA8605153E}F:\steam\steamapps\common\evolvegame\bin64_steamretail\evolve.exe] => F:\steam\steamapps\common\evolvegame\bin64_steamretail\evolve.exe
FirewallRules: [TCP Query User{F0A5646C-1A0C-489A-8475-74B765C3760F}F:\steam\steamapps\common\evolvegame\bin64_steamretail\evolve.exe] => F:\steam\steamapps\common\evolvegame\bin64_steamretail\evolve.exe
FirewallRules: [UDP Query User{618BAC36-E0A4-4734-9651-AC162DCB9550}D:\blueprint tycoon\blueprinttycoon.exe] => D:\blueprint tycoon\blueprinttycoon.exe
FirewallRules: [TCP Query User{E5B15124-A573-464C-A3F7-F789E507F0A6}D:\blueprint tycoon\blueprinttycoon.exe] => D:\blueprint tycoon\blueprinttycoon.exe
FirewallRules: [UDP Query User{1A4E2C1F-5273-4311-8E14-434A04FC1DED}C:\users\bezrayer\desktop\igg-plantera.v1.4.4\plantera.exe] => C:\users\bezrayer\desktop\igg-plantera.v1.4.4\plantera.exe
FirewallRules: [TCP Query User{65C47ECE-3079-4989-BA68-EDA341B21F26}C:\users\bezrayer\desktop\igg-plantera.v1.4.4\plantera.exe] => C:\users\bezrayer\desktop\igg-plantera.v1.4.4\plantera.exe
FirewallRules: [{8CD90048-1D36-43B0-BBAD-70A0564FF202}] => F:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{82E580A2-456D-4DB3-9C2E-C318A69ADB1A}] => F:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{3C7284D8-A953-4124-B686-383A51491A22}] => F:\Steam\steamapps\common\fallout new vegas enplczru\FalloutNVLauncher.exe
FirewallRules: [{7CCEFEEC-9A13-4DC1-8CC7-8C7DDBFA0A04}] => F:\Steam\steamapps\common\fallout new vegas enplczru\FalloutNVLauncher.exe
FirewallRules: [UDP Query User{CD91971A-C08F-483F-AB69-072BD79A8706}C:\users\bezrayer\desktop\igg-salt.and.sanctuary.v1.0.0.3\salt.exe] => C:\users\bezrayer\desktop\igg-salt.and.sanctuary.v1.0.0.3\salt.exe
FirewallRules: [TCP Query User{7C342BFC-2471-4A95-9206-6C984B3408B5}C:\users\bezrayer\desktop\igg-salt.and.sanctuary.v1.0.0.3\salt.exe] => C:\users\bezrayer\desktop\igg-salt.and.sanctuary.v1.0.0.3\salt.exe
FirewallRules: [UDP Query User{07684242-5C96-4066-9BD7-0128BE42C0F5}C:\users\bezrayer\desktop\igg-salt.and.sanctuary.v1.0.0.3\salt.exe] => C:\users\bezrayer\desktop\igg-salt.and.sanctuary.v1.0.0.3\salt.exe
FirewallRules: [TCP Query User{CF3E1AA6-8155-4F24-BEAD-F03F4F4AB3C3}C:\users\bezrayer\desktop\igg-salt.and.sanctuary.v1.0.0.3\salt.exe] => C:\users\bezrayer\desktop\igg-salt.and.sanctuary.v1.0.0.3\salt.exe
FirewallRules: [UDP Query User{3AA7E017-A6A3-479A-AC44-414B100D7F69}F:\steam\steamapps\common\smite\binaries\win32\smite.exe] => F:\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{B4AD2962-C093-4AA5-9E6A-25C14F285ED1}F:\steam\steamapps\common\smite\binaries\win32\smite.exe] => F:\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{7F54EC24-EF2F-4E8F-83A9-2E0349657AF8}D:\games\firewatch\firewatch.exe] => D:\games\firewatch\firewatch.exe
FirewallRules: [TCP Query User{D782ACDA-B6D3-47F4-A3C6-2D787634493C}D:\games\firewatch\firewatch.exe] => D:\games\firewatch\firewatch.exe
FirewallRules: [UDP Query User{0E32FFCE-34A9-4F64-8C60-83860624EBE8}F:\program files (x86)\overwatch\overwatch.exe] => F:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{364A4B0F-F24B-4F1C-AF16-674047884C33}F:\program files (x86)\overwatch\overwatch.exe] => F:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{0CBE0A15-EFCA-4590-9482-C2EE9BB75968}] => F:\Steam\steamapps\common\Factorio\bin\x64\Factorio.exe
FirewallRules: [{4858395F-FF37-48DF-B371-E97363A66FD9}] => F:\Steam\steamapps\common\Factorio\bin\x64\Factorio.exe
FirewallRules: [UDP Query User{01E93C77-D28E-4FB1-BB4F-555F4F5BB658}C:\users\bezrayer\desktop\igg-enter.the.gungeon\etg.exe] => C:\users\bezrayer\desktop\igg-enter.the.gungeon\etg.exe
FirewallRules: [TCP Query User{0C470628-C9EE-47FF-9D18-866AE416F7D4}C:\users\bezrayer\desktop\igg-enter.the.gungeon\etg.exe] => C:\users\bezrayer\desktop\igg-enter.the.gungeon\etg.exe
FirewallRules: [UDP Query User{9302C828-4FDC-497F-B620-23AA172D77AC}C:\users\bezrayer\desktop\igg-enter.the.gungeon\etg.exe] => C:\users\bezrayer\desktop\igg-enter.the.gungeon\etg.exe
FirewallRules: [TCP Query User{FEFA5AD4-E623-462A-854D-2AF4C39E7A18}C:\users\bezrayer\desktop\igg-enter.the.gungeon\etg.exe] => C:\users\bezrayer\desktop\igg-enter.the.gungeon\etg.exe
FirewallRules: [UDP Query User{56205FFB-A898-4BAD-8577-9882DA15749A}D:\games\forced - showdown\bugtracker\bugtracker.exe] => D:\games\forced - showdown\bugtracker\bugtracker.exe
FirewallRules: [TCP Query User{2D09439F-C421-45EC-B8AC-2BA47489F8C7}D:\games\forced - showdown\bugtracker\bugtracker.exe] => D:\games\forced - showdown\bugtracker\bugtracker.exe
FirewallRules: [UDP Query User{A7D023D9-6001-4AE1-9C7B-3BE42A72D5BE}D:\the flame in the flood\rivergame\binaries\win64\rivergame-win64-shipping.exe] => D:\the flame in the flood\rivergame\binaries\win64\rivergame-win64-shipping.exe
FirewallRules: [TCP Query User{35D70923-8938-4390-BAE3-DD3DEC5325DB}D:\the flame in the flood\rivergame\binaries\win64\rivergame-win64-shipping.exe] => D:\the flame in the flood\rivergame\binaries\win64\rivergame-win64-shipping.exe
FirewallRules: [UDP Query User{DA71DD23-EA11-4CFE-A0C5-000CF3537453}F:\steam\steamapps\common\far cry 3\bin\farcry3.exe] => F:\steam\steamapps\common\far cry 3\bin\farcry3.exe
FirewallRules: [TCP Query User{81E3F78C-AFA1-499E-A09E-333EF335D5E2}F:\steam\steamapps\common\far cry 3\bin\farcry3.exe] => F:\steam\steamapps\common\far cry 3\bin\farcry3.exe
FirewallRules: [{B77225AE-0CE2-464C-BBBE-F14FD20FF362}] => F:\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{299FE9B4-DE67-432C-84C2-76AB63520035}] => F:\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{07D6F397-B95B-470F-85C0-32F1583F76D9}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1D3A2440-3FF2-4A6F-8804-2AD0753BDD80}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FB637329-9C6F-4AD9-8BA7-4DEFCFABDB62}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5008D081-D022-4D94-93D2-C3B2A706A29D}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C09884D1-1AC7-428C-98E1-2AF97B089A77}] => F:\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{919FC0A7-3EE1-4567-89B6-B30A2DAC1638}] => F:\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{77ECE64C-5104-4293-82EE-35ADC509E647}] => F:\Steam\steamapps\common\FrozenSynapsePrime\FrozenSynapse.exe
FirewallRules: [{FD32159D-1733-4A0D-968A-15620FBCA4D1}] => F:\Steam\steamapps\common\FrozenSynapsePrime\FrozenSynapse.exe
FirewallRules: [UDP Query User{787BB9A7-42A0-4A2C-9536-0B5F603B8F27}F:\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => F:\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [TCP Query User{028F3858-0DE3-4CF7-9F2E-F12B1E2AC534}F:\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => F:\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{68EB6B86-4BCB-49F4-8072-2668FEB99E8D}D:\games\far cry 4\bin\farcry4.exe] => D:\games\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{E8165F8A-B558-4524-BD84-877CF5088C4A}D:\games\far cry 4\bin\farcry4.exe] => D:\games\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{CAD03FB0-E90A-4BD1-8B9C-3C2C2D444C22}D:\games\far cry 4\bin\farcry4.exe] => D:\games\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{B012C96B-27CE-4257-AEC4-5D86B5C8F2A2}D:\games\far cry 4\bin\farcry4.exe] => D:\games\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{D4705DE9-9D71-4061-A6D1-74A373D25A70}D:\games\bombshell\binaries\win64\bombshell.exe] => D:\games\bombshell\binaries\win64\bombshell.exe
FirewallRules: [TCP Query User{F9FF732D-2920-423D-85C3-75623AC2BD41}D:\games\bombshell\binaries\win64\bombshell.exe] => D:\games\bombshell\binaries\win64\bombshell.exe
FirewallRules: [{8ADD25D1-4E77-409C-BA48-8636B0441D51}] => F:\Steam\steamapps\common\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{28FB26A1-4B60-40DA-A53B-7BABF5BB1BFF}] => F:\Steam\steamapps\common\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{6FA647FC-B337-4202-B23F-64462A020DB2}] => F:\Steam\steamapps\common\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{FF990B30-C57E-4638-BE94-C43329B3B9BB}] => F:\Steam\steamapps\common\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{499F6530-C6A0-4715-BA7A-9F99962B427F}] => F:\Steam\steamapps\common\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{041610CD-0A4D-436C-8D72-02073951BF03}] => F:\Steam\steamapps\common\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{D714F4FD-673E-4A2B-BA73-A65C27BFBA89}] => F:\Steam\steamapps\common\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{EC50E899-79C6-49CD-8A2C-CB0AD2A3B75E}] => F:\Steam\steamapps\common\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{CA836C9B-1607-4B34-ADE1-054507834B9A}] => F:\Steam\steamapps\common\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{558930D9-C240-4494-B0BA-C49C2C0258C6}] => F:\Steam\steamapps\common\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [UDP Query User{834751BD-0472-49C5-8B84-EB5DF8EAC07E}D:\hry\valhalla hills\valhallahills\binaries\win64\valhallahills-win64-shipping.exe] => D:\hry\valhalla hills\valhallahills\binaries\win64\valhallahills-win64-shipping.exe
FirewallRules: [TCP Query User{23527184-AB63-4389-AD2A-AD4B9C21785B}D:\hry\valhalla hills\valhallahills\binaries\win64\valhallahills-win64-shipping.exe] => D:\hry\valhalla hills\valhallahills\binaries\win64\valhallahills-win64-shipping.exe
FirewallRules: [UDP Query User{B3A47F20-C097-4EC5-83C7-6A61C46827B1}F:\program files (x86)\city car driving\bin\win32\starter.exe] => F:\program files (x86)\city car driving\bin\win32\starter.exe
FirewallRules: [TCP Query User{A8C85F48-9655-424C-AF38-7695A4763C5D}F:\program files (x86)\city car driving\bin\win32\starter.exe] => F:\program files (x86)\city car driving\bin\win32\starter.exe
FirewallRules: [{8746F48B-10FD-4B5A-A7BE-C0FC8E0A0D23}] => F:\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{695EBAC3-7C0E-46E8-9178-7F779198A943}] => F:\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{ABCB09A0-8C93-4265-95B8-8E0D6ED871AD}] => F:\Steam\steamapps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{C1B5D1D2-F4F7-443D-B415-606183812599}] => F:\Steam\steamapps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{0ABDDB12-47FF-4562-A4B0-451B191B8606}] => F:\Steam\steamapps\common\STALKER Clear Sky\bin\xrEngine.exe
FirewallRules: [{B4019A8C-593A-43A4-9E20-735691A4C98B}] => F:\Steam\steamapps\common\STALKER Clear Sky\bin\xrEngine.exe
FirewallRules: [UDP Query User{6693062F-E06B-4100-8DC7-1DCB9D914A26}F:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{5420AF3B-E14F-42B2-95C1-CFB92768CCA7}F:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
FirewallRules: [{2A360B9C-CEDC-454D-8F17-83B4B3E29650}] => F:\Steam\steamapps\common\Underrail\underrail.exe
FirewallRules: [{1CCBDFE7-6EA4-40E9-9540-E41BA1E88FF8}] => F:\Steam\steamapps\common\Underrail\underrail.exe
FirewallRules: [UDP Query User{9F15526D-2DE7-46A3-B342-AF11A28D7001}F:\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => F:\gameforgelive\games\gbr_eng\tera\tera-launcher.exe
FirewallRules: [TCP Query User{51E2CDE2-FCA9-4A5C-9D65-FE907328FAC0}F:\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => F:\gameforgelive\games\gbr_eng\tera\tera-launcher.exe
FirewallRules: [UDP Query User{3F97C922-A235-45EF-A32F-6E3BD73EF082}F:\program files (x86)\heroes of the storm\versions\base39595\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base39595\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{F3B2BCF6-0240-4A3D-BF77-AF49C5E4D262}F:\program files (x86)\heroes of the storm\versions\base39595\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base39595\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{3F1D95C5-611F-4124-B5CC-C4CBC3317736}F:\program files (x86)\diablo iii\diablo iii.exe] => F:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{1C3076A0-AFD2-4F26-9FF1-7735B9E64741}F:\program files (x86)\diablo iii\diablo iii.exe] => F:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{4CF1642F-EEC2-4D46-95DC-F44074F91FB5}F:\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => F:\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{8FC62817-8D81-4C25-ACC8-1A26AFE5C715}F:\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => F:\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{C401DA3F-32FD-4AF2-9546-57F378F75B3C}] => F:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5662B720-3E38-4524-B7AF-4D05EBCEE9B8}] => F:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [UDP Query User{DC2F8F58-F1F5-4865-B67B-857D4684CADF}F:\program files (x86)\hearthstone\hearthstone.exe] => F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{2F49B7D2-B22F-439C-A065-2F67D1AB2FBF}F:\program files (x86)\hearthstone\hearthstone.exe] => F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{89EADDC9-2FB2-46E4-8087-FAEFBD02DCB2}D:\r.g. catalyst\e.y.e. divine cybermancy\eye.exe] => D:\r.g. catalyst\e.y.e. divine cybermancy\eye.exe
FirewallRules: [TCP Query User{A0AB8B34-56B8-422F-9490-493715C29677}D:\r.g. catalyst\e.y.e. divine cybermancy\eye.exe] => D:\r.g. catalyst\e.y.e. divine cybermancy\eye.exe
FirewallRules: [{85F212CC-20A2-4435-96EE-59C4A5F6872F}] => F:\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{99A4E378-8E7E-425A-9B3E-672B37456AB9}] => F:\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [UDP Query User{0128475D-C991-4E47-AEF1-B6EFA5242C14}F:\steam\steamapps\common\h1z1\h1z1.exe] => F:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{A569AA32-BFAD-4562-9B1F-2162DC600A51}F:\steam\steamapps\common\h1z1\h1z1.exe] => F:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{62E06760-D449-41AA-B9E1-CA3A1C749D3B}] => C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{3684CEFC-97A6-466C-8E67-E9BCEABA0F10}] => C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [UDP Query User{AE4E0F60-6D92-4532-B0D5-022C22F19D65}C:\users\bezrayer\appdata\roaming\spotify\spotify.exe] => C:\users\bezrayer\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{3C3CFCF8-E665-456F-981A-D800030DDCD5}C:\users\bezrayer\appdata\roaming\spotify\spotify.exe] => C:\users\bezrayer\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7E3A0692-6FBA-4794-99C2-FCA1F9914C30}F:\program files (x86)\hearthstone\hearthstone.exe] => F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{205B1DBA-ABB2-42ED-BB83-C966CFC819E2}F:\program files (x86)\hearthstone\hearthstone.exe] => F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{B1F79CA5-8667-4130-B2AE-62FC86919E4C}] => C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{3BDE341D-3DC0-49A4-8078-96943BB99A38}] => C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [UDP Query User{2E12FB8E-EA63-47EF-AE23-A725F045A92F}F:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => F:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [TCP Query User{A6730A3F-A3BB-4D66-8284-EA245B8F9955}F:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => F:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [{88223153-D1C1-4F1E-BB0D-9E62DF011922}] => F:\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{40BE4EAC-D755-4D78-B8EB-5C61558BA533}] => F:\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{F342923A-6407-47BA-816B-53ED8E53CD3B}] => F:\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{00A7C52E-9519-4C01-A4F5-35AFA384B941}] => F:\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{03A8ACF0-AF6B-408C-A131-075C9F062544}] => F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{EC70E039-5A0F-4BC9-B00E-E3BF80FA6E8D}] => F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{688C9336-510D-447F-BEA2-897A994057B5}] => F:\Steam\Steam.exe
FirewallRules: [{F826800F-D975-4DBD-B13A-C6B4093C0630}] => F:\Steam\Steam.exe
FirewallRules: [UDP Query User{2D18AC43-29E5-4023-9117-21CB2DB7625F}C:\users\bezrayer\appdata\roaming\utorrent\utorrent.exe] => C:\users\bezrayer\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{FF043B03-7D58-4862-B16E-34CE0FFA5FC4}C:\users\bezrayer\appdata\roaming\utorrent\utorrent.exe] => C:\users\bezrayer\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{F2EBFEF0-83F3-482F-8EF7-1B821ADC22E0}] => C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{295D0528-080E-489A-84D4-8807A923E5D2}] => C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [TCP Query User{9A797B29-3C4D-4A4B-AF4A-F4C277F7B2C9}D:\mass effect 3 complete edition\binaries\win32\masseffect3.exe] => D:\mass effect 3 complete edition\binaries\win32\masseffect3.exe
FirewallRules: [UDP Query User{5EFE35F0-705E-4DE0-9B6D-3F7C77BDFDC5}D:\mass effect 3 complete edition\binaries\win32\masseffect3.exe] => D:\mass effect 3 complete edition\binaries\win32\masseffect3.exe
FirewallRules: [{BE54A910-AAA5-41E3-9CDF-C34C9EE5B5D6}] => D:\Mr DJ\Borderlands The Pre Sequel\Binaries\Win32\Launcher.exe
FirewallRules: [{0FF4FE78-49F6-4A1E-B3AA-AAF75DD13ED6}] => D:\Mr DJ\Borderlands The Pre Sequel\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{D978DE1D-1DDC-41F2-8622-69A040BD7209}D:\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe] => D:\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{AD47A7EC-43F1-4362-B4EE-132283F877DC}D:\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe] => D:\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{B5ED3F43-099B-4535-8F81-6D30BD35E566}D:\mass effect 3 complete edition\binaries\win32\masseffect3.exe] => D:\mass effect 3 complete edition\binaries\win32\masseffect3.exe
FirewallRules: [UDP Query User{243E8787-33BD-444C-80AD-D1D21B7AE1FC}D:\mass effect 3 complete edition\binaries\win32\masseffect3.exe] => D:\mass effect 3 complete edition\binaries\win32\masseffect3.exe
FirewallRules: [TCP Query User{1F91C0F9-8E47-4783-986F-E1174CB8D31E}D:\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe] => D:\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{4ED807D4-7FB0-4A45-B31B-2C6BAA9C1994}D:\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe] => D:\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\D-Fend v2\Visit MabusSoft homepage.lnk -> hxxp://members.home.nl/mabus
Shortcut: C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\D-Fend v2\Visit the D-Fend forum.lnk -> hxxp://www.mypixels.dk/forums/index.php?showforum=12
ShortcutWithArgument: C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\AirMirror.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=macmgoeeggnlnmpiojbcniblabkdjphe
ShortcutWithArgument: C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hangouts Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hudba Google Play (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
ShortcutWithArgument: C:\Users\Bezrayer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-30 12:09 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-04 16:49 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-09-19 01:35 - 2014-09-19 01:35 - 00137584 _____ () C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
2016-10-25 05:17 - 2016-10-25 05:17 - 00413888 _____ () C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
2016-10-25 05:17 - 2016-10-25 05:17 - 02735808 _____ () C:\Program Files\Nitro\Pro 11\Nitro_KissMetrics.dll
2016-09-30 12:09 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-02 04:47 - 2016-09-02 04:47 - 00959168 _____ () C:\Users\Bezrayer\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2014-05-01 15:13 - 2016-11-15 11:05 - 00592384 _____ () C:\Users\Bezrayer\AppData\Local\MEGAsync\ShellExtX64.dll
2016-09-30 12:10 - 2016-09-15 18:29 - 03388256 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2016-09-13 23:27 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-09 17:24 - 2016-11-02 11:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 17:23 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 17:23 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 17:23 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 17:23 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 17:23 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-09-19 01:35 - 2014-09-19 01:35 - 00625000 _____ () C:\Program Files (x86)\AMD\OverDrive\Device.dll
2014-09-19 01:35 - 2014-09-19 01:35 - 03860848 _____ () C:\Program Files (x86)\AMD\OverDrive\Platform.dll
2014-09-19 01:35 - 2014-09-19 01:35 - 01587560 _____ () C:\Program Files (x86)\AMD\OverDrive\QtCore4.dll
2014-09-19 01:35 - 2014-09-19 01:35 - 06441320 _____ () C:\Program Files (x86)\AMD\OverDrive\QtGui4.dll
2014-09-19 01:35 - 2014-09-19 01:35 - 00362856 _____ () C:\Program Files (x86)\AMD\OverDrive\QtXml4.dll
2016-01-18 17:05 - 2016-07-06 11:52 - 00848240 _____ () C:\Program Files (x86)\DU Meter\libeay32.dll
2016-01-18 17:05 - 2016-07-06 11:52 - 00168304 _____ () C:\Program Files (x86)\DU Meter\ssleay32.dll
2014-05-01 15:15 - 2016-11-15 11:05 - 00564736 _____ () C:\Users\Bezrayer\AppData\Local\MEGAsync\ShellExtX32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:FB6A21E3 [430]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\sharepoint.com -> hxxps://jucb.sharepoint.com
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\sony.com -> sony.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2016-12-06 22:44 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3025460961-235328027-311272571-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bezrayer\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{8360dd4f-e3d5-455a-9c73-e8c2ee74e68f}.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "XMouseButtonControl"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\StartupFolder: => "MyPC Backup.lnk"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "HydraVisionDesktopManager"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "Sony PC Companion"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "GlassWire"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "Flvto CENZURA"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "NetBalancer"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "NetLimiter"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\StartupApproved\Run: => "MyComGames"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [UDP Query User{DBA62347-84C0-4103-AA05-C8F7D4AA031C}D:\games\master of orion\masteroforion.exe] => D:\games\master of orion\masteroforion.exe
FirewallRules: [TCP Query User{62E20FB4-F326-4238-9472-27700F5C1DD5}D:\games\master of orion\masteroforion.exe] => D:\games\master of orion\masteroforion.exe
FirewallRules: [{0627E320-3294-469D-B8C2-36A267D35B4C}] => F:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{00D753C4-8ABE-4E92-A8A6-AB57E3585A7A}] => F:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{019CC884-2B90-4136-99BB-83B29989690D}] => F:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{6DD08EAA-0C0F-48F6-BFD5-60DB3A5885D3}] => F:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [UDP Query User{E54C6A8A-B4C4-4A21-B06C-E1517E314EA5}D:\okhlos\okhlos.exe] => D:\okhlos\okhlos.exe
FirewallRules: [TCP Query User{C4901DE4-9A91-4BDF-A38B-2A609FF1F7D1}D:\okhlos\okhlos.exe] => D:\okhlos\okhlos.exe
FirewallRules: [UDP Query User{2C9C39F1-4A0E-4E51-988C-B89E0803FD72}C:\users\bezrayer\desktop\igg-dicetiny.the.lord.of.the.dice.v1.1\dicetiny\binaries\win32\dicetiny-win32-shipping.exe] => C:\users\bezrayer\desktop\igg-dicetiny.the.lord.of.the.dice.v1.1\dicetiny\binaries\win32\dicetiny-win32-shipping.exe
FirewallRules: [TCP Query User{29511BA3-1F5E-4063-9E7B-5A3A6DD6FD6F}C:\users\bezrayer\desktop\igg-dicetiny.the.lord.of.the.dice.v1.1\dicetiny\binaries\win32\dicetiny-win32-shipping.exe] => C:\users\bezrayer\desktop\igg-dicetiny.the.lord.of.the.dice.v1.1\dicetiny\binaries\win32\dicetiny-win32-shipping.exe
FirewallRules: [UDP Query User{6D65DAC6-9096-4CB1-B8C8-64B8F20D2D12}F:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{250B87D3-AB8D-496C-8057-4A9457D38571}F:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base45228\heroesofthestorm_x64.exe
FirewallRules: [{32750302-601F-4039-8C6C-46624B0E2B5E}] => D:\Games\Mr DJ\Need For Speed Most Wanted Black Edition\speed.exe
FirewallRules: [{A962B86F-EAF8-40A7-BF8D-5235E6235298}] => D:\Games\Mr DJ\Need For Speed Most Wanted Black Edition\speed.exe
FirewallRules: [UDP Query User{3AEE086B-E808-4A50-8A29-827F0D54D28E}D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe] => D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{E12EF420-D8E8-40E9-BC91-BECE962C04EA}D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe] => D:\games\dishonored - game of the year edition\binaries\win32\dishonored.exe
FirewallRules: [{53CC655A-D231-4865-9366-5374F4A28048}] => F:\Steam\steamapps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{DE045AD0-CF61-405C-8000-0B305A922480}] => F:\Steam\steamapps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{225CB7A4-1DAC-432A-8DFC-70093F943B79}] => F:\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{91FEFB24-2CB6-4748-973B-FCCA89E13607}] => F:\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{B3E3F45B-2226-4706-9689-142121E1956B}] => F:\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{990E9A11-BAEC-4446-A834-1A054FA8FB18}] => F:\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{F6D0CCFF-69A0-4C3E-B6C8-71C9B84F1A0C}] => F:\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{2DE5B0E6-6890-45C1-B47D-3E2D1025F6D7}] => F:\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [UDP Query User{189F2F29-7C52-4F5F-ADF3-EBBA8605153E}F:\steam\steamapps\common\evolvegame\bin64_steamretail\evolve.exe] => F:\steam\steamapps\common\evolvegame\bin64_steamretail\evolve.exe
FirewallRules: [TCP Query User{F0A5646C-1A0C-489A-8475-74B765C3760F}F:\steam\steamapps\common\evolvegame\bin64_steamretail\evolve.exe] => F:\steam\steamapps\common\evolvegame\bin64_steamretail\evolve.exe
FirewallRules: [UDP Query User{618BAC36-E0A4-4734-9651-AC162DCB9550}D:\blueprint tycoon\blueprinttycoon.exe] => D:\blueprint tycoon\blueprinttycoon.exe
FirewallRules: [TCP Query User{E5B15124-A573-464C-A3F7-F789E507F0A6}D:\blueprint tycoon\blueprinttycoon.exe] => D:\blueprint tycoon\blueprinttycoon.exe
FirewallRules: [UDP Query User{1A4E2C1F-5273-4311-8E14-434A04FC1DED}C:\users\bezrayer\desktop\igg-plantera.v1.4.4\plantera.exe] => C:\users\bezrayer\desktop\igg-plantera.v1.4.4\plantera.exe
FirewallRules: [TCP Query User{65C47ECE-3079-4989-BA68-EDA341B21F26}C:\users\bezrayer\desktop\igg-plantera.v1.4.4\plantera.exe] => C:\users\bezrayer\desktop\igg-plantera.v1.4.4\plantera.exe
FirewallRules: [{8CD90048-1D36-43B0-BBAD-70A0564FF202}] => F:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{82E580A2-456D-4DB3-9C2E-C318A69ADB1A}] => F:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{3C7284D8-A953-4124-B686-383A51491A22}] => F:\Steam\steamapps\common\fallout new vegas enplczru\FalloutNVLauncher.exe
FirewallRules: [{7CCEFEEC-9A13-4DC1-8CC7-8C7DDBFA0A04}] => F:\Steam\steamapps\common\fallout new vegas enplczru\FalloutNVLauncher.exe
FirewallRules: [UDP Query User{CD91971A-C08F-483F-AB69-072BD79A8706}C:\users\bezrayer\desktop\igg-salt.and.sanctuary.v1.0.0.3\salt.exe] => C:\users\bezrayer\desktop\igg-salt.and.sanctuary.v1.0.0.3\salt.exe
FirewallRules: [TCP Query User{7C342BFC-2471-4A95-9206-6C984B3408B5}C:\users\bezrayer\desktop\igg-salt.and.sanctuary.v1.0.0.3\salt.exe] => C:\users\bezrayer\desktop\igg-salt.and.sanctuary.v1.0.0.3\salt.exe
FirewallRules: [UDP Query User{07684242-5C96-4066-9BD7-0128BE42C0F5}C:\users\bezrayer\desktop\igg-salt.and.sanctuary.v1.0.0.3\salt.exe] => C:\users\bezrayer\desktop\igg-salt.and.sanctuary.v1.0.0.3\salt.exe
FirewallRules: [TCP Query User{CF3E1AA6-8155-4F24-BEAD-F03F4F4AB3C3}C:\users\bezrayer\desktop\igg-salt.and.sanctuary.v1.0.0.3\salt.exe] => C:\users\bezrayer\desktop\igg-salt.and.sanctuary.v1.0.0.3\salt.exe
FirewallRules: [UDP Query User{3AA7E017-A6A3-479A-AC44-414B100D7F69}F:\steam\steamapps\common\smite\binaries\win32\smite.exe] => F:\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{B4AD2962-C093-4AA5-9E6A-25C14F285ED1}F:\steam\steamapps\common\smite\binaries\win32\smite.exe] => F:\steam\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{7F54EC24-EF2F-4E8F-83A9-2E0349657AF8}D:\games\firewatch\firewatch.exe] => D:\games\firewatch\firewatch.exe
FirewallRules: [TCP Query User{D782ACDA-B6D3-47F4-A3C6-2D787634493C}D:\games\firewatch\firewatch.exe] => D:\games\firewatch\firewatch.exe
FirewallRules: [UDP Query User{0E32FFCE-34A9-4F64-8C60-83860624EBE8}F:\program files (x86)\overwatch\overwatch.exe] => F:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{364A4B0F-F24B-4F1C-AF16-674047884C33}F:\program files (x86)\overwatch\overwatch.exe] => F:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{0CBE0A15-EFCA-4590-9482-C2EE9BB75968}] => F:\Steam\steamapps\common\Factorio\bin\x64\Factorio.exe
FirewallRules: [{4858395F-FF37-48DF-B371-E97363A66FD9}] => F:\Steam\steamapps\common\Factorio\bin\x64\Factorio.exe
FirewallRules: [UDP Query User{01E93C77-D28E-4FB1-BB4F-555F4F5BB658}C:\users\bezrayer\desktop\igg-enter.the.gungeon\etg.exe] => C:\users\bezrayer\desktop\igg-enter.the.gungeon\etg.exe
FirewallRules: [TCP Query User{0C470628-C9EE-47FF-9D18-866AE416F7D4}C:\users\bezrayer\desktop\igg-enter.the.gungeon\etg.exe] => C:\users\bezrayer\desktop\igg-enter.the.gungeon\etg.exe
FirewallRules: [UDP Query User{9302C828-4FDC-497F-B620-23AA172D77AC}C:\users\bezrayer\desktop\igg-enter.the.gungeon\etg.exe] => C:\users\bezrayer\desktop\igg-enter.the.gungeon\etg.exe
FirewallRules: [TCP Query User{FEFA5AD4-E623-462A-854D-2AF4C39E7A18}C:\users\bezrayer\desktop\igg-enter.the.gungeon\etg.exe] => C:\users\bezrayer\desktop\igg-enter.the.gungeon\etg.exe
FirewallRules: [UDP Query User{56205FFB-A898-4BAD-8577-9882DA15749A}D:\games\forced - showdown\bugtracker\bugtracker.exe] => D:\games\forced - showdown\bugtracker\bugtracker.exe
FirewallRules: [TCP Query User{2D09439F-C421-45EC-B8AC-2BA47489F8C7}D:\games\forced - showdown\bugtracker\bugtracker.exe] => D:\games\forced - showdown\bugtracker\bugtracker.exe
FirewallRules: [UDP Query User{A7D023D9-6001-4AE1-9C7B-3BE42A72D5BE}D:\the flame in the flood\rivergame\binaries\win64\rivergame-win64-shipping.exe] => D:\the flame in the flood\rivergame\binaries\win64\rivergame-win64-shipping.exe
FirewallRules: [TCP Query User{35D70923-8938-4390-BAE3-DD3DEC5325DB}D:\the flame in the flood\rivergame\binaries\win64\rivergame-win64-shipping.exe] => D:\the flame in the flood\rivergame\binaries\win64\rivergame-win64-shipping.exe
FirewallRules: [UDP Query User{DA71DD23-EA11-4CFE-A0C5-000CF3537453}F:\steam\steamapps\common\far cry 3\bin\farcry3.exe] => F:\steam\steamapps\common\far cry 3\bin\farcry3.exe
FirewallRules: [TCP Query User{81E3F78C-AFA1-499E-A09E-333EF335D5E2}F:\steam\steamapps\common\far cry 3\bin\farcry3.exe] => F:\steam\steamapps\common\far cry 3\bin\farcry3.exe
FirewallRules: [{B77225AE-0CE2-464C-BBBE-F14FD20FF362}] => F:\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{299FE9B4-DE67-432C-84C2-76AB63520035}] => F:\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{07D6F397-B95B-470F-85C0-32F1583F76D9}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1D3A2440-3FF2-4A6F-8804-2AD0753BDD80}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FB637329-9C6F-4AD9-8BA7-4DEFCFABDB62}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5008D081-D022-4D94-93D2-C3B2A706A29D}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C09884D1-1AC7-428C-98E1-2AF97B089A77}] => F:\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{919FC0A7-3EE1-4567-89B6-B30A2DAC1638}] => F:\Steam\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{77ECE64C-5104-4293-82EE-35ADC509E647}] => F:\Steam\steamapps\common\FrozenSynapsePrime\FrozenSynapse.exe
FirewallRules: [{FD32159D-1733-4A0D-968A-15620FBCA4D1}] => F:\Steam\steamapps\common\FrozenSynapsePrime\FrozenSynapse.exe
FirewallRules: [UDP Query User{787BB9A7-42A0-4A2C-9536-0B5F603B8F27}F:\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => F:\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [TCP Query User{028F3858-0DE3-4CF7-9F2E-F12B1E2AC534}F:\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe] => F:\steam\steamapps\common\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{68EB6B86-4BCB-49F4-8072-2668FEB99E8D}D:\games\far cry 4\bin\farcry4.exe] => D:\games\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{E8165F8A-B558-4524-BD84-877CF5088C4A}D:\games\far cry 4\bin\farcry4.exe] => D:\games\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{CAD03FB0-E90A-4BD1-8B9C-3C2C2D444C22}D:\games\far cry 4\bin\farcry4.exe] => D:\games\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{B012C96B-27CE-4257-AEC4-5D86B5C8F2A2}D:\games\far cry 4\bin\farcry4.exe] => D:\games\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{D4705DE9-9D71-4061-A6D1-74A373D25A70}D:\games\bombshell\binaries\win64\bombshell.exe] => D:\games\bombshell\binaries\win64\bombshell.exe
FirewallRules: [TCP Query User{F9FF732D-2920-423D-85C3-75623AC2BD41}D:\games\bombshell\binaries\win64\bombshell.exe] => D:\games\bombshell\binaries\win64\bombshell.exe
FirewallRules: [{8ADD25D1-4E77-409C-BA48-8636B0441D51}] => F:\Steam\steamapps\common\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{28FB26A1-4B60-40DA-A53B-7BABF5BB1BFF}] => F:\Steam\steamapps\common\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{6FA647FC-B337-4202-B23F-64462A020DB2}] => F:\Steam\steamapps\common\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{FF990B30-C57E-4638-BE94-C43329B3B9BB}] => F:\Steam\steamapps\common\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{499F6530-C6A0-4715-BA7A-9F99962B427F}] => F:\Steam\steamapps\common\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{041610CD-0A4D-436C-8D72-02073951BF03}] => F:\Steam\steamapps\common\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{D714F4FD-673E-4A2B-BA73-A65C27BFBA89}] => F:\Steam\steamapps\common\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{EC50E899-79C6-49CD-8A2C-CB0AD2A3B75E}] => F:\Steam\steamapps\common\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{CA836C9B-1607-4B34-ADE1-054507834B9A}] => F:\Steam\steamapps\common\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{558930D9-C240-4494-B0BA-C49C2C0258C6}] => F:\Steam\steamapps\common\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [UDP Query User{834751BD-0472-49C5-8B84-EB5DF8EAC07E}D:\hry\valhalla hills\valhallahills\binaries\win64\valhallahills-win64-shipping.exe] => D:\hry\valhalla hills\valhallahills\binaries\win64\valhallahills-win64-shipping.exe
FirewallRules: [TCP Query User{23527184-AB63-4389-AD2A-AD4B9C21785B}D:\hry\valhalla hills\valhallahills\binaries\win64\valhallahills-win64-shipping.exe] => D:\hry\valhalla hills\valhallahills\binaries\win64\valhallahills-win64-shipping.exe
FirewallRules: [UDP Query User{B3A47F20-C097-4EC5-83C7-6A61C46827B1}F:\program files (x86)\city car driving\bin\win32\starter.exe] => F:\program files (x86)\city car driving\bin\win32\starter.exe
FirewallRules: [TCP Query User{A8C85F48-9655-424C-AF38-7695A4763C5D}F:\program files (x86)\city car driving\bin\win32\starter.exe] => F:\program files (x86)\city car driving\bin\win32\starter.exe
FirewallRules: [{8746F48B-10FD-4B5A-A7BE-C0FC8E0A0D23}] => F:\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{695EBAC3-7C0E-46E8-9178-7F779198A943}] => F:\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{ABCB09A0-8C93-4265-95B8-8E0D6ED871AD}] => F:\Steam\steamapps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{C1B5D1D2-F4F7-443D-B415-606183812599}] => F:\Steam\steamapps\common\Gunpoint\Gunpoint.exe
FirewallRules: [{0ABDDB12-47FF-4562-A4B0-451B191B8606}] => F:\Steam\steamapps\common\STALKER Clear Sky\bin\xrEngine.exe
FirewallRules: [{B4019A8C-593A-43A4-9E20-735691A4C98B}] => F:\Steam\steamapps\common\STALKER Clear Sky\bin\xrEngine.exe
FirewallRules: [UDP Query User{6693062F-E06B-4100-8DC7-1DCB9D914A26}F:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{5420AF3B-E14F-42B2-95C1-CFB92768CCA7}F:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe
FirewallRules: [{2A360B9C-CEDC-454D-8F17-83B4B3E29650}] => F:\Steam\steamapps\common\Underrail\underrail.exe
FirewallRules: [{1CCBDFE7-6EA4-40E9-9540-E41BA1E88FF8}] => F:\Steam\steamapps\common\Underrail\underrail.exe
FirewallRules: [UDP Query User{9F15526D-2DE7-46A3-B342-AF11A28D7001}F:\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => F:\gameforgelive\games\gbr_eng\tera\tera-launcher.exe
FirewallRules: [TCP Query User{51E2CDE2-FCA9-4A5C-9D65-FE907328FAC0}F:\gameforgelive\games\gbr_eng\tera\tera-launcher.exe] => F:\gameforgelive\games\gbr_eng\tera\tera-launcher.exe
FirewallRules: [UDP Query User{3F97C922-A235-45EF-A32F-6E3BD73EF082}F:\program files (x86)\heroes of the storm\versions\base39595\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base39595\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{F3B2BCF6-0240-4A3D-BF77-AF49C5E4D262}F:\program files (x86)\heroes of the storm\versions\base39595\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base39595\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{3F1D95C5-611F-4124-B5CC-C4CBC3317736}F:\program files (x86)\diablo iii\diablo iii.exe] => F:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{1C3076A0-AFD2-4F26-9FF1-7735B9E64741}F:\program files (x86)\diablo iii\diablo iii.exe] => F:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{4CF1642F-EEC2-4D46-95DC-F44074F91FB5}F:\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => F:\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{8FC62817-8D81-4C25-ACC8-1A26AFE5C715}F:\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => F:\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{C401DA3F-32FD-4AF2-9546-57F378F75B3C}] => F:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5662B720-3E38-4524-B7AF-4D05EBCEE9B8}] => F:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [UDP Query User{DC2F8F58-F1F5-4865-B67B-857D4684CADF}F:\program files (x86)\hearthstone\hearthstone.exe] => F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{2F49B7D2-B22F-439C-A065-2F67D1AB2FBF}F:\program files (x86)\hearthstone\hearthstone.exe] => F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{89EADDC9-2FB2-46E4-8087-FAEFBD02DCB2}D:\r.g. catalyst\e.y.e. divine cybermancy\eye.exe] => D:\r.g. catalyst\e.y.e. divine cybermancy\eye.exe
FirewallRules: [TCP Query User{A0AB8B34-56B8-422F-9490-493715C29677}D:\r.g. catalyst\e.y.e. divine cybermancy\eye.exe] => D:\r.g. catalyst\e.y.e. divine cybermancy\eye.exe
FirewallRules: [{85F212CC-20A2-4435-96EE-59C4A5F6872F}] => F:\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{99A4E378-8E7E-425A-9B3E-672B37456AB9}] => F:\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [UDP Query User{0128475D-C991-4E47-AEF1-B6EFA5242C14}F:\steam\steamapps\common\h1z1\h1z1.exe] => F:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{A569AA32-BFAD-4562-9B1F-2162DC600A51}F:\steam\steamapps\common\h1z1\h1z1.exe] => F:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{62E06760-D449-41AA-B9E1-CA3A1C749D3B}] => C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{3684CEFC-97A6-466C-8E67-E9BCEABA0F10}] => C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [UDP Query User{AE4E0F60-6D92-4532-B0D5-022C22F19D65}C:\users\bezrayer\appdata\roaming\spotify\spotify.exe] => C:\users\bezrayer\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{3C3CFCF8-E665-456F-981A-D800030DDCD5}C:\users\bezrayer\appdata\roaming\spotify\spotify.exe] => C:\users\bezrayer\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7E3A0692-6FBA-4794-99C2-FCA1F9914C30}F:\program files (x86)\hearthstone\hearthstone.exe] => F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{205B1DBA-ABB2-42ED-BB83-C966CFC819E2}F:\program files (x86)\hearthstone\hearthstone.exe] => F:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{B1F79CA5-8667-4130-B2AE-62FC86919E4C}] => C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{3BDE341D-3DC0-49A4-8078-96943BB99A38}] => C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [UDP Query User{2E12FB8E-EA63-47EF-AE23-A725F045A92F}F:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => F:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [TCP Query User{A6730A3F-A3BB-4D66-8284-EA245B8F9955}F:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => F:\steam\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [{88223153-D1C1-4F1E-BB0D-9E62DF011922}] => F:\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{40BE4EAC-D755-4D78-B8EB-5C61558BA533}] => F:\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{F342923A-6407-47BA-816B-53ED8E53CD3B}] => F:\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{00A7C52E-9519-4C01-A4F5-35AFA384B941}] => F:\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{03A8ACF0-AF6B-408C-A131-075C9F062544}] => F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{EC70E039-5A0F-4BC9-B00E-E3BF80FA6E8D}] => F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{688C9336-510D-447F-BEA2-897A994057B5}] => F:\Steam\Steam.exe
FirewallRules: [{F826800F-D975-4DBD-B13A-C6B4093C0630}] => F:\Steam\Steam.exe
FirewallRules: [UDP Query User{2D18AC43-29E5-4023-9117-21CB2DB7625F}C:\users\bezrayer\appdata\roaming\utorrent\utorrent.exe] => C:\users\bezrayer\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{FF043B03-7D58-4862-B16E-34CE0FFA5FC4}C:\users\bezrayer\appdata\roaming\utorrent\utorrent.exe] => C:\users\bezrayer\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{F2EBFEF0-83F3-482F-8EF7-1B821ADC22E0}] => C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [{295D0528-080E-489A-84D4-8807A923E5D2}] => C:\Program Files\Ventrilo\Ventrilo.exe
FirewallRules: [TCP Query User{9A797B29-3C4D-4A4B-AF4A-F4C277F7B2C9}D:\mass effect 3 complete edition\binaries\win32\masseffect3.exe] => D:\mass effect 3 complete edition\binaries\win32\masseffect3.exe
FirewallRules: [UDP Query User{5EFE35F0-705E-4DE0-9B6D-3F7C77BDFDC5}D:\mass effect 3 complete edition\binaries\win32\masseffect3.exe] => D:\mass effect 3 complete edition\binaries\win32\masseffect3.exe
FirewallRules: [{BE54A910-AAA5-41E3-9CDF-C34C9EE5B5D6}] => D:\Mr DJ\Borderlands The Pre Sequel\Binaries\Win32\Launcher.exe
FirewallRules: [{0FF4FE78-49F6-4A1E-B3AA-AAF75DD13ED6}] => D:\Mr DJ\Borderlands The Pre Sequel\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{D978DE1D-1DDC-41F2-8622-69A040BD7209}D:\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe] => D:\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{AD47A7EC-43F1-4362-B4EE-132283F877DC}D:\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe] => D:\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{B5ED3F43-099B-4535-8F81-6D30BD35E566}D:\mass effect 3 complete edition\binaries\win32\masseffect3.exe] => D:\mass effect 3 complete edition\binaries\win32\masseffect3.exe
FirewallRules: [UDP Query User{243E8787-33BD-444C-80AD-D1D21B7AE1FC}D:\mass effect 3 complete edition\binaries\win32\masseffect3.exe] => D:\mass effect 3 complete edition\binaries\win32\masseffect3.exe
FirewallRules: [TCP Query User{1F91C0F9-8E47-4783-986F-E1174CB8D31E}D:\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe] => D:\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{4ED807D4-7FB0-4A45-B31B-2C6BAA9C1994}D:\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe] => D:\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe
Asus M5A78L-M LX V2
AMD Athlon II X4 640
8GB DDR3 1333MHz
MSI Radeon HD5670 Cyclone 1G
Windows 10 Pro 64-bit
AMD Athlon II X4 640
8GB DDR3 1333MHz
MSI Radeon HD5670 Cyclone 1G
Windows 10 Pro 64-bit
Re: Preventivní kontrola
FirewallRules: [{92D31327-1BCA-46CF-85A2-6BA22865746C}] => C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{B0AFED60-B5EF-4221-97C0-350763198A38}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{859F4F68-0B55-4CD6-9C15-F4305A5A0CC5}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [TCP Query User{3638F4A6-B2FD-4126-86CC-AB04CA84C1D1}D:\grand ages - medieval\grandagesmedieval.exe] => D:\grand ages - medieval\grandagesmedieval.exe
FirewallRules: [UDP Query User{D20214A3-E850-4ECB-BBD9-371C0F34BA29}D:\grand ages - medieval\grandagesmedieval.exe] => D:\grand ages - medieval\grandagesmedieval.exe
FirewallRules: [TCP Query User{AD05FF6C-5FC9-4DF7-AFAE-651A9DEDDE29}D:\games\sword coast legends\swordcoast.exe] => D:\games\sword coast legends\swordcoast.exe
FirewallRules: [UDP Query User{6AA0E135-7FDD-4FA4-99E8-F292AD3521F5}D:\games\sword coast legends\swordcoast.exe] => D:\games\sword coast legends\swordcoast.exe
FirewallRules: [{F4AF4AC8-08B1-43B9-B686-9BB14DA05FB2}] => F:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{2E7FCB52-014A-4F64-9661-3417807697F4}] => F:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [TCP Query User{FE7612FE-5188-4E0F-807F-A05FAB1D5386}D:\r.g. catalyst\e.y.e. divine cybermancy\eye.exe] => D:\r.g. catalyst\e.y.e. divine cybermancy\eye.exe
FirewallRules: [UDP Query User{6E3F92A4-9741-4E8B-8424-340DC5011D04}D:\r.g. catalyst\e.y.e. divine cybermancy\eye.exe] => D:\r.g. catalyst\e.y.e. divine cybermancy\eye.exe
FirewallRules: [{F8E01472-85F0-43E5-BB7A-6FED6F4EFD53}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BF39E80D-D805-4778-A270-40B15DB89DB8}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EC6857D9-0ADE-4A65-B9E6-B43DD874E080}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1AC5EE6F-F040-4AC6-8E29-E047984F577A}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{20CD96D5-9199-4F33-8C5E-FBFF60FF8059}] => F:\Steam\steamapps\common\Super Puzzle Platformer Deluxe\SuperPuzzlePlatformerDeluxe.exe
FirewallRules: [{A0EBF49B-184D-4D25-A874-B9D40E5151F8}] => F:\Steam\steamapps\common\Super Puzzle Platformer Deluxe\SuperPuzzlePlatformerDeluxe.exe
FirewallRules: [TCP Query User{5E390A39-3284-4C31-8324-26DDBFB1CC26}F:\program files (x86)\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{FA96F3F6-4206-42BF-885B-5C0CE84D66C1}F:\program files (x86)\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe
FirewallRules: [{6330B3AF-90DD-4E08-8C84-841EE201F0CC}] => F:\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe
FirewallRules: [{00A12671-6A0E-49ED-AACC-F7CF9F60B45D}] => F:\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe
FirewallRules: [{E8C96444-0240-4F20-ACC7-048AF29C4720}] => F:\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe
FirewallRules: [{B8A5F0F9-DBF4-4C2E-B449-4DFCB08BC5BC}] => F:\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe
FirewallRules: [TCP Query User{431D5E2A-E7D1-4E7C-9742-8291B5400EB5}F:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{8CE9EF0C-19BC-4697-A119-486C9B2748C4}F:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
FirewallRules: [{470C0D50-FCF5-4FDE-ABCD-EE6989CA2463}] => F:\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{94EDEC92-5FFE-4BC8-8D49-20B18E25C64A}] => F:\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{2F7EFC49-940E-48E1-A0F6-377FD8AA1902}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{07F1690F-A6F0-4374-84D9-351281C56EBE}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{2F9FE3FB-8969-4D6F-8771-8103C28499C4}] => F:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{FF0ACE36-ED77-4691-8443-F8824E8B0289}] => F:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [TCP Query User{6EA4532D-0282-4A5E-A9BA-1B4FB040B63B}F:\program files (x86)\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{FEE55CB4-3BE3-4746-99F4-0039BEE9422C}F:\program files (x86)\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe
FirewallRules: [{40C86EB4-5274-42CF-AA85-FD806496FE64}] => F:\Steam\steamapps\common\CrossCode\crosscode-beta.exe
FirewallRules: [{E0B0B244-37E1-49E9-A0E3-927A49C3C44A}] => F:\Steam\steamapps\common\CrossCode\crosscode-beta.exe
FirewallRules: [{31B26BD4-C4B4-4B33-A583-CD275968469D}] => F:\Steam\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{2CF83EDF-4717-4277-A190-4D70C6BCCB99}] => F:\Steam\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{7D193EAA-2799-42A2-A1B4-A74CB5123C1B}] => F:\Steam\steamapps\common\Duke Nukem Manhatten Project\prism3d.exe
FirewallRules: [{94286514-F80F-4FEA-A2D5-683623809F5C}] => F:\Steam\steamapps\common\Duke Nukem Manhatten Project\prism3d.exe
FirewallRules: [{1867D510-283E-4BBD-83B8-8445B283219E}] => F:\Steam\steamapps\common\Duke Nukem Manhatten Project\DukeNukemManhattanLauncher.exe
FirewallRules: [{3CD9C171-40CA-42A9-8239-E818985AEF0F}] => F:\Steam\steamapps\common\Duke Nukem Manhatten Project\DukeNukemManhattanLauncher.exe
FirewallRules: [TCP Query User{FFCD566C-A0E1-4954-9A4E-AB1AEA774F0D}D:\the turning point\theturingtest\binaries\win64\theturingtest.exe] => D:\the turning point\theturingtest\binaries\win64\theturingtest.exe
FirewallRules: [UDP Query User{2623A2B9-B2F0-42EE-BEFA-49DA9861CFDF}D:\the turning point\theturingtest\binaries\win64\theturingtest.exe] => D:\the turning point\theturingtest\binaries\win64\theturingtest.exe
FirewallRules: [{1CDF2684-45EE-4BC6-91D9-BBFCACD5D131}] => F:\Steam\steamapps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{8B4A0AEC-FF92-46E4-B681-A54021117E58}] => F:\Steam\steamapps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [TCP Query User{B6280EB4-D14D-429E-A334-1F2D7EFE6D50}F:\program files (x86)\heroes of the storm\versions\base46158\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base46158\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{12DBC74A-852E-49E8-B789-5D70F6C18AC8}F:\program files (x86)\heroes of the storm\versions\base46158\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base46158\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{E57A9578-BEE0-454C-99B9-A7BC29D39CF9}D:\games\event[0]\event0.exe] => D:\games\event[0]\event0.exe
FirewallRules: [UDP Query User{1E139A4E-ACCC-405C-B331-2F5DF7AAC82D}D:\games\event[0]\event0.exe] => D:\games\event[0]\event0.exe
FirewallRules: [{C53BEDBC-D493-4219-B894-78A10E896A1F}] => F:\Steam\steamapps\common\BattleriteBeta\Battlerite.exe
FirewallRules: [{AAF7105A-4F21-4B0F-B35E-FC8020D49BBE}] => F:\Steam\steamapps\common\BattleriteBeta\Battlerite.exe
FirewallRules: [{87F6623B-49BA-4ED5-9550-EA9857B76683}] => F:\Steam\steamapps\common\AlienRage\Singleplayer\Binaries\Win32\ShippingPC-AFEARGame.exe
FirewallRules: [{B299C9B2-A114-475C-9D1D-4F9E82588CB0}] => F:\Steam\steamapps\common\AlienRage\Singleplayer\Binaries\Win32\ShippingPC-AFEARGame.exe
FirewallRules: [{ECA5D51F-EB14-4F91-8941-A6D8EB586CAA}] => F:\Steam\steamapps\common\AlienRage\Multiplayer\Binaries\Win32\ARageMP.exe
FirewallRules: [{1860400D-D0F8-4A2D-AB40-5A87A33AEE2C}] => F:\Steam\steamapps\common\AlienRage\Multiplayer\Binaries\Win32\ARageMP.exe
FirewallRules: [TCP Query User{6BFC7B63-BB46-449D-ADFC-51D1E25A6779}D:\games\dragon age - origins\bin_ship\daorigins.exe] => D:\games\dragon age - origins\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{97F7A994-90C6-47DD-AEC0-881B36EB37DA}D:\games\dragon age - origins\bin_ship\daorigins.exe] => D:\games\dragon age - origins\bin_ship\daorigins.exe
FirewallRules: [{00AD9A12-0510-44BA-A549-F048E5D2C54D}] => F:\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{D2CC202D-A6B3-4576-8CFA-A84045DB0917}] => F:\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{F80F3F55-BFD3-4218-B669-F8A6204EE1A2}] => F:\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{5D7C98BE-0AAC-4108-A28F-4467626C80EA}] => F:\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [TCP Query User{F176E118-07AA-4891-A7F5-601E16D066D3}F:\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => F:\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{4F83369E-CB73-464C-B1D0-4937F473C7D5}F:\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => F:\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{E9106BE2-10DF-41E5-944E-406F707024D2}F:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{5F442C2E-4D3A-400E-A0A3-E50C7969F96A}F:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe
FirewallRules: [{4A7E0612-8CA1-45F4-B462-1FDFB01F8EE3}] => F:\Steam\steamapps\common\Infested Planet\InfestedPlanet.exe
FirewallRules: [{D64ED29C-1ED4-41AD-B28B-C48B1AF98236}] => F:\Steam\steamapps\common\Infested Planet\InfestedPlanet.exe
FirewallRules: [{E9AEC11F-04DA-40B0-A32F-C89FD480D86A}] => D:\Games\Mr DJ\Borderlands The Pre Sequel\Binaries\Win32\Launcher.exe
FirewallRules: [{F950541A-E6CA-4E08-90BD-1B62FE8A2682}] => D:\Games\Mr DJ\Borderlands The Pre Sequel\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{D30071F4-3CE1-4DE0-8A15-7EDDD8C20F17}D:\games\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe] => D:\games\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{8C00B105-8717-4BB3-84BA-09500E683014}D:\games\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe] => D:\games\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{F1453889-D642-44B9-91E5-9657631C1D5A}D:\games\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe] => D:\games\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{EFBE1A5F-7447-4DB8-AC08-3F81CEB6C8E0}D:\games\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe] => D:\games\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{D7125AD0-010A-45B1-830A-56EA14AD4D7A}] => F:\Steam\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{FE6EA7F0-E246-4238-8CC9-8A471A748864}] => F:\Steam\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{D680380F-3C5B-4715-80F0-88545CA408D6}] => F:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{ACC0C985-3712-41C7-B02F-580E17182AB9}] => F:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{DFC75F94-E565-4A9E-8D5E-981611CDB1B0}] => F:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{92CFF773-4A52-4AFF-B813-0C73270F56B1}] => F:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{196BBAA9-93F4-4DEF-9C6B-2A2B1CB293D5}] => F:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{93E2C59E-C45A-4CF4-ABD5-7F5DBB5E4733}] => F:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{6DE2F479-785E-4679-A860-BD5C5B26A7A3}] => F:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{07123603-2C65-42D3-8768-7863D9E75A36}] => F:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{1F7DBC2B-1C37-4639-B102-A17CBEDF212D}] => F:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{6ADD0467-D475-4ADC-9FAD-7CDDC067F1CB}] => F:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{252872A3-D824-4521-9FF3-B1887F232566}] => F:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{D5027169-AD3B-40FD-B1A4-F26B1FD6EC66}] => F:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{7F9D9071-422A-4BE6-8842-7D507FC79263}] => C:\Users\Bezrayer\AppData\Local\LINE\bin\4.10.0.1237\LINE.exe
FirewallRules: [{791E07AC-F005-4851-A29F-35A5C5190544}] => C:\Users\Bezrayer\AppData\Local\LINE\bin\4.10.0.1237\LINE.exe
FirewallRules: [{81AA5C32-366B-4008-AAC4-95D4A69439E4}] => C:\Users\Bezrayer\AppData\Local\LINE\bin\4.10.0.1237\LineUpdater.exe
FirewallRules: [{75009AD2-C9A7-485A-B487-8A070481FAFD}] => C:\Users\Bezrayer\AppData\Local\LINE\bin\4.10.0.1237\LineUpdater.exe
FirewallRules: [TCP Query User{E26B85BC-9D89-4E5C-9636-B81988EB6155}D:\games\dead island - definitive collection\dead island riptide de\deadislandriptidegame.exe] => D:\games\dead island - definitive collection\dead island riptide de\deadislandriptidegame.exe
FirewallRules: [UDP Query User{A20E8B4A-501B-45BA-A7E5-4A772E862374}D:\games\dead island - definitive collection\dead island riptide de\deadislandriptidegame.exe] => D:\games\dead island - definitive collection\dead island riptide de\deadislandriptidegame.exe
FirewallRules: [{D4DD2990-2458-4672-AF32-91C0C0628B16}] => F:\Steam\steamapps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [{AC819714-1092-4635-BA2C-1239F07FB2A0}] => F:\Steam\steamapps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [TCP Query User{59B7D5AA-7F8C-43C5-94E9-92A5DCAF025C}D:\games\dead island - definitive collection\dead island de\deadislandgame.exe] => D:\games\dead island - definitive collection\dead island de\deadislandgame.exe
FirewallRules: [UDP Query User{85BC2E48-19F4-4360-B06D-AD314E413141}D:\games\dead island - definitive collection\dead island de\deadislandgame.exe] => D:\games\dead island - definitive collection\dead island de\deadislandgame.exe
FirewallRules: [{1A0618B3-F304-43DC-87CA-35A5D7AA335F}] => F:\Steam\steamapps\common\Shadowverse\Shadowverse.exe
FirewallRules: [{1088B348-6150-4151-A185-E4CC9C51191E}] => F:\Steam\steamapps\common\Shadowverse\Shadowverse.exe
FirewallRules: [{7D3B5BCF-D035-4A43-B338-71959F0BA34E}] => F:\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{3F6A9AB8-6A74-4E62-9039-AF8599B7E3B4}] => F:\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{4AC7A5BA-905B-41FF-A3BD-9BFDBE90F77E}] => F:\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{2AAF210F-F689-4710-A1FE-5D51E3E0E8EB}] => F:\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{6B75C355-16C3-4551-86D3-D6361142AC49}] => F:\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{548F84FC-29B9-4968-8632-5CC37910EB63}] => F:\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{0E6E6A43-64BF-45D7-B119-585A24C1A14A}] => F:\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{76ADF5C9-0406-40C5-9BCA-DB8508DB3D53}] => F:\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{DBC9F095-8F39-4B3E-ACC2-AAAA78C6BDD2}] => F:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{70451412-777D-4F3D-B1F9-F640864DD4A2}] => F:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{9D16C3F9-4EEE-4BF8-9242-9FCC4DB6B95A}] => C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{67207846-CE1B-49E0-B2FD-009A3ADC0FC4}] => C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{B42D2B26-4B6B-4B51-BE0D-8D970C07B182}] => F:\Steam\steamapps\common\FEZ\FEZ.exe
FirewallRules: [{2FF60208-207F-448D-B27B-46FD4D6F4B7E}] => F:\Steam\steamapps\common\FEZ\FEZ.exe
FirewallRules: [{913D1297-4F15-4120-A491-B7B4D8735ADC}] => F:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{DEA22E3D-7DB0-40A4-82F6-FC861DAA8C17}] => F:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C4FAB58C-E10F-4C7F-BD03-40056F2CB73E}] => F:\Steam\steamapps\common\Gnomoria\Gnomoria.exe
FirewallRules: [{795E85EF-FDEC-4063-9005-E17FD38E3908}] => F:\Steam\steamapps\common\Gnomoria\Gnomoria.exe
FirewallRules: [TCP Query User{44521CA2-46A6-4BEF-95FC-D5DD63D91BC4}D:\games\dead age\deadage.exe] => D:\games\dead age\deadage.exe
FirewallRules: [UDP Query User{B746EF90-F36A-4D83-9332-2875F544271B}D:\games\dead age\deadage.exe] => D:\games\dead age\deadage.exe
FirewallRules: [TCP Query User{267BC0C8-91E8-4868-AB73-5F843323741F}C:\users\bezrayer\desktop\roguelands.v1.4\roguelands.exe] => C:\users\bezrayer\desktop\roguelands.v1.4\roguelands.exe
FirewallRules: [UDP Query User{CAEDDAD3-4424-4FC7-8283-FDE2422A1C26}C:\users\bezrayer\desktop\roguelands.v1.4\roguelands.exe] => C:\users\bezrayer\desktop\roguelands.v1.4\roguelands.exe
FirewallRules: [TCP Query User{D08DE031-B5ED-4918-A20D-4531E0640D75}C:\users\bezrayer\desktop\enter.the.gungeon.v1.0.11\etg.exe] => C:\users\bezrayer\desktop\enter.the.gungeon.v1.0.11\etg.exe
FirewallRules: [UDP Query User{E0112C90-3AAE-4396-B792-4BEF30CD7D0F}C:\users\bezrayer\desktop\enter.the.gungeon.v1.0.11\etg.exe] => C:\users\bezrayer\desktop\enter.the.gungeon.v1.0.11\etg.exe
FirewallRules: [{29C52A7A-8052-4F06-83E9-EDA2C8727E86}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{413B46AC-2935-4B19-A70F-FA820913BC76}C:\users\bezrayer\appdata\local\mycomgames\mycomgames.exe] => C:\users\bezrayer\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{327F6968-7AB5-4132-A777-829C89177494}C:\users\bezrayer\appdata\local\mycomgames\mycomgames.exe] => C:\users\bezrayer\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{EA78E6A4-7F21-4DAB-8825-FA077D5B1154}] => F:\Steam\steamapps\common\The Incredible Adventures of Van Helsing II\VanHelsing.exe
FirewallRules: [{337E9833-EBD5-43A4-B694-E6D10C730BFB}] => F:\Steam\steamapps\common\The Incredible Adventures of Van Helsing II\VanHelsing.exe
FirewallRules: [{31E739A6-1617-460D-A643-AE659C37B55D}] => F:\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{DF2DD90E-3507-4A3B-BC87-BFA64A845D4F}] => F:\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [TCP Query User{4BCBE667-472F-43B9-89BA-58CA9AFE3878}C:\users\bezrayer\desktop\orwell.episode.1-5\orwell.exe] => C:\users\bezrayer\desktop\orwell.episode.1-5\orwell.exe
FirewallRules: [UDP Query User{7AFFD7AC-CB5A-418E-8AAD-615DA6FDDC50}C:\users\bezrayer\desktop\orwell.episode.1-5\orwell.exe] => C:\users\bezrayer\desktop\orwell.episode.1-5\orwell.exe
FirewallRules: [TCP Query User{F18752E8-2ACB-45E0-A805-04A0AD28608F}D:\games\gog\gwent\gwent.exe] => D:\games\gog\gwent\gwent.exe
FirewallRules: [UDP Query User{E94312C4-4AD4-4ECE-AAFC-9DB37A30DF94}D:\games\gog\gwent\gwent.exe] => D:\games\gog\gwent\gwent.exe
FirewallRules: [{5B258577-1D5A-4EA9-A572-25216CC1EB69}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{88038A6E-E17C-4A0A-AA0F-FC9F1F3AE312}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{62287AE3-DBD4-4F61-834E-4FE7220AF649}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{C6F0B3CB-D66F-4BFB-A0A2-2F14244514D4}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{7DC662CE-63D6-4344-9FD7-2038BF8AB0C9}] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{57C0A874-2A90-48E9-BC30-B291EEB41A3D}] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{EA612809-886A-4709-85B6-6A56B252CF77}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9F3333B1-4E99-4628-8264-14CF1A9D5D21}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Restore Points =========================
29-11-2016 12:31:21 Scheduled Checkpoint
06-12-2016 17:47:33 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
Name: HighSpeed USB-Ethernet Adapter
Description: HighSpeed USB-Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ASIX
Service: MOSUMAC
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: rt640x64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/07/2016 09:16:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.14393.447, časové razítko: 0x5819bde0
Název chybujícího modulu: windows.immersiveshell.serviceprovider.dll, verze: 10.0.14393.0, časové razítko: 0x57899873
Kód výjimky: 0x80270233
Posun chyby: 0x0000000000033c25
ID chybujícího procesu: 0x17e8
Čas spuštění chybující aplikace: 0x01d250622f78a8de
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
ID zprávy: ba6727d9-1054-4e47-825f-1195e89c6628
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/07/2016 09:15:27 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
Error: (12/06/2016 07:26:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.14393.0, časové razítko: 0x57899ab2
Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.447, časové razítko: 0x5819bc32
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000f7423
ID chybujícího procesu: 0x1d5c
Čas spuštění chybující aplikace: 0x01d24fee178316a2
Cesta k chybující aplikaci: C:\WINDOWS\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: df8c2b46-4f42-496b-90b0-829215507e81
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/06/2016 06:06:01 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
Error: (12/06/2016 05:47:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (12/06/2016 05:43:44 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
Error: (12/06/2016 05:41:59 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Razer\Razer Cortex\StreamingServicesAPI.dll.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Razer\Razer Cortex\StreamingServicesAPI.dll.Manifest na řádku 2.
Hodnota F:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dll atributu name v prvku urn:schemas-microsoft-com:asm.v1^file je neplatná.
Error: (12/06/2016 10:12:45 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Razer\Razer Cortex\StreamingServicesAPI.dll.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Razer\Razer Cortex\StreamingServicesAPI.dll.Manifest na řádku 2.
Hodnota F:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dll atributu name v prvku urn:schemas-microsoft-com:asm.v1^file je neplatná.
Error: (12/06/2016 10:05:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.14393.447, časové razítko: 0x5819bdb2
Název chybujícího modulu: SearchUI.exe, verze: 10.0.14393.447, časové razítko: 0x5819bdb2
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000174975
ID chybujícího procesu: 0x1440
Čas spuštění chybující aplikace: 0x01d24f9fd6034194
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta k chybujícímu modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
ID zprávy: 49887de7-306b-4238-a3ce-34f4e7a8fa71
Úplný název chybujícího balíčku: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI
Error: (12/06/2016 10:04:14 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
System errors:
=============
Error: (12/07/2016 09:16:12 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (12/07/2016 09:15:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/07/2016 09:15:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Razer Game Scanner Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/07/2016 09:15:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).
Error: (12/07/2016 09:15:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Razer Game Scanner Service bylo dosaženo časového limitu (30000 ms).
Error: (12/07/2016 09:08:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Razer Game Scanner byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restart the service.
Error: (12/06/2016 11:03:36 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (12/06/2016 11:03:35 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (12/06/2016 11:03:35 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (12/06/2016 11:03:35 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
CodeIntegrity:
===================================
Date: 2016-09-22 17:18:30.055
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-22 17:18:30.049
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-22 17:18:30.029
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-22 17:18:29.995
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-22 17:17:59.913
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-22 17:17:59.906
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-22 17:17:59.893
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-22 17:17:59.883
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-22 17:17:59.871
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-22 17:17:59.839
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X4 640 Processor
Percentage of memory in use: 25%
Total physical RAM: 8190.11 MB
Available physical RAM: 6077.58 MB
Total Virtual: 9470.11 MB
Available Virtual: 7458.16 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:219.15 GB) (Free:118.66 GB) NTFS
Drive d: (Iomega HDD) (Fixed) (Total:931.51 GB) (Free:224.37 GB) NTFS
Drive f: () (Fixed) (Total:478.95 GB) (Free:239.15 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or
(Size: 698.6 GB) (Disk ID: E7D220ED)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=219.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=478.9 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 78177470)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
FirewallRules: [{B0AFED60-B5EF-4221-97C0-350763198A38}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{859F4F68-0B55-4CD6-9C15-F4305A5A0CC5}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [TCP Query User{3638F4A6-B2FD-4126-86CC-AB04CA84C1D1}D:\grand ages - medieval\grandagesmedieval.exe] => D:\grand ages - medieval\grandagesmedieval.exe
FirewallRules: [UDP Query User{D20214A3-E850-4ECB-BBD9-371C0F34BA29}D:\grand ages - medieval\grandagesmedieval.exe] => D:\grand ages - medieval\grandagesmedieval.exe
FirewallRules: [TCP Query User{AD05FF6C-5FC9-4DF7-AFAE-651A9DEDDE29}D:\games\sword coast legends\swordcoast.exe] => D:\games\sword coast legends\swordcoast.exe
FirewallRules: [UDP Query User{6AA0E135-7FDD-4FA4-99E8-F292AD3521F5}D:\games\sword coast legends\swordcoast.exe] => D:\games\sword coast legends\swordcoast.exe
FirewallRules: [{F4AF4AC8-08B1-43B9-B686-9BB14DA05FB2}] => F:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{2E7FCB52-014A-4F64-9661-3417807697F4}] => F:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [TCP Query User{FE7612FE-5188-4E0F-807F-A05FAB1D5386}D:\r.g. catalyst\e.y.e. divine cybermancy\eye.exe] => D:\r.g. catalyst\e.y.e. divine cybermancy\eye.exe
FirewallRules: [UDP Query User{6E3F92A4-9741-4E8B-8424-340DC5011D04}D:\r.g. catalyst\e.y.e. divine cybermancy\eye.exe] => D:\r.g. catalyst\e.y.e. divine cybermancy\eye.exe
FirewallRules: [{F8E01472-85F0-43E5-BB7A-6FED6F4EFD53}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BF39E80D-D805-4778-A270-40B15DB89DB8}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EC6857D9-0ADE-4A65-B9E6-B43DD874E080}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1AC5EE6F-F040-4AC6-8E29-E047984F577A}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{20CD96D5-9199-4F33-8C5E-FBFF60FF8059}] => F:\Steam\steamapps\common\Super Puzzle Platformer Deluxe\SuperPuzzlePlatformerDeluxe.exe
FirewallRules: [{A0EBF49B-184D-4D25-A874-B9D40E5151F8}] => F:\Steam\steamapps\common\Super Puzzle Platformer Deluxe\SuperPuzzlePlatformerDeluxe.exe
FirewallRules: [TCP Query User{5E390A39-3284-4C31-8324-26DDBFB1CC26}F:\program files (x86)\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{FA96F3F6-4206-42BF-885B-5C0CE84D66C1}F:\program files (x86)\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe
FirewallRules: [{6330B3AF-90DD-4E08-8C84-841EE201F0CC}] => F:\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe
FirewallRules: [{00A12671-6A0E-49ED-AACC-F7CF9F60B45D}] => F:\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe
FirewallRules: [{E8C96444-0240-4F20-ACC7-048AF29C4720}] => F:\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe
FirewallRules: [{B8A5F0F9-DBF4-4C2E-B449-4DFCB08BC5BC}] => F:\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe
FirewallRules: [TCP Query User{431D5E2A-E7D1-4E7C-9742-8291B5400EB5}F:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{8CE9EF0C-19BC-4697-A119-486C9B2748C4}F:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
FirewallRules: [{470C0D50-FCF5-4FDE-ABCD-EE6989CA2463}] => F:\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{94EDEC92-5FFE-4BC8-8D49-20B18E25C64A}] => F:\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{2F7EFC49-940E-48E1-A0F6-377FD8AA1902}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{07F1690F-A6F0-4374-84D9-351281C56EBE}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{2F9FE3FB-8969-4D6F-8771-8103C28499C4}] => F:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{FF0ACE36-ED77-4691-8443-F8824E8B0289}] => F:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [TCP Query User{6EA4532D-0282-4A5E-A9BA-1B4FB040B63B}F:\program files (x86)\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{FEE55CB4-3BE3-4746-99F4-0039BEE9422C}F:\program files (x86)\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe
FirewallRules: [{40C86EB4-5274-42CF-AA85-FD806496FE64}] => F:\Steam\steamapps\common\CrossCode\crosscode-beta.exe
FirewallRules: [{E0B0B244-37E1-49E9-A0E3-927A49C3C44A}] => F:\Steam\steamapps\common\CrossCode\crosscode-beta.exe
FirewallRules: [{31B26BD4-C4B4-4B33-A583-CD275968469D}] => F:\Steam\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{2CF83EDF-4717-4277-A190-4D70C6BCCB99}] => F:\Steam\steamapps\common\Lichdom Battlemage\Bin64\LichdomBattlemage.exe
FirewallRules: [{7D193EAA-2799-42A2-A1B4-A74CB5123C1B}] => F:\Steam\steamapps\common\Duke Nukem Manhatten Project\prism3d.exe
FirewallRules: [{94286514-F80F-4FEA-A2D5-683623809F5C}] => F:\Steam\steamapps\common\Duke Nukem Manhatten Project\prism3d.exe
FirewallRules: [{1867D510-283E-4BBD-83B8-8445B283219E}] => F:\Steam\steamapps\common\Duke Nukem Manhatten Project\DukeNukemManhattanLauncher.exe
FirewallRules: [{3CD9C171-40CA-42A9-8239-E818985AEF0F}] => F:\Steam\steamapps\common\Duke Nukem Manhatten Project\DukeNukemManhattanLauncher.exe
FirewallRules: [TCP Query User{FFCD566C-A0E1-4954-9A4E-AB1AEA774F0D}D:\the turning point\theturingtest\binaries\win64\theturingtest.exe] => D:\the turning point\theturingtest\binaries\win64\theturingtest.exe
FirewallRules: [UDP Query User{2623A2B9-B2F0-42EE-BEFA-49DA9861CFDF}D:\the turning point\theturingtest\binaries\win64\theturingtest.exe] => D:\the turning point\theturingtest\binaries\win64\theturingtest.exe
FirewallRules: [{1CDF2684-45EE-4BC6-91D9-BBFCACD5D131}] => F:\Steam\steamapps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [{8B4A0AEC-FF92-46E4-B681-A54021117E58}] => F:\Steam\steamapps\common\Dawn of War II - Retribution\DOW2.exe
FirewallRules: [TCP Query User{B6280EB4-D14D-429E-A334-1F2D7EFE6D50}F:\program files (x86)\heroes of the storm\versions\base46158\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base46158\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{12DBC74A-852E-49E8-B789-5D70F6C18AC8}F:\program files (x86)\heroes of the storm\versions\base46158\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base46158\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{E57A9578-BEE0-454C-99B9-A7BC29D39CF9}D:\games\event[0]\event0.exe] => D:\games\event[0]\event0.exe
FirewallRules: [UDP Query User{1E139A4E-ACCC-405C-B331-2F5DF7AAC82D}D:\games\event[0]\event0.exe] => D:\games\event[0]\event0.exe
FirewallRules: [{C53BEDBC-D493-4219-B894-78A10E896A1F}] => F:\Steam\steamapps\common\BattleriteBeta\Battlerite.exe
FirewallRules: [{AAF7105A-4F21-4B0F-B35E-FC8020D49BBE}] => F:\Steam\steamapps\common\BattleriteBeta\Battlerite.exe
FirewallRules: [{87F6623B-49BA-4ED5-9550-EA9857B76683}] => F:\Steam\steamapps\common\AlienRage\Singleplayer\Binaries\Win32\ShippingPC-AFEARGame.exe
FirewallRules: [{B299C9B2-A114-475C-9D1D-4F9E82588CB0}] => F:\Steam\steamapps\common\AlienRage\Singleplayer\Binaries\Win32\ShippingPC-AFEARGame.exe
FirewallRules: [{ECA5D51F-EB14-4F91-8941-A6D8EB586CAA}] => F:\Steam\steamapps\common\AlienRage\Multiplayer\Binaries\Win32\ARageMP.exe
FirewallRules: [{1860400D-D0F8-4A2D-AB40-5A87A33AEE2C}] => F:\Steam\steamapps\common\AlienRage\Multiplayer\Binaries\Win32\ARageMP.exe
FirewallRules: [TCP Query User{6BFC7B63-BB46-449D-ADFC-51D1E25A6779}D:\games\dragon age - origins\bin_ship\daorigins.exe] => D:\games\dragon age - origins\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{97F7A994-90C6-47DD-AEC0-881B36EB37DA}D:\games\dragon age - origins\bin_ship\daorigins.exe] => D:\games\dragon age - origins\bin_ship\daorigins.exe
FirewallRules: [{00AD9A12-0510-44BA-A549-F048E5D2C54D}] => F:\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{D2CC202D-A6B3-4576-8CFA-A84045DB0917}] => F:\Steam\steamapps\common\Battlerite\Battlerite.exe
FirewallRules: [{F80F3F55-BFD3-4218-B669-F8A6204EE1A2}] => F:\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{5D7C98BE-0AAC-4108-A28F-4467626C80EA}] => F:\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [TCP Query User{F176E118-07AA-4891-A7F5-601E16D066D3}F:\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => F:\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{4F83369E-CB73-464C-B1D0-4937F473C7D5}F:\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => F:\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{E9106BE2-10DF-41E5-944E-406F707024D2}F:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{5F442C2E-4D3A-400E-A0A3-E50C7969F96A}F:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe] => F:\program files (x86)\heroes of the storm\versions\base46690\heroesofthestorm_x64.exe
FirewallRules: [{4A7E0612-8CA1-45F4-B462-1FDFB01F8EE3}] => F:\Steam\steamapps\common\Infested Planet\InfestedPlanet.exe
FirewallRules: [{D64ED29C-1ED4-41AD-B28B-C48B1AF98236}] => F:\Steam\steamapps\common\Infested Planet\InfestedPlanet.exe
FirewallRules: [{E9AEC11F-04DA-40B0-A32F-C89FD480D86A}] => D:\Games\Mr DJ\Borderlands The Pre Sequel\Binaries\Win32\Launcher.exe
FirewallRules: [{F950541A-E6CA-4E08-90BD-1B62FE8A2682}] => D:\Games\Mr DJ\Borderlands The Pre Sequel\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{D30071F4-3CE1-4DE0-8A15-7EDDD8C20F17}D:\games\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe] => D:\games\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{8C00B105-8717-4BB3-84BA-09500E683014}D:\games\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe] => D:\games\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [TCP Query User{F1453889-D642-44B9-91E5-9657631C1D5A}D:\games\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe] => D:\games\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{EFBE1A5F-7447-4DB8-AC08-3F81CEB6C8E0}D:\games\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe] => D:\games\mr dj\borderlands the pre sequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{D7125AD0-010A-45B1-830A-56EA14AD4D7A}] => F:\Steam\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{FE6EA7F0-E246-4238-8CC9-8A471A748864}] => F:\Steam\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{D680380F-3C5B-4715-80F0-88545CA408D6}] => F:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{ACC0C985-3712-41C7-B02F-580E17182AB9}] => F:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{DFC75F94-E565-4A9E-8D5E-981611CDB1B0}] => F:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{92CFF773-4A52-4AFF-B813-0C73270F56B1}] => F:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{196BBAA9-93F4-4DEF-9C6B-2A2B1CB293D5}] => F:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{93E2C59E-C45A-4CF4-ABD5-7F5DBB5E4733}] => F:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{6DE2F479-785E-4679-A860-BD5C5B26A7A3}] => F:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{07123603-2C65-42D3-8768-7863D9E75A36}] => F:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{1F7DBC2B-1C37-4639-B102-A17CBEDF212D}] => F:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{6ADD0467-D475-4ADC-9FAD-7CDDC067F1CB}] => F:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{252872A3-D824-4521-9FF3-B1887F232566}] => F:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{D5027169-AD3B-40FD-B1A4-F26B1FD6EC66}] => F:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{7F9D9071-422A-4BE6-8842-7D507FC79263}] => C:\Users\Bezrayer\AppData\Local\LINE\bin\4.10.0.1237\LINE.exe
FirewallRules: [{791E07AC-F005-4851-A29F-35A5C5190544}] => C:\Users\Bezrayer\AppData\Local\LINE\bin\4.10.0.1237\LINE.exe
FirewallRules: [{81AA5C32-366B-4008-AAC4-95D4A69439E4}] => C:\Users\Bezrayer\AppData\Local\LINE\bin\4.10.0.1237\LineUpdater.exe
FirewallRules: [{75009AD2-C9A7-485A-B487-8A070481FAFD}] => C:\Users\Bezrayer\AppData\Local\LINE\bin\4.10.0.1237\LineUpdater.exe
FirewallRules: [TCP Query User{E26B85BC-9D89-4E5C-9636-B81988EB6155}D:\games\dead island - definitive collection\dead island riptide de\deadislandriptidegame.exe] => D:\games\dead island - definitive collection\dead island riptide de\deadislandriptidegame.exe
FirewallRules: [UDP Query User{A20E8B4A-501B-45BA-A7E5-4A772E862374}D:\games\dead island - definitive collection\dead island riptide de\deadislandriptidegame.exe] => D:\games\dead island - definitive collection\dead island riptide de\deadislandriptidegame.exe
FirewallRules: [{D4DD2990-2458-4672-AF32-91C0C0628B16}] => F:\Steam\steamapps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [{AC819714-1092-4635-BA2C-1239F07FB2A0}] => F:\Steam\steamapps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [TCP Query User{59B7D5AA-7F8C-43C5-94E9-92A5DCAF025C}D:\games\dead island - definitive collection\dead island de\deadislandgame.exe] => D:\games\dead island - definitive collection\dead island de\deadislandgame.exe
FirewallRules: [UDP Query User{85BC2E48-19F4-4360-B06D-AD314E413141}D:\games\dead island - definitive collection\dead island de\deadislandgame.exe] => D:\games\dead island - definitive collection\dead island de\deadislandgame.exe
FirewallRules: [{1A0618B3-F304-43DC-87CA-35A5D7AA335F}] => F:\Steam\steamapps\common\Shadowverse\Shadowverse.exe
FirewallRules: [{1088B348-6150-4151-A185-E4CC9C51191E}] => F:\Steam\steamapps\common\Shadowverse\Shadowverse.exe
FirewallRules: [{7D3B5BCF-D035-4A43-B338-71959F0BA34E}] => F:\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{3F6A9AB8-6A74-4E62-9039-AF8599B7E3B4}] => F:\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{4AC7A5BA-905B-41FF-A3BD-9BFDBE90F77E}] => F:\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{2AAF210F-F689-4710-A1FE-5D51E3E0E8EB}] => F:\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{6B75C355-16C3-4551-86D3-D6361142AC49}] => F:\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{548F84FC-29B9-4968-8632-5CC37910EB63}] => F:\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{0E6E6A43-64BF-45D7-B119-585A24C1A14A}] => F:\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{76ADF5C9-0406-40C5-9BCA-DB8508DB3D53}] => F:\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{DBC9F095-8F39-4B3E-ACC2-AAAA78C6BDD2}] => F:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{70451412-777D-4F3D-B1F9-F640864DD4A2}] => F:\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{9D16C3F9-4EEE-4BF8-9242-9FCC4DB6B95A}] => C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{67207846-CE1B-49E0-B2FD-009A3ADC0FC4}] => C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{B42D2B26-4B6B-4B51-BE0D-8D970C07B182}] => F:\Steam\steamapps\common\FEZ\FEZ.exe
FirewallRules: [{2FF60208-207F-448D-B27B-46FD4D6F4B7E}] => F:\Steam\steamapps\common\FEZ\FEZ.exe
FirewallRules: [{913D1297-4F15-4120-A491-B7B4D8735ADC}] => F:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{DEA22E3D-7DB0-40A4-82F6-FC861DAA8C17}] => F:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C4FAB58C-E10F-4C7F-BD03-40056F2CB73E}] => F:\Steam\steamapps\common\Gnomoria\Gnomoria.exe
FirewallRules: [{795E85EF-FDEC-4063-9005-E17FD38E3908}] => F:\Steam\steamapps\common\Gnomoria\Gnomoria.exe
FirewallRules: [TCP Query User{44521CA2-46A6-4BEF-95FC-D5DD63D91BC4}D:\games\dead age\deadage.exe] => D:\games\dead age\deadage.exe
FirewallRules: [UDP Query User{B746EF90-F36A-4D83-9332-2875F544271B}D:\games\dead age\deadage.exe] => D:\games\dead age\deadage.exe
FirewallRules: [TCP Query User{267BC0C8-91E8-4868-AB73-5F843323741F}C:\users\bezrayer\desktop\roguelands.v1.4\roguelands.exe] => C:\users\bezrayer\desktop\roguelands.v1.4\roguelands.exe
FirewallRules: [UDP Query User{CAEDDAD3-4424-4FC7-8283-FDE2422A1C26}C:\users\bezrayer\desktop\roguelands.v1.4\roguelands.exe] => C:\users\bezrayer\desktop\roguelands.v1.4\roguelands.exe
FirewallRules: [TCP Query User{D08DE031-B5ED-4918-A20D-4531E0640D75}C:\users\bezrayer\desktop\enter.the.gungeon.v1.0.11\etg.exe] => C:\users\bezrayer\desktop\enter.the.gungeon.v1.0.11\etg.exe
FirewallRules: [UDP Query User{E0112C90-3AAE-4396-B792-4BEF30CD7D0F}C:\users\bezrayer\desktop\enter.the.gungeon.v1.0.11\etg.exe] => C:\users\bezrayer\desktop\enter.the.gungeon.v1.0.11\etg.exe
FirewallRules: [{29C52A7A-8052-4F06-83E9-EDA2C8727E86}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{413B46AC-2935-4B19-A70F-FA820913BC76}C:\users\bezrayer\appdata\local\mycomgames\mycomgames.exe] => C:\users\bezrayer\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{327F6968-7AB5-4132-A777-829C89177494}C:\users\bezrayer\appdata\local\mycomgames\mycomgames.exe] => C:\users\bezrayer\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{EA78E6A4-7F21-4DAB-8825-FA077D5B1154}] => F:\Steam\steamapps\common\The Incredible Adventures of Van Helsing II\VanHelsing.exe
FirewallRules: [{337E9833-EBD5-43A4-B694-E6D10C730BFB}] => F:\Steam\steamapps\common\The Incredible Adventures of Van Helsing II\VanHelsing.exe
FirewallRules: [{31E739A6-1617-460D-A643-AE659C37B55D}] => F:\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{DF2DD90E-3507-4A3B-BC87-BFA64A845D4F}] => F:\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [TCP Query User{4BCBE667-472F-43B9-89BA-58CA9AFE3878}C:\users\bezrayer\desktop\orwell.episode.1-5\orwell.exe] => C:\users\bezrayer\desktop\orwell.episode.1-5\orwell.exe
FirewallRules: [UDP Query User{7AFFD7AC-CB5A-418E-8AAD-615DA6FDDC50}C:\users\bezrayer\desktop\orwell.episode.1-5\orwell.exe] => C:\users\bezrayer\desktop\orwell.episode.1-5\orwell.exe
FirewallRules: [TCP Query User{F18752E8-2ACB-45E0-A805-04A0AD28608F}D:\games\gog\gwent\gwent.exe] => D:\games\gog\gwent\gwent.exe
FirewallRules: [UDP Query User{E94312C4-4AD4-4ECE-AAFC-9DB37A30DF94}D:\games\gog\gwent\gwent.exe] => D:\games\gog\gwent\gwent.exe
FirewallRules: [{5B258577-1D5A-4EA9-A572-25216CC1EB69}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{88038A6E-E17C-4A0A-AA0F-FC9F1F3AE312}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{62287AE3-DBD4-4F61-834E-4FE7220AF649}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{C6F0B3CB-D66F-4BFB-A0A2-2F14244514D4}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{7DC662CE-63D6-4344-9FD7-2038BF8AB0C9}] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{57C0A874-2A90-48E9-BC30-B291EEB41A3D}] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{EA612809-886A-4709-85B6-6A56B252CF77}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9F3333B1-4E99-4628-8264-14CF1A9D5D21}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Restore Points =========================
29-11-2016 12:31:21 Scheduled Checkpoint
06-12-2016 17:47:33 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices =============
Name: HighSpeed USB-Ethernet Adapter
Description: HighSpeed USB-Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ASIX
Service: MOSUMAC
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: rt640x64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/07/2016 09:16:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.14393.447, časové razítko: 0x5819bde0
Název chybujícího modulu: windows.immersiveshell.serviceprovider.dll, verze: 10.0.14393.0, časové razítko: 0x57899873
Kód výjimky: 0x80270233
Posun chyby: 0x0000000000033c25
ID chybujícího procesu: 0x17e8
Čas spuštění chybující aplikace: 0x01d250622f78a8de
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
ID zprávy: ba6727d9-1054-4e47-825f-1195e89c6628
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/07/2016 09:15:27 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
Error: (12/06/2016 07:26:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.14393.0, časové razítko: 0x57899ab2
Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.447, časové razítko: 0x5819bc32
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000f7423
ID chybujícího procesu: 0x1d5c
Čas spuštění chybující aplikace: 0x01d24fee178316a2
Cesta k chybující aplikaci: C:\WINDOWS\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: df8c2b46-4f42-496b-90b0-829215507e81
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/06/2016 06:06:01 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
Error: (12/06/2016 05:47:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (12/06/2016 05:43:44 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
Error: (12/06/2016 05:41:59 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Razer\Razer Cortex\StreamingServicesAPI.dll.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Razer\Razer Cortex\StreamingServicesAPI.dll.Manifest na řádku 2.
Hodnota F:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dll atributu name v prvku urn:schemas-microsoft-com:asm.v1^file je neplatná.
Error: (12/06/2016 10:12:45 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Razer\Razer Cortex\StreamingServicesAPI.dll.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Razer\Razer Cortex\StreamingServicesAPI.dll.Manifest na řádku 2.
Hodnota F:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dll atributu name v prvku urn:schemas-microsoft-com:asm.v1^file je neplatná.
Error: (12/06/2016 10:05:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.14393.447, časové razítko: 0x5819bdb2
Název chybujícího modulu: SearchUI.exe, verze: 10.0.14393.447, časové razítko: 0x5819bdb2
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000174975
ID chybujícího procesu: 0x1440
Čas spuštění chybující aplikace: 0x01d24f9fd6034194
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Cesta k chybujícímu modulu: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
ID zprávy: 49887de7-306b-4238-a3ce-34f4e7a8fa71
Úplný název chybujícího balíčku: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI
Error: (12/06/2016 10:04:14 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
System errors:
=============
Error: (12/07/2016 09:16:12 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (12/07/2016 09:15:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/07/2016 09:15:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Razer Game Scanner Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (12/07/2016 09:15:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).
Error: (12/07/2016 09:15:57 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Razer Game Scanner Service bylo dosaženo časového limitu (30000 ms).
Error: (12/07/2016 09:08:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Razer Game Scanner byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restart the service.
Error: (12/06/2016 11:03:36 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (12/06/2016 11:03:35 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (12/06/2016 11:03:35 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (12/06/2016 11:03:35 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
CodeIntegrity:
===================================
Date: 2016-09-22 17:18:30.055
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-22 17:18:30.049
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-22 17:18:30.029
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-22 17:18:29.995
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-22 17:17:59.913
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-22 17:17:59.906
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-22 17:17:59.893
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-22 17:17:59.883
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-22 17:17:59.871
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-22 17:17:59.839
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X4 640 Processor
Percentage of memory in use: 25%
Total physical RAM: 8190.11 MB
Available physical RAM: 6077.58 MB
Total Virtual: 9470.11 MB
Available Virtual: 7458.16 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:219.15 GB) (Free:118.66 GB) NTFS
Drive d: (Iomega HDD) (Fixed) (Total:931.51 GB) (Free:224.37 GB) NTFS
Drive f: () (Fixed) (Total:478.95 GB) (Free:239.15 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or
(Size: 698.6 GB) (Disk ID: E7D220ED)Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=219.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=478.9 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 78177470)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Asus M5A78L-M LX V2
AMD Athlon II X4 640
8GB DDR3 1333MHz
MSI Radeon HD5670 Cyclone 1G
Windows 10 Pro 64-bit
AMD Athlon II X4 640
8GB DDR3 1333MHz
MSI Radeon HD5670 Cyclone 1G
Windows 10 Pro 64-bit
Re: Preventivní kontrola
Zemana AntiMalware 2.70.2.25 (Installed)
-------------------------------------------------------
Scan Result : Completed
Scan Date : 2016/12/7
Operating System : Windows 10 64-bit
Processor : 4X AMD Athlon(tm) II X4 640 Processor
BIOS Mode : Legacy
CUID : 12184A18CDD5F0ED5FAF35
Scan Type : System Scan
Duration : 16m 5s
Scanned Objects : 127699
Detected Objects : 2
Excluded Objects : 0
Read Level : Normal
Auto Upload : Disabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2
Detected Objects
-------------------------------------------------------
Edge Homepage
Status : Scanned
Object : www.masterbattlerite.com
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Related Objects :
Browser Setting - Edge Homepage
Hosts File
Status : Scanned
Object : %systemroot%\system32\drivers\etc\hosts
MD5 : B45F8BBB8580502550FB714DF5B7E19F
Publisher : -
Size : 753
Version : -
Detection : Hosts Hijack
Cleaning Action : Repair
Related Objects :
Hosts file - 127.0.0.1 - ca
File - %systemroot%\system32\drivers\etc\hosts
-------------------------------------------------------
Scan Result : Completed
Scan Date : 2016/12/7
Operating System : Windows 10 64-bit
Processor : 4X AMD Athlon(tm) II X4 640 Processor
BIOS Mode : Legacy
CUID : 12184A18CDD5F0ED5FAF35
Scan Type : System Scan
Duration : 16m 5s
Scanned Objects : 127699
Detected Objects : 2
Excluded Objects : 0
Read Level : Normal
Auto Upload : Disabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2
Detected Objects
-------------------------------------------------------
Edge Homepage
Status : Scanned
Object : www.masterbattlerite.com
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Related Objects :
Browser Setting - Edge Homepage
Hosts File
Status : Scanned
Object : %systemroot%\system32\drivers\etc\hosts
MD5 : B45F8BBB8580502550FB714DF5B7E19F
Publisher : -
Size : 753
Version : -
Detection : Hosts Hijack
Cleaning Action : Repair
Related Objects :
Hosts file - 127.0.0.1 - ca
File - %systemroot%\system32\drivers\etc\hosts
Asus M5A78L-M LX V2
AMD Athlon II X4 640
8GB DDR3 1333MHz
MSI Radeon HD5670 Cyclone 1G
Windows 10 Pro 64-bit
AMD Athlon II X4 640
8GB DDR3 1333MHz
MSI Radeon HD5670 Cyclone 1G
Windows 10 Pro 64-bit
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Preventivní kontrola
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
C:\Users\Bezrayer\AppData\Roaming\nuvotonISP.lua
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
Kód: Vybrat vše
Start
CloseProcesses:
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\RunOnce: [Uninstall C:\Users\Bezrayer\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Bezrayer\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
SearchScopes: HKU\S-1-5-21-3025460961-235328027-311272571-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
C:\ProgramData\DP45977C.lfl
Task: {E8297D1C-D468-4774-A0FD-787855F4C323} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:FB6A21E3 [430]
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\sharepoint.com -> hxxps://jucb.sharepoint.com
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\sony.com -> sony.com
EmptyTemp:
End(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
C:\Users\Bezrayer\AppData\Roaming\nuvotonISP.lua
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Preventivní kontrola
SCAN: https://www.virustotal.com/cs/file/8d847a8bbc64c5cff12c963b7cea8cc3a42a973133f7a52a8749e61530e06a99/analysis/1481145736/
LOG:
Fix result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by Bezrayer (07-12-2016 22:28:40) Run:1
Running from C:\Users\Bezrayer\Downloads
Loaded Profiles: Bezrayer (Available Profiles: Bezrayer & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\RunOnce: [Uninstall C:\Users\Bezrayer\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Bezrayer\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
SearchScopes: HKU\S-1-5-21-3025460961-235328027-311272571-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
C:\ProgramData\DP45977C.lfl
Task: {E8297D1C-D468-4774-A0FD-787855F4C323} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:FB6A21E3 [430]
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\sharepoint.com -> hxxps://jucb.sharepoint.com
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\sony.com -> sony.com
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-3025460961-235328027-311272571-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\Bezrayer\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64 => value not found.
"HKU\S-1-5-21-3025460961-235328027-311272571-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
C:\ProgramData\DP45977C.lfl => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8297D1C-D468-4774-A0FD-787855F4C323}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8297D1C-D468-4774-A0FD-787855F4C323}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\ProgramData\TEMP => ":FB6A21E3" ADS removed successfully.
HKU\S-1-5-21-3025460961-235328027-311272571-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com => key not found.
HKU\S-1-5-21-3025460961-235328027-311272571-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com => key not found.
"HKU\S-1-5-21-3025460961-235328027-311272571-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sharepoint.com" => key removed successfully
HKU\S-1-5-21-3025460961-235328027-311272571-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com => key not found.
HKU\S-1-5-21-3025460961-235328027-311272571-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com => key not found.
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 122790132 B
Java, Flash, Steam htmlcache => 352912356 B
Windows/system/drivers => 21784 B
Edge => 34385848 B
Chrome => 858476618 B
Firefox => 8061592 B
Opera => 18730720 B
Temp, IE cache, history, cookies, recent:
Default => 7680 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 198746 B
Bezrayer => 15704470 B
Administrator => 10850 B
RecycleBin => 55726965 B
EmptyTemp: => 1.4 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 22:29:18 ====
LOG:
Fix result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by Bezrayer (07-12-2016 22:28:40) Run:1
Running from C:\Users\Bezrayer\Downloads
Loaded Profiles: Bezrayer (Available Profiles: Bezrayer & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\RunOnce: [Uninstall C:\Users\Bezrayer\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Bezrayer\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
SearchScopes: HKU\S-1-5-21-3025460961-235328027-311272571-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
C:\ProgramData\DP45977C.lfl
Task: {E8297D1C-D468-4774-A0FD-787855F4C323} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:FB6A21E3 [430]
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\sharepoint.com -> hxxps://jucb.sharepoint.com
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3025460961-235328027-311272571-1001\...\sony.com -> sony.com
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-3025460961-235328027-311272571-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\Bezrayer\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64 => value not found.
"HKU\S-1-5-21-3025460961-235328027-311272571-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
C:\ProgramData\DP45977C.lfl => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E8297D1C-D468-4774-A0FD-787855F4C323}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E8297D1C-D468-4774-A0FD-787855F4C323}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\ProgramData\TEMP => ":FB6A21E3" ADS removed successfully.
HKU\S-1-5-21-3025460961-235328027-311272571-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com => key not found.
HKU\S-1-5-21-3025460961-235328027-311272571-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com => key not found.
"HKU\S-1-5-21-3025460961-235328027-311272571-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sharepoint.com" => key removed successfully
HKU\S-1-5-21-3025460961-235328027-311272571-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com => key not found.
HKU\S-1-5-21-3025460961-235328027-311272571-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com => key not found.
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 122790132 B
Java, Flash, Steam htmlcache => 352912356 B
Windows/system/drivers => 21784 B
Edge => 34385848 B
Chrome => 858476618 B
Firefox => 8061592 B
Opera => 18730720 B
Temp, IE cache, history, cookies, recent:
Default => 7680 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 198746 B
Bezrayer => 15704470 B
Administrator => 10850 B
RecycleBin => 55726965 B
EmptyTemp: => 1.4 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 22:29:18 ====
Asus M5A78L-M LX V2
AMD Athlon II X4 640
8GB DDR3 1333MHz
MSI Radeon HD5670 Cyclone 1G
Windows 10 Pro 64-bit
AMD Athlon II X4 640
8GB DDR3 1333MHz
MSI Radeon HD5670 Cyclone 1G
Windows 10 Pro 64-bit
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Preventivní kontrola
Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt
Co problémy?
https://toolslib.net/downloads/viewdownload/2-delfix/
ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci
Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt
Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Preventivní kontrola
Problémy žádné nebyly, teda alespoň žádné pozorovatelné, chtěl jsem to preventivně vyčistit, aby se náhodou něco někde neschovávalo.
Co ty dva malware programy, nebudou se tlouct mezi sebou ?
# DelFix v1.013 - Logfile created 08/12/2016 at 10:25:46
# Updated 17/04/2016 by Xplode
# Username : Bezrayer - SELDA
# Operating System : Windows 10 Pro (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\Users\Bezrayer\Downloads\FRST-OlderVersion
Deleted : C:\zoek-results.log
Deleted : C:\Users\Bezrayer\Desktop\TFC.exe
Deleted : C:\Users\Bezrayer\Downloads\Addition.txt
Deleted : C:\Users\Bezrayer\Downloads\Fixlog.txt
Deleted : C:\Users\Bezrayer\Downloads\FRST.txt
Deleted : C:\Users\Bezrayer\Downloads\FRST64.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
~ Cleaning system restore ...
Deleted : RP #24 [Scheduled Checkpoint | 11/29/2016 11:31:21]
Deleted : RP #25 [JRT Pre-Junkware Removal | 12/06/2016 16:47:33]
New restore point created !
########## - EOF - ##########
Co ty dva malware programy, nebudou se tlouct mezi sebou ?
# DelFix v1.013 - Logfile created 08/12/2016 at 10:25:46
# Updated 17/04/2016 by Xplode
# Username : Bezrayer - SELDA
# Operating System : Windows 10 Pro (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\Users\Bezrayer\Downloads\FRST-OlderVersion
Deleted : C:\zoek-results.log
Deleted : C:\Users\Bezrayer\Desktop\TFC.exe
Deleted : C:\Users\Bezrayer\Downloads\Addition.txt
Deleted : C:\Users\Bezrayer\Downloads\Fixlog.txt
Deleted : C:\Users\Bezrayer\Downloads\FRST.txt
Deleted : C:\Users\Bezrayer\Downloads\FRST64.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
~ Cleaning system restore ...
Deleted : RP #24 [Scheduled Checkpoint | 11/29/2016 11:31:21]
Deleted : RP #25 [JRT Pre-Junkware Removal | 12/06/2016 16:47:33]
New restore point created !
########## - EOF - ##########
Asus M5A78L-M LX V2
AMD Athlon II X4 640
8GB DDR3 1333MHz
MSI Radeon HD5670 Cyclone 1G
Windows 10 Pro 64-bit
AMD Athlon II X4 640
8GB DDR3 1333MHz
MSI Radeon HD5670 Cyclone 1G
Windows 10 Pro 64-bit
-
jerabina
- člen Security týmu
-
Level 6
- Příspěvky: 3647
- Registrován: březen 13
- Bydliště: Litoměřice
- Pohlaví:
- Stav:
Offline
Re: Preventivní kontrola
Myslíš Malwarebytes Anti-Malware a Windows Defender? Nebudou, Malwarebytes Anti-Malware neběží pořád. Můžeš s ním jednou za čas proskenovat počítač nebo ho můžeš odinstalovat.
Pokud je to tedy vše, můžeš to tu uzamknout fajfkou
Pokud je to tedy vše, můžeš to tu uzamknout fajfkou
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
HJT návod
Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 123 hostů