firefox: nový panel s reklamou Vyřešeno

[vantyto]

do přílohy přidávám logy FIRST a Addition (nešlo uploadnot v TXT formátu, tak sem to zazipoval)

[Reklama]

[vantyto]

FIRST 1/3
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
Ran by luvan (administrator) on BLACKBOOK (04-01-2017 15:37:43)
Running from C:\Users\Public\Downloads\programy\hijack
Loaded Profiles: luvan & (Available Profiles: luvan & Administrator)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Qualcomm Atheros) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Electronic Arts) C:\Programy\Origin\OriginWebHelperService.exe
(TeamViewer GmbH) C:\Programy\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Programy\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(TeamViewer GmbH) C:\Programy\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Programy\TeamViewer\tv_x64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Programy\Steam\Steam.exe
(Electronic Arts) C:\Programy\Origin\Origin.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Valve Corporation) C:\Programy\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Programy\Steam\bin\cef\cef.win7\steamwebhelper.exe
() C:\Programy\Origin\QtWebEngineProcess.exe
() C:\Programy\Origin\QtWebEngineProcess.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(BitTorrent, Inc.) C:\Programy\uTorrent\utorrent.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1612.3341.0_x64__8wekyb3d8bbwe\Calculator.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Valve Corporation) C:\Programy\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16704512 2016-11-08] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14073072 2016-12-30] (Zemana Ltd.)
HKLM-x32\...\Run: [StereoLinksInstall] => "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe" /install1
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [721856 2016-07-01] (Autodesk, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60408 2016-12-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [917576 2016-12-06] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3880423963-3014309569-130014225-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27226072 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-3880423963-3014309569-130014225-1001\...\Run: [Steam] => C:\Programy\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-3880423963-3014309569-130014225-1001\...\Run: [EADM] => C:\Programy\Origin\Origin.exe [3044848 2016-11-24] (Electronic Arts)
HKU\S-1-5-21-3880423963-3014309569-130014225-1001\...\Policies\Explorer: []
HKU\S-1-5-21-3880423963-3014309569-130014225-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01042017104245141\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Programy\PC Remote Receiver\PCRemoteReceiver.exe /RestartByRestartManager:B51B951A-BE64-4e1c-B71C-758DD40E4704
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{19ceecdd-3121-4ddd-87f4-7801e07ff02d}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3880423963-3014309569-130014225-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3880423963-3014309569-130014225-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01042017104245141\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
SearchScopes: HKU\S-1-5-21-3880423963-3014309569-130014225-1001 -> DefaultScope {11F82C0C-C38B-4901-AFB7-E3BA99B5815C} URL =
SearchScopes: HKU\S-1-5-21-3880423963-3014309569-130014225-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-11-10] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-10] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-10] (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} -> C:\Programy\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2012-07-26] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-10] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\luvan\AppData\Roaming\Mozilla\Firefox\Profiles\txs9d34m.default-1483138573866 [2017-01-04]
FF NewTab: Mozilla\Firefox\Profiles\txs9d34m.default-1483138573866 -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\txs9d34m.default-1483138573866 -> about:home
FF Extension: (Xmarks) - C:\Users\luvan\AppData\Roaming\Mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\Extensions\foxmarks@kei.com [2016-12-31]
FF Extension: (Gmail™ Notifier (restartless)) - C:\Users\luvan\AppData\Roaming\Mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2016-12-31]
FF Extension: (Google™ Translator) - C:\Users\luvan\AppData\Roaming\Mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\Extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi [2016-12-31]
FF Extension: (Strict Pop-up Blocker) - C:\Users\luvan\AppData\Roaming\Mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\Extensions\jid1-P34HaABBBpOerQ@jetpack.xpi [2016-12-31]
FF Extension: (Download Status Bar) - C:\Users\luvan\AppData\Roaming\Mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-12-31]
FF Extension: (Adblock Plus) - C:\Users\luvan\AppData\Roaming\Mozilla\Firefox\Profiles\txs9d34m.default-1483138573866\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-31]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-14] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-10] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-14] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1295376 2016-07-01] (Autodesk Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1089592 2016-12-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [476736 2016-12-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [476736 2016-12-06] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1490296 2016-12-06] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [309328 2015-09-01] (Qualcomm Atheros)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [372272 2016-12-16] (Avira Operations GmbH & Co. KG)
S2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [299968 2017-01-03] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1457160 2016-11-11] ()
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
S3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [623072 2016-04-13] (Intel Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [389904 2016-11-10] (EasyAntiCheat Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-04-13] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [458296 2016-10-25] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [458296 2016-10-25] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1165368 2016-10-25] (NVIDIA Corporation)
S3 Origin Client Service; C:\Programy\Origin\OriginClientService.exe [2119688 2016-11-24] (Electronic Arts)
R2 Origin Web Helper Service; C:\Programy\Origin\OriginWebHelperService.exe [2180624 2016-11-24] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2016-09-17] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-09-17] ()
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [401248 2015-09-05] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [453984 2015-09-05] (Acer Incorporated)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Programy\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [1770136 2015-08-04] (Intel Corporation)
S3 TunngleService; C:\Programy\Tunngle\TnglCtrl.exe [872432 2016-06-23] (Tunngle.net GmbH)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14073072 2016-12-30] (Zemana Ltd.)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AsusVBus; C:\WINDOWS\System32\drivers\AsusVBus.sys [39704 2016-09-22] (Windows (R) Win 7 DDK provider)
S3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [84472 2016-09-22] (ASUS Corporation)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [151352 2016-12-06] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [153904 2016-12-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [35488 2016-12-06] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [78208 2016-12-06] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [28272 2016-12-06] (Avira Operations GmbH & Co. KG)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-01-04] ()
S3 iaLPSS2_I2C; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys [185128 2015-07-08] (Intel Corporation)
R3 IntcAudioBus; C:\WINDOWS\System32\drivers\IntcAudioBus.sys [227952 2016-11-08] (Intel(R) Corporation)
S3 IntcDMic; C:\WINDOWS\system32\DRIVERS\IntcDMic.sys [585024 2015-09-14] (Intel(R) Corporation)
S3 IntcOED; C:\WINDOWS\System32\drivers\IntcOED.sys [613672 2015-12-11] (Intel(R) Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2015-09-05] (Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [176064 2017-01-01] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [102856 2017-01-04] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-01-03] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-04] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [91584 2017-01-04] (Malwarebytes)
S3 monectdevices; C:\WINDOWS\System32\drivers\monectdevices.sys [15768 2013-12-03] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9934c34dc6ca0c4b\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2016-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2016-10-25] (NVIDIA Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2336768 2016-07-16] (Qualcomm Atheros, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2015-09-05] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [411712 2015-05-19] (Realsil Semiconductor Corporation)
S3 SaiHFFB5; C:\WINDOWS\system32\DRIVERS\SaiHFFB5.sys [171144 2007-05-01] (Saitek)
S3 SaiIFFB5; C:\WINDOWS\system32\DRIVERS\SaiIFFB5.sys [20608 2007-05-01] (Saitek)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [57448 2015-10-22] (Synaptics Incorporated)
R3 tap0901t; C:\WINDOWS\System32\drivers\tap0901t.sys [48824 2016-04-26] (Tunngle.net GmbH)
S3 VSPerfDrv110; C:\Programy\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-01-03] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-01-03] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

[vantyto]

FIRST 2/3
==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-04 15:37 - 2017-01-04 15:37 - 00000000 ____D C:\FRST
2017-01-03 20:48 - 2017-01-04 15:39 - 00290044 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-01-03 20:48 - 2017-01-04 15:39 - 00278453 _____ C:\WINDOWS\ZAM.krnl.trace
2017-01-03 20:48 - 2017-01-03 20:48 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-01-03 20:48 - 2017-01-03 20:48 - 00203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2017-01-03 20:48 - 2017-01-03 20:48 - 00001221 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-01-03 20:48 - 2017-01-03 20:48 - 00000000 ____D C:\Users\luvan\AppData\Local\Zemana
2017-01-03 20:48 - 2017-01-03 20:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-01-03 20:48 - 2017-01-03 20:48 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-01-03 18:58 - 2017-01-03 19:14 - 00001613 _____ C:\Users\luvan\Desktop\pohádka.txt
2017-01-03 10:37 - 2017-01-03 10:37 - 00000000 ____D C:\zoek
2017-01-03 10:25 - 2017-01-03 10:25 - 00000092 _____ C:\Users\luvan\Desktop\script.txt
2017-01-03 10:02 - 2017-01-03 10:37 - 00003248 _____ C:\runcheck.txt
2017-01-03 09:58 - 2017-01-03 10:26 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-01-03 09:56 - 2017-01-04 12:44 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-01-03 09:36 - 2017-01-03 09:36 - 00223892 _____ C:\Users\luvan\Desktop\potvrzení o studiu.pdf
2017-01-03 09:25 - 2017-01-03 09:25 - 00054056 _____ C:\Users\luvan\Desktop\vypis OZP.pdf
2017-01-03 00:06 - 2017-01-03 00:31 - 00000000 ____D C:\zoek_backup
2017-01-02 23:21 - 2017-01-02 23:21 - 00000000 ____D C:\Users\luvan\AppData\Roaming\Avira
2017-01-02 21:02 - 2017-01-02 23:29 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-01-02 20:59 - 2017-01-02 21:50 - 00000000 ____D C:\ProgramData\RogueKiller
2017-01-02 20:42 - 2017-01-02 20:42 - 00000679 _____ C:\Users\luvan\Desktop\JRT.txt
2017-01-01 15:51 - 2017-01-04 14:46 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-01-01 15:51 - 2017-01-01 15:51 - 00176064 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-01-01 15:50 - 2017-01-04 12:44 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-01 15:50 - 2017-01-04 12:44 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-01-01 15:50 - 2017-01-03 16:52 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-01-01 15:50 - 2017-01-01 15:50 - 00001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-01 15:50 - 2017-01-01 15:50 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-01 15:50 - 2017-01-01 15:50 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-31 00:57 - 2016-12-31 00:57 - 00000000 _____ C:\autoexec.bat
2016-12-31 00:56 - 2016-12-31 00:56 - 00000000 ____D C:\Users\luvan\Start Menu
2016-12-30 23:56 - 2016-12-30 23:56 - 00000000 ____D C:\Users\luvan\Desktop\Old Firefox Data
2016-12-30 23:54 - 2016-12-30 23:54 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-30 23:54 - 2016-12-30 23:54 - 00001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-12-30 23:47 - 2016-12-30 23:47 - 00243552 _____ C:\Users\Public\Downloads\Firefox Setup Stub 50.1.0.exe
2016-12-30 23:20 - 2017-01-01 15:48 - 00000000 ____D C:\AdwCleaner
2016-12-30 18:31 - 2016-12-30 18:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2016-12-30 18:29 - 2016-12-06 16:01 - 00153904 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-12-30 18:29 - 2016-12-06 16:01 - 00151352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-12-30 18:29 - 2016-12-06 16:01 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-12-30 18:29 - 2016-12-06 16:01 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-12-30 18:29 - 2016-12-06 16:01 - 00028272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2016-12-30 18:25 - 2017-01-03 22:50 - 00001117 _____ C:\Users\Public\Desktop\Avira Phantom VPN.lnk
2016-12-30 18:25 - 2016-12-30 18:25 - 00000000 ____D C:\Users\luvan\AppData\Local\Avira
2016-12-30 18:24 - 2017-01-03 22:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-12-30 18:24 - 2017-01-03 16:58 - 00000000 ____D C:\ProgramData\Avira
2016-12-30 18:24 - 2017-01-03 16:58 - 00000000 ____D C:\Program Files (x86)\Avira
2016-12-30 18:24 - 2016-12-30 18:24 - 00001281 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2016-12-30 15:57 - 2016-12-30 15:57 - 00000000 ____D C:\Users\luvan\Documents\SavedGames
2016-12-30 14:48 - 2016-12-30 14:48 - 00000000 ____D C:\Users\luvan\AppData\Roaming\Warner Bros. Interactive Entertainment
2016-12-30 14:33 - 2016-12-30 14:33 - 00003700 _____ C:\WINDOWS\System32\Tasks\perfectsidecom
2016-12-28 04:00 - 2016-12-28 05:23 - 00000000 ____D C:\ProgramData\Unity
2016-12-28 03:31 - 2016-12-28 03:31 - 00000000 ____D C:\Program Files (x86)\GtkSharp
2016-12-28 03:30 - 2016-12-28 03:30 - 00000932 _____ C:\Users\Public\Desktop\Unity 5.5.0f3 (64-bit).lnk
2016-12-28 03:30 - 2016-12-28 03:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.5.0f3 (64-bit)
2016-12-28 03:25 - 2016-12-28 03:31 - 00000000 ____D C:\Program Files\Unity
2016-12-27 18:34 - 2016-12-27 18:34 - 00000000 ____D C:\Users\luvan\AppData\Local\CrazyPixelStreaker
2016-12-27 18:16 - 2016-12-27 18:16 - 00000000 ____D C:\Users\luvan\AppData\Local\BallisticTanks
2016-12-27 18:12 - 2016-12-27 18:12 - 00000000 ____D C:\Users\luvan\AppData\LocalLow\Play Native Entertainment
2016-12-27 18:07 - 2016-12-27 18:12 - 67447470 _____ C:\Users\luvan\Desktop\Ballistic.Tanks.v1.04.rar
2016-12-27 16:05 - 2016-12-27 16:05 - 00003416 _____ C:\WINDOWS\System32\Tasks\{874BEA4D-EFAC-4C69-B02F-1E49D763C514}
2016-12-27 15:53 - 2016-12-27 15:55 - 00000000 ____D C:\Users\luvan\Documents\SHIFT 2 UNLEASHED
2016-12-26 19:12 - 2016-12-26 19:12 - 00000000 ____D C:\Users\luvan\AppData\Local\Hero_Siege
2016-12-26 17:00 - 2016-12-26 17:00 - 00000000 ____D C:\Users\luvan\AppData\Roaming\GT200Driver
2016-12-26 16:59 - 2016-12-26 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asus Espada Gaming Mouse
2016-12-26 16:54 - 2016-12-26 16:54 - 00000000 ____D C:\WINDOWS\SysWOW64\English
2016-12-26 02:12 - 2016-12-26 02:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-12-26 02:11 - 2016-12-26 02:12 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-12-26 02:11 - 2016-12-26 02:12 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-12-26 02:09 - 2016-12-26 02:11 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2012
2016-12-26 02:09 - 2016-12-26 02:11 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2012
2016-12-26 01:51 - 2016-12-26 01:51 - 00001572 _____ C:\Users\luvan\Desktop\photoshop.lnk
2016-12-26 01:50 - 2016-12-26 01:50 - 00001631 _____ C:\Users\luvan\Desktop\visual studio.lnk
2016-12-26 01:31 - 2016-12-26 01:31 - 00001083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4 (64 Bit).lnk
2016-12-26 01:29 - 2016-12-26 01:29 - 00001020 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4.lnk
2016-12-26 01:27 - 2016-12-26 01:27 - 00000982 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk
2016-12-26 01:26 - 2016-12-26 01:26 - 00000000 ____D C:\WINDOWS\SysWOW64\spool
2016-12-26 01:25 - 2016-12-26 01:32 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-12-26 01:25 - 2016-12-26 01:25 - 00001488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
2016-12-26 01:25 - 2016-12-26 01:25 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-12-26 01:11 - 2016-12-26 01:46 - 00000000 ____D C:\Users\luvan\Documents\Visual Studio 2012
2016-12-26 01:08 - 2016-12-26 01:08 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2016-12-26 01:08 - 2016-12-26 01:08 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-12-26 01:07 - 2016-12-26 01:07 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2016-12-26 01:07 - 2016-12-26 01:07 - 00000000 ____D C:\Program Files\Application Verifier
2016-12-26 01:07 - 2016-12-26 01:07 - 00000000 ____D C:\Program Files (x86)\Application Verifier
2016-12-26 01:06 - 2016-12-26 01:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2016-12-26 01:05 - 2016-12-26 01:05 - 00000000 ____D C:\ProgramData\PreEmptive Solutions
2016-12-26 01:04 - 2016-12-26 01:04 - 00000000 ____D C:\Program Files (x86)\NuGet
2016-12-26 01:04 - 2016-12-26 01:04 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
2016-12-26 01:03 - 2016-12-26 01:03 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-12-26 01:01 - 2016-12-26 01:02 - 00000000 ____D C:\WINDOWS\SysWOW64\1033
2016-12-26 00:59 - 2016-12-26 00:59 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop
2016-12-26 00:58 - 2016-12-26 00:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2016-12-26 00:54 - 2016-12-26 01:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2016-12-26 00:53 - 2016-12-26 01:09 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-12-26 00:53 - 2016-12-26 00:53 - 00000000 ____D C:\WINDOWS\system32\1033
2016-12-26 00:53 - 2016-12-26 00:53 - 00000000 ____D C:\WINDOWS\symbols
2016-12-26 00:53 - 2016-12-26 00:53 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 11.0
2016-12-25 20:11 - 2016-12-25 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titan Souls [GOG.com]
2016-12-24 22:46 - 2016-12-28 04:11 - 00000000 ____D C:\Users\luvan\AppData\LocalLow\DefaultCompany
2016-12-24 14:29 - 2016-12-28 04:07 - 00000000 ____D C:\Users\luvan\Documents\hra
2016-12-24 03:05 - 2016-12-26 05:16 - 00001813 _____ C:\Users\luvan\.xmlcopyeditor
2016-12-24 03:04 - 2016-12-24 03:04 - 00000856 _____ C:\Users\Public\Desktop\XML Copy Editor.lnk
2016-12-24 01:26 - 2016-12-24 01:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Necropolis
2016-12-23 23:47 - 2016-12-23 23:47 - 00000000 ____D C:\Users\luvan\AppData\LocalLow\Ludeon Studios
2016-12-23 22:31 - 2016-12-23 22:31 - 00000000 ____D C:\Users\luvan\AppData\LocalLow\Flying Oak Games
2016-12-23 22:28 - 2016-12-23 22:29 - 00000000 ____D C:\Users\luvan\AppData\Local\nuclearthrone
2016-12-23 21:39 - 2016-12-24 03:57 - 00000270 _____ C:\Users\luvan\Desktop\zajimave rouglike.txt
2016-12-23 13:59 - 2016-12-23 13:59 - 00000000 ____D C:\Users\luvan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Gothic
2016-12-23 13:47 - 2016-12-23 13:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gothic
2016-12-23 13:47 - 2016-12-23 13:47 - 00000000 ____D C:\gothic
2016-12-18 21:43 - 2016-12-18 21:44 - 00000000 ____D C:\Users\luvan\AppData\Roaming\DevilDaggers
2016-12-18 17:34 - 2016-12-19 15:09 - 00000000 ____D C:\Users\Public\Downloads\men of war
2016-12-17 22:51 - 2016-12-17 22:56 - 00000000 ____D C:\Users\Public\Downloads\hdd2
2016-12-15 05:59 - 2016-12-09 11:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-15 05:59 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-15 05:59 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-15 05:59 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-15 05:59 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-15 05:59 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-15 05:59 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-15 05:59 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-15 05:59 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-15 05:59 - 2016-12-09 11:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-15 05:59 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-15 05:59 - 2016-12-09 11:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-15 05:59 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-15 05:59 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-15 05:59 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-15 05:59 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-15 05:59 - 2016-12-09 10:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-15 05:59 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-15 05:59 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-15 05:59 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-15 05:59 - 2016-12-09 10:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-15 05:59 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-15 05:59 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-15 05:59 - 2016-12-09 10:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-15 05:59 - 2016-12-09 10:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-15 05:59 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-15 05:59 - 2016-12-09 10:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-15 05:59 - 2016-12-09 10:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-15 05:59 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-15 05:59 - 2016-12-09 10:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-15 05:59 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-15 05:59 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-15 05:59 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-15 05:59 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-15 05:59 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-15 05:59 - 2016-12-09 10:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-15 05:59 - 2016-12-09 10:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-15 05:59 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-15 05:59 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-15 05:59 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-15 05:59 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-15 05:59 - 2016-12-09 10:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-15 05:59 - 2016-12-09 10:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-15 05:59 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-15 05:59 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-15 05:59 - 2016-12-09 10:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-15 05:59 - 2016-12-09 10:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-15 05:59 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-15 05:59 - 2016-12-09 10:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-15 05:59 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-15 05:59 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-15 05:59 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-15 05:59 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-15 05:59 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-15 05:59 - 2016-12-09 10:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-15 05:59 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-15 05:59 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-15 05:59 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-15 05:59 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-15 05:58 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-15 05:58 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-15 05:58 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-15 05:58 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-15 05:58 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-15 05:58 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-15 05:58 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-15 05:58 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-15 05:58 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-15 05:58 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-15 05:58 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-15 05:58 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-15 05:58 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-15 05:58 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-15 05:58 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-15 05:58 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-15 05:58 - 2016-12-09 11:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-15 05:58 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-15 05:58 - 2016-12-09 11:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-15 05:58 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-15 05:58 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-15 05:58 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-15 05:58 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-15 05:58 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-15 05:58 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-15 05:58 - 2016-12-09 10:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-15 05:58 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-15 05:58 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-15 05:58 - 2016-12-09 10:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-15 05:58 - 2016-12-09 10:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-15 05:58 - 2016-12-09 10:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-15 05:58 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-15 05:58 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-15 05:58 - 2016-12-09 10:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-15 05:58 - 2016-12-09 10:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-15 05:58 - 2016-12-09 10:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-15 05:58 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-15 05:58 - 2016-12-09 10:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-15 05:58 - 2016-12-09 10:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-15 05:58 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-15 05:58 - 2016-12-09 10:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-15 05:58 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-15 05:58 - 2016-12-09 10:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-15 05:58 - 2016-12-09 10:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-15 05:58 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-15 05:58 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-15 05:58 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-15 05:58 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-15 05:58 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-15 05:58 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-15 05:58 - 2016-12-09 10:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-15 05:58 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-15 05:58 - 2016-12-09 10:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-15 05:58 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-14 00:29 - 2016-12-14 00:29 - 00000000 ____D C:\Users\luvan\AppData\Local\Chromium
2016-12-13 23:13 - 2016-12-13 23:14 - 00000000 ____D C:\Users\luvan\AppData\Local\SatelliteReign
2016-12-13 23:13 - 2016-12-13 23:13 - 00000000 ____D C:\Users\luvan\AppData\LocalLow\5 Lives Studios
2016-12-11 18:28 - 2016-12-11 18:28 - 00000717 _____ C:\Users\luvan\Desktop\mili jezisku.jpg
2016-12-11 14:20 - 2016-12-11 14:21 - 00000000 ____D C:\Users\Public\Downloads\fallout 4
2016-12-09 20:54 - 2016-11-11 11:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-09 20:54 - 2016-11-11 11:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-09 20:54 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-09 20:54 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-09 20:54 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-09 20:54 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-09 20:54 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-09 20:54 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-09 20:54 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-09 20:54 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-09 20:54 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-09 20:54 - 2016-11-11 10:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-09 20:54 - 2016-11-11 10:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-09 20:54 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-09 20:54 - 2016-11-11 10:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-09 20:54 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-09 20:54 - 2016-11-11 10:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-09 20:54 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-09 20:54 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-09 20:54 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-09 20:54 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-09 20:54 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-09 20:54 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-09 20:54 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-09 20:54 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-09 20:54 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-09 20:54 - 2016-11-11 10:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-09 20:54 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-09 20:54 - 2016-11-11 10:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-09 20:54 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-09 20:54 - 2016-11-11 10:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-09 20:54 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-09 20:54 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-09 20:54 - 2016-11-11 10:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-09 20:54 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-09 20:54 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-09 20:54 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-09 20:54 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-09 20:54 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-09 20:54 - 2016-11-11 10:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-09 20:54 - 2016-11-11 10:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-12-09 20:54 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-09 20:54 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-09 20:54 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-09 20:54 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-09 20:54 - 2016-11-11 10:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-09 20:54 - 2016-11-11 10:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-09 20:54 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-09 20:54 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-09 20:54 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-09 20:54 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-09 20:54 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-09 20:54 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-09 20:54 - 2016-11-11 10:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-09 20:54 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-09 20:54 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-09 20:54 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-09 20:54 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-09 20:54 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-09 20:54 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-09 20:54 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-09 20:54 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-09 20:54 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-09 20:54 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-09 20:54 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-09 20:54 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-09 20:54 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-09 20:54 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-09 20:54 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-09 20:54 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-09 20:54 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-09 20:54 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-09 20:54 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-09 20:54 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-09 20:54 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-09 20:54 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-09 20:54 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-09 20:54 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-09 20:54 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-09 20:54 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-09 20:54 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-09 20:54 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-09 20:54 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-09 20:54 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-09 20:54 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-09 20:54 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-09 20:54 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-09 20:54 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-09 20:54 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-09 20:54 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-09 20:54 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-09 20:54 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-09 20:53 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-09 20:53 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-09 20:53 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-09 20:53 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-09 20:53 - 2016-11-11 11:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-09 20:53 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-09 20:53 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-09 20:53 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-09 20:53 - 2016-11-11 11:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-09 20:53 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-09 20:53 - 2016-11-11 10:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-09 20:53 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-09 20:53 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-09 20:53 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-09 20:53 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-09 20:53 - 2016-11-11 10:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-09 20:53 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-09 20:53 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-09 20:53 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-09 20:53 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-09 20:53 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-09 20:53 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-09 20:53 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-09 20:53 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-09 20:53 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-09 20:53 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-09 20:53 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-09 20:53 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-09 20:53 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-09 20:53 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-09 20:53 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-09 20:53 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-09 20:53 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-09 20:53 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-09 20:53 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-09 20:53 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-09 20:53 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-09 20:53 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-09 20:53 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-09 20:53 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-09 20:53 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-09 20:53 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-09 20:53 - 2016-11-11 10:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-09 20:53 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-09 20:53 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-09 20:53 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-09 20:53 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-09 20:53 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-09 20:53 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-09 20:53 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-09 20:53 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-09 20:53 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-09 20:53 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-09 20:53 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-09 20:53 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-09 20:53 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-09 20:53 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-09 20:53 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-09 20:53 - 2016-11-11 10:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-09 20:53 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-09 20:53 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-09 20:53 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-09 20:53 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-09 20:53 - 2016-11-11 10:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-09 20:53 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-09 20:53 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-09 20:53 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-09 20:53 - 2016-11-11 10:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-09 20:53 - 2016-11-11 10:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-09 20:53 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-09 20:53 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-09 20:53 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-09 20:53 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-09 20:53 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-09 20:53 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-09 20:53 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-09 20:53 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-09 20:53 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-09 20:53 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-09 20:53 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-09 20:53 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-09 20:53 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-09 20:53 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-09 20:53 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-09 20:53 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-09 20:53 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-09 20:53 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-09 20:53 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-09 20:53 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-09 20:53 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-09 20:53 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-09 20:53 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-09 20:53 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-09 20:53 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-09 20:53 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-09 20:53 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-09 20:53 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-09 20:53 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-09 20:53 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-09 20:53 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-09 20:53 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-09 20:53 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-09 20:53 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-09 20:53 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-09 20:53 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-09 20:53 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-09 20:53 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-09 20:53 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-09 20:53 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-09 20:53 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-09 20:53 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-09 20:53 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-09 20:53 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-09 20:53 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-09 20:53 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-09 20:53 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-09 20:53 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-09 20:53 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-09 20:53 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-09 20:53 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-09 20:53 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-09 20:52 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-09 20:52 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-09 20:52 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-09 20:52 - 2016-11-11 10:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-09 20:52 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-09 20:52 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-09 20:52 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-09 20:52 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-09 20:52 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-09 20:52 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-09 20:52 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-09 20:52 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-09 20:52 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-09 20:52 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-09 20:52 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-09 20:52 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-09 20:52 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-09 20:52 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-09 20:52 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-09 20:52 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-09 20:52 - 2016-11-11 10:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-09 20:52 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-09 20:52 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-09 20:52 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-09 20:52 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-09 20:52 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-09 20:52 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-09 20:52 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-09 20:52 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-09 20:52 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-09 20:52 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-09 20:52 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-09 20:52 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-09 20:52 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-09 20:52 - 2016-11-11 10:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-09 20:52 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-09 20:52 - 2016-11-11 10:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-09 20:52 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-09 20:52 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-09 20:52 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-09 20:52 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-09 20:52 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-09 20:52 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-09 20:52 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-09 20:52 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-09 20:52 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-09 20:52 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-09 20:52 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-09 20:52 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-09 20:52 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-09 20:52 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-09 20:52 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-09 20:52 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-09 20:52 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-09 20:52 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-09 20:52 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-07 18:25 - 2016-12-07 18:31 - 00000000 ____D C:\Users\luvan\Documents\Assassin's Creed III
2016-12-07 17:30 - 2016-12-26 01:52 - 00000000 ____D C:\ProgramData\Adobe
2016-12-07 16:22 - 2016-12-07 16:22 - 00000000 ____D C:\Users\luvan\AppData\LocalLow\Daedalic Entertainment GmbH
2016-12-07 16:22 - 2016-12-07 16:22 - 00000000 ____D C:\Users\luvan\AppData\Local\Daedalic Entertainment GmbH

[vantyto]

FIRST 3/3
==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-04 15:39 - 2016-07-18 00:28 - 00000000 ____D C:\Users\luvan\AppData\Local\Packages
2017-01-04 15:37 - 2016-08-16 14:55 - 00000000 ____D C:\Users\luvan\AppData\Roaming\Origin
2017-01-04 15:25 - 2016-08-07 17:00 - 00000000 ____D C:\Users\luvan\AppData\Roaming\Skype
2017-01-04 15:24 - 2016-08-20 07:27 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-03 20:47 - 2016-08-07 16:52 - 00000000 ____D C:\Users\Public\Downloads\programy
2017-01-03 18:48 - 2016-09-03 19:21 - 00000000 ____D C:\Users\Public\Downloads\filmy
2017-01-03 18:26 - 2016-08-07 17:38 - 00000000 ____D C:\Users\Public\Downloads\ost
2017-01-03 17:00 - 2016-11-17 18:51 - 00000000 ____D C:\Users\luvan\AppData\LocalLow\Mozilla
2017-01-03 16:52 - 2016-08-16 14:27 - 00000000 ____D C:\ProgramData\Origin
2017-01-03 16:50 - 2016-08-20 07:35 - 00000000 ____D C:\Users\luvan
2017-01-03 16:50 - 2016-08-20 07:30 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-03 16:50 - 2016-08-20 07:29 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-01-03 16:50 - 2016-07-18 00:28 - 00000000 __SHD C:\Users\luvan\IntelGraphicsProfiles
2017-01-03 16:49 - 2016-08-20 07:44 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-03 10:26 - 2016-07-16 07:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-01-03 09:46 - 2016-08-20 07:35 - 00000000 ____D C:\Users\Administrator
2017-01-03 09:26 - 2016-08-24 10:01 - 00000000 ____D C:\Users\luvan\AppData\Local\Microsoft Help
2017-01-03 09:21 - 2016-11-21 00:56 - 00000000 ____D C:\Users\luvan\AppData\Local\Deployment
2017-01-03 00:31 - 2015-07-10 12:04 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-01-03 00:04 - 2016-07-18 01:29 - 00000000 ____D C:\Users\luvan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2017-01-02 16:20 - 2016-10-31 12:21 - 00000000 ____D C:\Users\luvan\AppData\Local\Autodesk
2017-01-01 17:40 - 2016-08-07 21:00 - 00000000 ____D C:\Users\luvan\AppData\Local\CrashDumps
2017-01-01 15:26 - 2016-07-18 00:29 - 00000000 ____D C:\Users\luvan\AppData\Local\AOP SDK
2016-12-31 13:52 - 2016-08-20 07:34 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{4a3fb119-4ba3-11e6-80cd-b8ca3aed6f7f}.TMContainer00000000000000000001.regtrans-ms
2016-12-31 13:52 - 2016-08-20 07:34 - 00065536 ___SH C:\WINDOWS\system32\config\COMPONENTS{4a3fb119-4ba3-11e6-80cd-b8ca3aed6f7f}.TM.blf
2016-12-31 13:52 - 2016-07-16 07:04 - 45875200 _____ C:\WINDOWS\system32\config\COMPONENTS
2016-12-31 13:03 - 2016-09-04 10:38 - 00000000 ____D C:\Users\luvan\Desktop\hry
2016-12-31 12:58 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\catroot2
2016-12-31 12:33 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Tasks
2016-12-31 02:04 - 2016-11-27 15:06 - 00000000 ____D C:\Users\Public\Downloads\android
2016-12-30 23:54 - 2016-11-15 19:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-30 23:54 - 2015-08-31 11:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-30 23:47 - 2015-07-10 12:04 - 00000000 ___RD C:\Users\Public\Downloads
2016-12-30 23:26 - 2016-08-20 07:26 - 03097416 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-30 23:24 - 2016-08-02 10:00 - 00000000 ___RD C:\Users\Administrator\Desktop
2016-12-30 23:24 - 2016-07-16 12:47 - 00000000 ___RD C:\Users\Default\Desktop
2016-12-30 23:24 - 2016-07-16 12:47 - 00000000 ____D C:\Users\Default\AppData\Local
2016-12-30 23:24 - 2016-07-16 12:47 - 00000000 ____D C:\Users\Default User\AppData\Local
2016-12-30 23:24 - 2016-07-16 07:04 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-30 23:23 - 2016-08-18 11:04 - 00000000 __SHD C:\Config.Msi
2016-12-30 23:04 - 2016-08-07 22:46 - 00000000 ____D C:\Users\Public\Downloads\hry
2016-12-30 22:35 - 2016-08-25 11:48 - 00000000 ____D C:\Users\luvan\Documents\skola
2016-12-30 21:42 - 2016-08-07 17:06 - 00000000 ____D C:\Programy
2016-12-30 21:42 - 2016-08-07 16:13 - 00000000 ____D C:\games
2016-12-30 18:31 - 2016-08-20 07:28 - 00027776 _____ C:\WINDOWS\setupact.log
2016-12-30 18:25 - 2016-07-16 12:47 - 00000000 __RSD C:\WINDOWS\Fonts
2016-12-30 15:57 - 2016-07-18 00:26 - 00000000 ___RD C:\Users\luvan\Documents
2016-12-30 15:23 - 2016-07-16 07:04 - 06029312 _____ C:\WINDOWS\system32\config\DRIVERS
2016-12-30 14:52 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-30 14:50 - 2016-08-20 07:35 - 00524288 ___SH C:\Users\luvan\NTUSER.DAT{5b149a99-66a7-11e6-98e1-949389942fd4}.TMContainer00000000000000000002.regtrans-ms
2016-12-30 14:50 - 2016-08-20 07:35 - 00065536 ___SH C:\Users\luvan\NTUSER.DAT{5b149a99-66a7-11e6-98e1-949389942fd4}.TM.blf
2016-12-28 03:31 - 2016-07-16 12:47 - 00000000 __RSD C:\WINDOWS\assembly
2016-12-28 03:31 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-27 21:28 - 2016-08-07 20:56 - 00000000 ____D C:\Users\luvan\AppData\Roaming\TS3Client
2016-12-27 20:37 - 2016-09-28 21:37 - 00545528 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2016-12-27 18:34 - 2016-09-26 13:22 - 00000000 ____D C:\Users\luvan\AppData\Roaming\SmartSteamEmu
2016-12-27 15:26 - 2016-08-20 07:35 - 00000000 ___RD C:\Users\luvan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-27 14:22 - 2016-09-03 23:37 - 00000000 ____D C:\Users\luvan\AppData\Local\Ubisoft Game Launcher
2016-12-26 21:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-26 18:34 - 2016-07-18 01:18 - 00359368 _____ C:\WINDOWS\DirectX.log
2016-12-26 18:27 - 2016-08-22 12:24 - 00000000 ____D C:\ProgramData\X360CE
2016-12-26 17:59 - 2016-07-18 00:40 - 00000000 ____D C:\Users\luvan\AppData\Local\ElevatedDiagnostics
2016-12-26 17:12 - 2016-08-20 07:35 - 00000000 ____D C:\Users\luvan\AppData\Local\Microsoft
2016-12-26 17:06 - 2016-07-16 12:47 - 00000000 ___SD C:\ProgramData\Microsoft
2016-12-26 02:09 - 2016-07-16 12:47 - 00000000 ___SD C:\Users\Default\AppData\Roaming\Microsoft
2016-12-26 02:09 - 2016-07-16 12:47 - 00000000 ___SD C:\Users\Default User\AppData\Roaming\Microsoft
2016-12-26 02:09 - 2016-07-16 12:47 - 00000000 ___RD C:\Users\Default\Documents
2016-12-26 02:09 - 2016-07-16 12:47 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft
2016-12-26 02:09 - 2016-07-16 12:47 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft
2016-12-26 01:41 - 2016-07-18 00:28 - 00000000 ____D C:\Users\luvan\AppData\Roaming\Adobe
2016-12-26 01:38 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\CatRoot
2016-12-26 01:34 - 2016-10-31 12:28 - 00000000 ____D C:\ProgramData\FLEXnet
2016-12-26 01:32 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\WinSxS
2016-12-26 01:30 - 2015-07-10 12:04 - 00000000 ___RD C:\Users\Public\Documents
2016-12-26 01:25 - 2016-07-16 07:04 - 00000000 ____D C:\Program Files\Common Files
2016-12-26 01:15 - 2016-08-20 07:35 - 00000000 ___SD C:\Users\luvan\AppData\Roaming\Microsoft
2016-12-26 01:09 - 2016-07-18 00:28 - 00000000 ___SD C:\Users\luvan\AppData\LocalLow\Microsoft
2016-12-26 01:08 - 2016-08-24 10:04 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-12-26 01:08 - 2016-08-24 10:03 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2016-12-26 01:08 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-26 01:05 - 2016-07-16 23:25 - 00984012 _____ C:\WINDOWS\system32\perfh005.dat
2016-12-26 01:05 - 2016-07-16 23:25 - 00249634 _____ C:\WINDOWS\system32\perfc005.dat
2016-12-26 01:05 - 2016-07-16 12:49 - 00944670 _____ C:\WINDOWS\system32\perfh009.dat
2016-12-26 01:05 - 2016-07-16 12:49 - 00319848 _____ C:\WINDOWS\system32\perfc009.dat
2016-12-26 01:05 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-26 00:59 - 2016-08-20 08:21 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-26 00:53 - 2016-08-20 08:22 - 00000000 ____D C:\WINDOWS\system32\Microsoft
2016-12-26 00:53 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Drivers\UMDF
2016-12-26 00:53 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\DriverStore
2016-12-26 00:52 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-25 17:39 - 2016-08-07 20:36 - 00000000 ____D C:\Users\luvan\Documents\From The Depths
2016-12-25 01:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-24 21:36 - 2016-07-18 01:39 - 00000000 ____D C:\Users\luvan\Documents\My Games
2016-12-23 22:16 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-23 19:46 - 2016-08-10 21:09 - 00000000 ____D C:\Users\luvan\AppData\Local\Arma 3 Launcher
2016-12-23 13:59 - 2016-07-18 00:28 - 00000000 ____D C:\Users\luvan\AppData\Local\VirtualStore
2016-12-23 13:57 - 2015-10-15 03:55 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-22 00:48 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WDI
2016-12-21 21:22 - 2016-09-21 21:25 - 00000000 ____D C:\Users\luvan\Documents\OpenRCT2
2016-12-18 10:36 - 2016-08-20 07:34 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{4a3fb119-4ba3-11e6-80cd-b8ca3aed6f7f}.TMContainer00000000000000000002.regtrans-ms
2016-12-18 06:07 - 2016-08-20 07:26 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{4a3fb11f-4ba3-11e6-80cd-b8ca3aed6f7f}.TMContainer00000000000000000001.regtrans-ms
2016-12-18 06:07 - 2016-08-20 07:26 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{4a3fb11f-4ba3-11e6-80cd-b8ca3aed6f7f}.TM.blf
2016-12-18 06:06 - 2016-07-16 12:47 - 00000982 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-18 06:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US
2016-12-18 06:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\en-US
2016-12-18 06:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-18 06:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-18 06:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppPatch
2016-12-17 20:59 - 2016-08-08 19:40 - 00000000 ____D C:\Program Files\Rockstar Games
2016-12-17 20:59 - 2016-08-08 19:40 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-12-15 12:46 - 2016-09-11 17:24 - 00000000 ____D C:\Users\luvan\Desktop\maru
2016-12-15 12:21 - 2016-08-24 10:05 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-12-15 12:21 - 2016-08-24 10:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-15 12:08 - 2016-07-18 11:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-15 12:04 - 2016-07-18 11:55 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-15 05:11 - 2016-08-20 07:35 - 00524288 ___SH C:\Users\luvan\NTUSER.DAT{5b149a99-66a7-11e6-98e1-949389942fd4}.TMContainer00000000000000000001.regtrans-ms
2016-12-15 00:27 - 2015-07-10 12:04 - 00000199 _____ C:\WINDOWS\win.ini
2016-12-14 15:33 - 2015-08-31 12:01 - 02415284 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-14 15:31 - 2016-08-20 08:22 - 00000174 ___SH C:\Users\luvan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-14 15:31 - 2016-07-18 00:28 - 00000402 ___SH C:\Users\luvan\Documents\desktop.ini
2016-12-14 15:31 - 2016-07-18 00:28 - 00000282 ___SH C:\Users\luvan\Downloads\desktop.ini
2016-12-14 15:31 - 2016-07-18 00:28 - 00000282 ___SH C:\Users\luvan\Desktop\desktop.ini
2016-12-14 15:31 - 2016-07-18 00:28 - 00000174 ___SH C:\Users\luvan\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-14 15:31 - 2016-07-18 00:28 - 00000000 ___RD C:\Users\luvan\Searches
2016-12-14 15:31 - 2016-07-18 00:28 - 00000000 ___RD C:\Users\luvan\Contacts
2016-12-14 15:31 - 2016-07-18 00:28 - 00000000 ___RD C:\Users\luvan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-14 15:31 - 2016-07-18 00:26 - 00000000 ___RD C:\Users\luvan\Saved Games
2016-12-14 15:31 - 2016-07-18 00:26 - 00000000 ___RD C:\Users\luvan\Pictures
2016-12-14 15:31 - 2016-07-18 00:26 - 00000000 ___RD C:\Users\luvan\Music
2016-12-14 15:31 - 2016-07-18 00:26 - 00000000 ___RD C:\Users\luvan\Links
2016-12-14 15:31 - 2016-07-18 00:26 - 00000000 ___RD C:\Users\luvan\Favorites
2016-12-14 15:31 - 2015-08-31 11:49 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-14 15:30 - 2016-07-16 07:04 - 00016384 _____ C:\Users\Default\NTUSER.DAT
2016-12-14 15:26 - 2016-08-09 14:53 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-14 15:23 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-14 15:23 - 2016-07-16 12:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-14 15:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-14 15:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-14 15:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\wbem
2016-12-14 15:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2016-12-14 15:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-14 15:23 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-14 15:23 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-14 15:23 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-14 15:23 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-14 15:23 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-14 15:23 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-14 15:23 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-14 12:53 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-14 12:53 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-14 00:29 - 2016-08-07 17:20 - 00000000 ____D C:\Users\luvan\AppData\Local\Steam
2016-12-12 00:56 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-11 15:07 - 2016-11-24 15:51 - 00000000 ____D C:\Users\luvan\AppData\Local\Fallout4
2016-12-09 19:32 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-12-08 12:09 - 2016-08-24 15:40 - 00000000 ____D C:\Users\luvan\AppData\Local\Diagnostics
2016-12-07 18:31 - 2016-09-04 10:33 - 00281392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2016-12-07 18:31 - 2016-08-16 16:47 - 00281392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-12-07 18:31 - 2016-08-16 15:53 - 00000000 ____D C:\Users\luvan\AppData\Local\PunkBuster

==================== Files in the root of some directories =======

2016-08-20 07:30 - 2016-08-20 07:30 - 0000102 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

Some files in TEMP:
====================
C:\Users\luvan\AppData\Local\Temp\7za.exe
C:\Users\luvan\AppData\Local\Temp\DaS_21.exe
C:\Users\luvan\AppData\Local\Temp\dllnt_dump.dll
C:\Users\luvan\AppData\Local\Temp\hijackthis.exe
C:\Users\luvan\AppData\Local\Temp\NirCmd.exe
C:\Users\luvan\AppData\Local\Temp\PEVZ.EXE
C:\Users\luvan\AppData\Local\Temp\remove.exe
C:\Users\luvan\AppData\Local\Temp\sed.exe
C:\Users\luvan\AppData\Local\Temp\shortcut.exe
C:\Users\luvan\AppData\Local\Temp\swreg.exe
C:\Users\luvan\AppData\Local\Temp\swxcacls.exe
C:\Users\luvan\AppData\Local\Temp\wget.exe
C:\Users\luvan\AppData\Local\Temp\zoek-delete.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-01 18:52

==================== End of FRST.txt ============================

[vantyto]

Addition 1/3
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017
Ran by luvan (04-01-2017 15:40:17)
Running from C:\Users\Public\Downloads\programy\hijack
Windows 10 Home Version 1607 (X64) (2016-08-20 06:52:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3880423963-3014309569-130014225-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3880423963-3014309569-130014225-503 - Limited - Disabled)
Guest (S-1-5-21-3880423963-3014309569-130014225-501 - Limited - Disabled)
luvan (S-1-5-21-3880423963-3014309569-130014225-1001 - Administrator - Enabled) => C:\Users\luvan

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
8-bit Hordes (HKLM-x32\...\1104739253_is1) (Version: 2.0.0.3 - GOG.com)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
ACA & MEP 2017 Object Enabler (Version: 7.9.45.0 - Autodesk) Hidden
ACAD Private (Version: 21.0.52.0 - Autodesk) Hidden
Ace of Spades (HKLM-x32\...\{6037B8AD-7D5B-4D50-9BCA-A586C44EEF34}) (Version: 0.75.015 - Ben Aksoy)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3005 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3008 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Aktualizace NVIDIA 2.13.0.21 (Version: 2.13.0.21 - NVIDIA Corporation) Hidden
Ansel (Version: 368.81 - NVIDIA Corporation) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated)
Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive)
Arma: Cold War Assault (HKLM\...\Steam App 65790) (Version: - Bohemia Interactive)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version: - Ubisoft)
AutoCAD 2017 – Čeština (Czech) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 - English (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack – Čeština (Czech) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack - English (Version: 21.0.52.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk App Manager 2016-2017 (HKLM-x32\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
Autodesk AutoCAD 2017 - English (HKLM\...\AutoCAD 2017 - English) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD 2017 Language Pack – Čeština (Czech) (HKLM\...\AutoCAD 2017 – Čeština (Czech)) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{e4e126a8-f29e-4b56-947d-fe8bbdce8b1b}) (Version: 1.2.77.32054 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.77.32054 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.2.2.20973 - Avira Operations GmbH & Co. KG)
Balrum (HKLM-x32\...\1769415595_is1) (Version: 2.0.0.4 - GOG.com)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.1.1.1073 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
BattleBlock Theater (HKLM\...\Steam App 238460) (Version: - The Behemoth)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
bf2battlelog (HKU\S-1-5-21-3880423963-3014309569-130014225-1001\...\bf2battlelog) (Version: 0.8.3 - Spencer Sharkey)
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Broforce (HKLM\...\Steam App 274190) (Version: - Free Lives)
Build and Shoot Launcher 1.2 (HKLM-x32\...\Build and Shoot Launcher) (Version: 1.2 - Buld Then Snip, LLC)
Castle Crashers (HKLM\...\Steam App 204360) (Version: - The Behemoth)
Cities Skylines - Deluxe Edition v1.5.0 (6 DLC) (HKLM-x32\...\Cities Skylines - Deluxe Edition v1.5.0 (6 DLC)1.5.0) (Version: 1.5.0 - Friends in War)
Cities Skylines Natural Disasters (HKLM-x32\...\Cities Skylines Natural Disasters_is1) (Version: - )
Commandos 2: Men of Courage (HKLM\...\Steam App 6830) (Version: - Pyro Studios)
Commandos: Behind Enemy Lines (HKLM\...\Steam App 6800) (Version: - Pyro Studios)
Commandos: Beyond the Call of Duty (HKLM\...\Steam App 6810) (Version: - Pyro Studios)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Crusader Kings II The Reapers Due (HKLM-x32\...\Crusader Kings II The Reapers Due_is1) (Version: - )
Destination Paris 1.43 (HKLM-x32\...\{03107F15-988C-4607-ABE9-ADDB01540EC8}_is1) (Version: - Commandos HQ)
Devil Daggers (HKLM\...\Steam App 422970) (Version: - Sorath)
DirectX Packages (HKU\S-1-5-21-3880423963-3014309569-130014225-1001\...\DirectX Packages) (Version: - ) <==== ATTENTION
DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version: - Codemasters Racing Studio)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Empyrion - Galactic Survival (HKLM\...\Steam App 383120) (Version: - Eleon Game Studios)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Europa Universalis IV 1.10.0 (HKLM-x32\...\Europa Universalis IV 1.10.0) (Version: 1.10.0 - Monster-CZ)
Europa Universalis IV: Common Sense (HKLM-x32\...\Europa Universalis IV: Common Sense_is1) (Version: - )
Executive Assault (HKLM-x32\...\Executive Assault_is1) (Version: - )
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Far Cry 3 (HKLM-x32\...\Uplay Install 46) (Version: - Ubisoft)
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
Freddy's Texture Patch BETA (HKU\S-1-5-21-3880423963-3014309569-130014225-1001\...\Gothic Texture Patch - Freddy) (Version: 0.52 - Fred Metger)
From The Depths (HKLM\...\Steam App 268650) (Version: - Brilliant Skies Ltd.)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
GOCCO OF WAR Demo (HKLM\...\Steam App 427720) (Version: - peakvox)
Gothic (HKLM-x32\...\{BBF10B37-4ED3-11D5-A818-00500435FC18}) (Version: - )
Gothic_Patch (HKLM-x32\...\{302AC480-43D2-11D5-A818-00500435FC18}) (Version: - )
GOTHIC1 - Klasická verze - 'Systémový balíček' (HKLM-x32\...\GOTHIC1 - Klasická verze - 'Systémový balíček') (Version: 1.6 - World of Gothic RU © 2016)
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Hero Siege (HKLM\...\Steam App 269210) (Version: - Elias Viglione)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Holodrive (HKLM\...\Steam App 370770) (Version: - BitCake Studio)
Chivalry: Medieval Warfare (HKLM\...\Steam App 219640) (Version: - Torn Banner Studios)
Chompy Chomp Chomp (HKLM\...\Steam App 292570) (Version: - Utopian World of Sandwiches)
Import souborů SketchUp 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
Insurgency (HKLM\...\Steam App 222880) (Version: - New World Interactive)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4364 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Kerbal Space Program (HKLM-x32\...\1429864849_is1) (Version: 2.4.0.6 - GOG.com)
King Arthur's Gold (HKLM\...\Steam App 219830) (Version: - Transhuman Design)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 4.1.1.5 - PandoraTV)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
LibreOffice 5.2.0.4 (HKLM-x32\...\{8FA59B7B-1D26-408F-A798-BD11A65A68B9}) (Version: 5.2.0.4 - The Document Foundation)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
Malwarebytes verze 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Medieval Engineers (HKLM\...\Steam App 333950) (Version: - Keen Software House)
Men of War: Assault Squad 2 (HKLM\...\Steam App 244450) (Version: - Digitalmindsoft)
Men of War: Red Tide (HKLM\...\Steam App 3130) (Version: - 1C Company)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{9600393b-6ede-469b-a522-689fce1461d1}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Mount & Blade: Warband (HKLM\...\Steam App 48700) (Version: - TaleWorlds Entertainment)
Mozilla Firefox 50.1.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 en-US)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Necropolis (HKLM-x32\...\Necropolis_is1) (Version: - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.3 - Black Tree Gaming)
NVIDIA GeForce Experience 3.1.0.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.0.52 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 369.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 369.09 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NvNodejs (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenRCT2 0.0.5-develop-5b01653 (HKLM-x32\...\OpenRCT2) (Version: 0.0.5-develop-5b01653 - OpenRCT2)
OpenTTD 1.6.1 (HKLM-x32\...\OpenTTD) (Version: 1.6.1 - OpenTTD)
Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.)
Original War (HKLM\...\Steam App 235320) (Version: - Altar Games)
Original War (HKLM-x32\...\original war) (Version: - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 369.09 (Version: 369.09 - NVIDIA Corporation) Hidden
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
PlanetSide 2 (HKLM\...\Steam App 218230) (Version: - Daybreak Game Company)
PlanetSide 2 (HKU\S-1-5-21-3880423963-3014309569-130014225-1001\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 6.2.0.174 - Autodesk)
Portal 2 (HKLM\...\Steam App 620) (Version: - Valve)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prison Architect (HKLM\...\Steam App 233450) (Version: - Introversion Software)
Project Nomads (HKLM-x32\...\Project Nomads) (Version: - )
Punch Club (HKLM\...\Steam App 394310) (Version: - Lazy Bear Games)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.0099 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7910 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
RollerCoaster Tycoon 2: Triple Thrill Pack (HKLM\...\Steam App 285330) (Version: - Chris Sawyer Productions)
Sacred Citadel (HKLM\...\Steam App 207930) (Version: - Southend)
Satellite Reign (HKLM\...\Steam App 268870) (Version: - 5 Lives Studios)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Shadow Tactics - Blades of the Shogun 1.0.8 (HKLM-x32\...\{BB762706-65FA-44C1-B2BB-EF29CA88D7CE}_is1) (Version: 1.0.8 - Daedalic Entertainment GmbH)
SHIELD Streaming (Version: 7.1.0330 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version: - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.)
Simutrans (HKLM\...\Steam App 434520) (Version: - The Simutrans Team)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Skyrim Script Extender (SKSE) (HKLM\...\Steam App 365720) (Version: - The SKSE Team)
Space Engineers (HKLM\...\Steam App 244850) (Version: - Keen Software House)
Spadille 1.6 (HKLM-x32\...\Spadille) (Version: 1.6 - Nate Shoffner)
Speciální aplikace Autodesk 2016-2017 (HKLM-x32\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
Splinter Cell Blacklist (HKLM-x32\...\Uplay Install 91) (Version: - Ubisoft)
Spore (HKLM-x32\...\Spore_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Squad (HKLM\...\Steam App 393380) (Version: - Offworld Industries)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold Crusader 2 (HKLM\...\Steam App 232890) (Version: - FireFly Studios)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
Teleglitch: Die More Edition (HKLM\...\Steam App 234390) (Version: - Test3 Projects)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
Thunderbolt(TM) Software (HKLM-x32\...\{5B88BE64-93E7-4D6B-83D0-37B911166FF2}) (Version: 15.2.35.250 - Intel Corporation)
Titan Souls (HKLM-x32\...\1427985242_is1) (Version: 2.0.0.1 - GOG.com)
Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version: - Ubisoft Montreal)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
Toribash (HKLM\...\Steam App 248570) (Version: - Nabi Studios)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.8.7 - Tunngle.net GmbH)
UninstallAsus Espada Gaming Mouse (HKLM-x32\...\{BEEA72E5-BA89-4382-B89A-5B11077349CC}}_is1) (Version: 1.2 - ASUS)
Unity (HKLM-x32\...\Unity) (Version: 5.5.0f3 - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{C224EEBF-D40A-4056-9DD3-EE74666F74AB}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3127976) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E0107125-62C7-43B6-8E66-0582F397469E}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3127976) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E0107125-62C7-43B6-8E66-0582F397469E}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3127976) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{E0107125-62C7-43B6-8E66-0582F397469E}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3127976) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E0107125-62C7-43B6-8E66-0582F397469E}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 22.1 - Ubisoft)
USB Vibration Joystick (BM) (HKLM-x32\...\{61A994FF-DF9B-4937-9DB9-87EC4FF1B31F}) (Version: 1.00.0000 - ShanWan)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
War of the Roses (HKLM\...\Steam App 42160) (Version: - Fatshark)
War Thunder (HKLM\...\Steam App 236390) (Version: - Gaijin Entertainment)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
XML Copy Editor version 1.2.1.3 (HKLM\...\XML Copy Editor_is1) (Version: 1.2.1.3 - Zane U. Ji)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.70.262 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3880423963-3014309569-130014225-1001_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3880423963-3014309569-130014225-1001_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3880423963-3014309569-130014225-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\en-US\acadficn.dll (Autodesk, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03CA4028-FDD6-4B58-8100-DD7D50C475A0} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {05C72AF3-225D-497F-A08A-8AE4170969D3} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe
Task: {0EB48C3A-B71B-490A-9493-9308B39244CD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {252EF2EF-6003-4E95-95AD-67259F3AB43D} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {25FDB2AD-6BFB-410E-990A-80D904C5760D} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => Thunderbolt.exe
Task: {2961F684-0F26-4A09-8DBE-E4C1BC797E93} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {36B24C38-3298-4231-9284-C3210FA859BB} - System32\Tasks\{874BEA4D-EFAC-4C69-B02F-1E49D763C514} => pcalua.exe -a "C:\games\Need For Speed Shift 2 Unleashed Limited Edition\SHIFT2U.exe" -d "C:\games\Need For Speed Shift 2 Unleashed Limited Edition"
Task: {3BB69A61-8650-4BBD-A0D7-E6A3F7296081} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-10-25] (NVIDIA Corporation)
Task: {3E2C9476-B2A8-476B-AD6A-E35D0ED05101} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-08-30] (Acer Incorporated)
Task: {4F631781-670C-4A06-872B-7BDC63E874D7} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => Thunderbolt.exe
Task: {52FF6586-F8DA-4731-96A3-AB70D989067A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {6A1AECEC-0766-473B-AE79-EAAA31DE758F} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-10] ()
Task: {6A250F7B-4F8A-4FEA-8CAE-31F28DA85202} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-10] ()
Task: {8A784A15-96BC-4C7E-AE44-1C948773CDB8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {8DB9C540-4D52-4CD5-BDBC-6E13AD6A4023} - System32\Tasks\perfectsidecom => Firefox.exe hxxp://perfectsidecom.ru/dreamsm
Task: {A5091A8E-CDC0-45E9-ADF4-A1D2376D4876} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {ACA695FB-2AA9-403E-B5C5-5F9F5ADDF2C7} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-09-05] (Acer Incorporated)
Task: {B3411859-8618-435C-BE2C-2C41EA86F35C} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-09-09] (Acer)
Task: {B6980F4B-95DC-40CA-A715-5367D1076A89} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => start ThunderboltService
Task: {D3159570-177D-4846-8EE7-CA5756BFE782} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-14] (Adobe Systems Incorporated)
Task: {D580BF3C-83CE-4E6B-B1A1-20EB95353BC4} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {D748C6F7-4507-4C8E-BA6F-77512675C761} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {E88AC420-D3C6-4493-A65D-559FFB84DCF4} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
Task: {EC962411-97F9-4209-84A9-17F24FD6E2C8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-10-25] (NVIDIA Corporation)
Task: {F7AB62EB-5588-4687-9EEC-07488AECC3B1} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe [2015-05-14] (Acer Incorporated)
Task: {FBE1992D-A1B2-44DD-9601-A1A2F799B096} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2015-07-10] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

[vantyto]

addition 2/3
==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-15 05:59 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-20 07:30 - 2016-08-01 13:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-08-16 16:59 - 2016-09-17 20:41 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2016-11-10 21:03 - 2016-10-25 21:18 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-10 21:03 - 2016-10-25 21:18 - 04490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-10 21:03 - 2016-10-25 21:18 - 00420408 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-12-15 05:59 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-20 08:29 - 2016-08-20 08:29 - 01864384 _____ () C:\Users\luvan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2015-08-31 11:56 - 2015-05-08 18:41 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2017-01-03 20:48 - 2017-01-03 20:48 - 00152944 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2016-04-13 18:14 - 2016-04-13 18:14 - 00402912 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-09-13 20:55 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-15 05:59 - 2016-12-09 10:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-12-15 05:59 - 2016-12-09 10:40 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2016-11-09 01:09 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 01:09 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 01:09 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 01:09 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 01:09 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-20 20:29 - 2016-11-24 11:54 - 00022024 _____ () C:\Programy\Origin\QtWebEngineProcess.exe
2016-12-14 12:59 - 2016-12-14 13:11 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-14 12:59 - 2016-12-14 13:11 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2015-07-10 11:38 - 2015-07-10 11:38 - 04580704 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2016-12-13 14:55 - 2016-12-13 14:56 - 03810816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1612.3341.0_x64__8wekyb3d8bbwe\Calculator.exe
2016-11-23 15:44 - 2016-11-23 15:44 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-11-23 15:44 - 2016-11-23 15:44 - 20433408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-07-18 02:12 - 2016-07-18 02:13 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-11-23 15:44 - 2016-11-23 15:44 - 01046528 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-11-23 15:44 - 2016-11-23 15:44 - 00353792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Photos.Inking.dll
2017-01-01 15:50 - 2016-12-14 12:55 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-01-01 15:50 - 2016-12-14 12:55 - 02813904 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2017-01-01 15:50 - 2016-12-14 12:55 - 02247632 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-10-31 12:22 - 2016-07-01 07:39 - 00110608 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2016-10-31 12:22 - 2016-07-01 07:39 - 00061968 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2016-12-20 20:29 - 2016-11-24 11:53 - 02493440 _____ () C:\Programy\Origin\libGLESv2.dll
2016-11-10 21:03 - 2016-10-25 21:18 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-08-07 17:14 - 2016-12-08 16:13 - 00656160 _____ () C:\Programy\Steam\SDL2.dll
2016-08-07 17:14 - 2016-09-01 02:02 - 04969248 _____ () C:\Programy\Steam\v8.dll
2016-08-07 17:14 - 2016-12-20 03:25 - 02322720 _____ () C:\Programy\Steam\video.dll
2016-08-07 17:13 - 2016-01-27 08:49 - 02549760 _____ () C:\Programy\Steam\libavcodec-56.dll
2016-08-07 17:13 - 2016-01-27 08:49 - 00491008 _____ () C:\Programy\Steam\libavformat-56.dll
2016-08-07 17:13 - 2016-01-27 08:49 - 00332800 _____ () C:\Programy\Steam\libavresample-2.dll
2016-08-07 17:13 - 2016-01-27 08:49 - 00442880 _____ () C:\Programy\Steam\libavutil-54.dll
2016-08-07 17:13 - 2016-01-27 08:49 - 00485888 _____ () C:\Programy\Steam\libswscale-3.dll
2016-08-07 17:14 - 2016-09-01 02:02 - 01563936 _____ () C:\Programy\Steam\icui18n.dll
2016-08-07 17:14 - 2016-09-01 02:02 - 01195296 _____ () C:\Programy\Steam\icuuc.dll
2016-08-07 17:14 - 2016-12-20 03:25 - 00838944 _____ () C:\Programy\Steam\bin\chromehtml.DLL
2016-08-07 17:13 - 2016-07-04 23:17 - 00266560 _____ () C:\Programy\Steam\openvr_api.dll
2016-12-20 20:29 - 2016-11-24 11:53 - 00012288 _____ () C:\Programy\Origin\libEGL.DLL
2016-08-16 14:55 - 2016-08-16 14:54 - 00266240 _____ () C:\Programy\Origin\imageformats\qmng.dll
2016-10-31 12:22 - 2013-09-23 18:52 - 00043912 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll
2016-10-31 12:22 - 2015-11-05 13:07 - 00052224 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll
2016-10-31 12:22 - 2015-11-05 13:07 - 00195584 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll
2016-10-31 12:22 - 2015-11-05 13:07 - 00742400 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qca_Ad_2.dll
2016-10-31 12:23 - 2016-07-01 07:05 - 00285632 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\cs-CZ\AdWingManRes.dll
2016-10-31 12:23 - 2015-09-08 07:31 - 40640808 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll
2016-10-31 12:23 - 2014-09-03 01:29 - 00912384 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
2016-10-31 12:22 - 2014-09-03 01:29 - 00134144 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
2016-10-31 12:23 - 2014-09-03 01:29 - 00950272 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\ffmpegsumo.dll
2016-12-14 00:28 - 2016-12-05 17:21 - 67304736 _____ () C:\Programy\Steam\bin\cef\cef.win7\libcef.dll
2016-08-07 17:14 - 2016-12-20 03:25 - 00388384 _____ () C:\Programy\Steam\steam.dll
2016-08-07 17:13 - 2015-09-25 00:52 - 00119208 _____ () C:\Programy\Steam\winh264.dll
2016-11-10 21:03 - 2016-10-25 20:57 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-11-10 21:03 - 2016-10-25 20:57 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-11-10 21:03 - 2016-10-25 20:57 - 02808256 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-11-10 21:03 - 2016-10-25 21:18 - 00901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-10 21:03 - 2016-10-25 21:18 - 03776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-11-10 21:03 - 2016-10-25 20:57 - 00246840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-11-10 21:03 - 2016-10-25 20:57 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-11-10 21:03 - 2016-10-25 20:57 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-11-10 21:03 - 2016-10-25 20:57 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2015-08-07 09:09 - 2015-08-07 09:09 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-08-15 17:03 - 2016-08-15 17:03 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-08-15 17:05 - 2016-08-15 17:05 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-08-15 17:05 - 2016-08-15 17:05 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-08-15 17:04 - 2016-08-15 17:04 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2016-09-20 19:58 - 2016-09-20 19:58 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-08-30 14:09 - 2016-08-30 14:09 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-08-30 14:05 - 2016-08-30 14:05 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-09-09 09:51 - 2016-09-09 09:51 - 00202456 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-09-09 09:51 - 2016-09-09 09:51 - 00119000 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2016-08-20 08:29 - 2016-08-20 08:29 - 01383616 _____ () C:\Users\luvan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3880423963-3014309569-130014225-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3880423963-3014309569-130014225-1001\...\amazon.com -> hxxps://amazon.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2017-01-03 10:29 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3880423963-3014309569-130014225-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Acer01.jpg
HKU\S-1-5-21-3880423963-3014309569-130014225-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01042017104245141\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Acer01.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{8BE47FF6-E4A9-435D-821D-E5D290AAB87F}] => C:\Programy\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0F179E2B-E012-4D2B-B00F-83D21C91CF75}] => C:\Programy\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{4D716079-E0AB-4493-A5B9-C8269594FC13}C:\games\8-bit hordes\instanceserverg.exe] => C:\games\8-bit hordes\instanceserverg.exe
FirewallRules: [TCP Query User{045CD5FF-7D6A-4D6D-8694-8F10085712D0}C:\games\8-bit hordes\instanceserverg.exe] => C:\games\8-bit hordes\instanceserverg.exe
FirewallRules: [UDP Query User{5E0D3133-9005-4205-BA95-8A88BCBE87F4}C:\games\8-bit hordes\clientg.exe] => C:\games\8-bit hordes\clientg.exe
FirewallRules: [TCP Query User{A6F57B50-3DE5-41E1-BD46-4C1CCB41309A}C:\games\8-bit hordes\clientg.exe] => C:\games\8-bit hordes\clientg.exe
FirewallRules: [{223AFE3A-AAE7-4004-A3E0-B5D09489FE71}] => C:\games\8-bit Hordes\InstanceServerG.exe
FirewallRules: [{6FAB1B3B-8B99-4221-A634-C5239D9B9A69}] => C:\games\8-bit Hordes\InstanceServerG.exe
FirewallRules: [{2B8A00B4-7FA3-4647-A561-AA1F2CDACDBD}] => C:\games\8-bit Hordes\ClientG.exe
FirewallRules: [{7B31DDC8-866B-4E62-9128-4A3C2AE4FD58}] => C:\games\8-bit Hordes\ClientG.exe
FirewallRules: [{D0921DFE-E9CE-42D9-91FA-D7ADB34BCB2C}] => C:\games\8-bit Hordes\ClientLauncherG.exe
FirewallRules: [{9EAD1319-974D-43DE-AE53-74B6EA79D976}] => C:\games\8-bit Hordes\ClientLauncherG.exe
FirewallRules: [UDP Query User{75A4DF66-B58E-4D73-8D2D-5E08C9D2D361}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{7D847DDB-122E-449A-BD86-9F5267ED385E}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{F9C36F2C-3817-43CA-B104-6C5EA5D0547E}] => C:\Programy\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{8993A8EB-5204-4851-B124-5DCA95AFC29C}] => C:\Programy\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{A45559C0-E321-47C0-9F2E-5D7CC8B981DC}] => C:\Programy\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{BAF3BD0D-23DE-4228-8B48-B549FCF4F6D2}] => C:\Programy\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{980DF962-3B36-407C-98E8-4ACD930429E7}] => C:\Programy\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{34912060-E58A-4D4D-9090-DB1C8E6B6EFD}] => C:\Programy\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{4667E906-60EB-4CC8-A477-A6A0798022C1}] => C:\Programy\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{C10657BF-121C-45A0-B761-07937DCA97F1}] => C:\Programy\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{25C0D87F-7988-4834-ADF6-A3AF41B647F5}] => C:\Programy\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{A7A548B9-ABF7-4109-ACF9-2555CE45C757}] => C:\Programy\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [UDP Query User{37E42650-9D86-4B30-872E-EDAD9F3F2FE8}C:\programy\steam\steamapps\common\war thunder\win64\aces.exe] => C:\programy\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [TCP Query User{79387F46-E3FE-479D-88AC-A38B9052B773}C:\programy\steam\steamapps\common\war thunder\win64\aces.exe] => C:\programy\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{25CB532D-F3F7-49A5-8992-56DCFFB16DFE}] => C:\Programy\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{C50C15FA-761F-4062-8C91-1E62F7E6ABD0}] => C:\Programy\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{B0A96E02-C52D-40E4-BBB0-4B34C791B95B}] => C:\Programy\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{DDB62086-E71C-4224-8912-A762C0C5D597}] => C:\Programy\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [UDP Query User{200967B4-33CD-4A10-8D91-D93093364B72}C:\programy\steam\steamapps\common\arma 3\arma3.exe] => C:\programy\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{DF41F9F9-350E-4BC4-A458-A2538FC8D487}C:\programy\steam\steamapps\common\arma 3\arma3.exe] => C:\programy\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{CE5CF363-A506-4923-89C8-6C77DB8952AA}] => C:\Programy\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{E47F1071-CA6D-42D0-97B3-FC98B093F10E}] => C:\Programy\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{78D62DDB-665A-4E1B-904A-BA3F21A189BD}] => C:\Programy\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{0F7F9C10-BAE3-4BA4-A5EC-7DEAE2062019}] => C:\Programy\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [UDP Query User{5426016A-17DF-4499-A370-C67C48478889}C:\programy\utorrent\utorrent.exe] => C:\programy\utorrent\utorrent.exe
FirewallRules: [TCP Query User{61E7775A-BC15-407B-B85C-725FB926C844}C:\programy\utorrent\utorrent.exe] => C:\programy\utorrent\utorrent.exe
FirewallRules: [UDP Query User{C11570C8-C937-473F-AFEF-1CD156ADDE42}C:\programy\steam\steamapps\common\grand theft auto v\gta5.exe] => C:\programy\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{B7F6BD17-240B-40E7-90C6-9F5F431056C5}C:\programy\steam\steamapps\common\grand theft auto v\gta5.exe] => C:\programy\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{21B4A457-80D3-4549-B721-E88AF3F12F50}] => C:\Programy\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{E4F30DB1-3439-4C27-86C6-AC0417F86F71}] => C:\Programy\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [UDP Query User{3C4D336E-E0F2-4EC4-8E3A-02C75BE6D3D9}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [TCP Query User{583DC8A9-CF8F-4F30-8DB6-5FDA36D03147}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => C:\program files\java\jre1.8.0_101\bin\javaw.exe
FirewallRules: [{5140BF84-BF96-4043-B1E0-0FCA3FC24D3A}] => C:\Programy\Steam\steamapps\common\From The Depths\From_The_Depths.exe
FirewallRules: [{6057B627-F299-454C-8F2A-B0A0C3CE8BE2}] => C:\Programy\Steam\steamapps\common\From The Depths\From_The_Depths.exe
FirewallRules: [UDP Query User{08CCE219-9E10-4673-AAF2-37CD102C9F12}C:\games\dishonored\binaries\win32\dishonored.exe] => C:\games\dishonored\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{72283973-3AE6-4849-AB92-874A7BFFD681}C:\games\dishonored\binaries\win32\dishonored.exe] => C:\games\dishonored\binaries\win32\dishonored.exe
FirewallRules: [{F16692F8-5018-4F66-AE76-BA80D2507795}] => C:\Programy\Steam\bin\steamwebhelper.exe
FirewallRules: [{F6DF8B0F-3AB2-4B90-BE86-DEBBCF7C2A3B}] => C:\Programy\Steam\bin\steamwebhelper.exe
FirewallRules: [{CD622878-3139-4BD3-8C9D-3701C2A8F954}] => C:\Programy\Steam\Steam.exe
FirewallRules: [{17A3884A-39D5-499F-9877-99BFDEB65D6A}] => C:\Programy\Steam\Steam.exe
FirewallRules: [{3F462176-0D1A-43B5-BF10-B45CBECD9EC0}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{91692DC0-BF42-45CE-82A5-6E667F038C2E}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{227DE642-B4A4-40DB-B65D-741AF59B20FE}] => C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{153D9351-68F9-4CE6-AE66-5419EB374260}] => C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{D1449E72-5288-4FF3-88B1-34F6AC527BFF}] => C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{05EBF720-9C08-4032-9F83-DDB35AB3D67E}] => C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{9374E55F-F31F-454E-8D92-4D68414A5ACB}] => C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{BA76611A-53EA-4E98-9240-01D77C34D7E0}] => C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{087B21C9-B2B1-4D6B-BB9E-B1D62B9E131E}] => C:\Programy\Steam\steamapps\common\GOCCO OF WAR Demo\gocco_of_war_64_Demo.exe
FirewallRules: [{B90AF80B-6CC9-4FBE-A1E6-18A4CEC78B02}] => C:\Programy\Steam\steamapps\common\GOCCO OF WAR Demo\gocco_of_war_64_Demo.exe
FirewallRules: [{B9472FC2-EB2B-4D67-8B56-07D2A566DD54}] => C:\games\dark souls 3\game\DarkSoulsIII.exe
FirewallRules: [{4A5BB67E-8B8D-447F-A4AF-B65CA42C195F}] => C:\games\dark souls 3\game\DarkSoulsIII.exe
FirewallRules: [{65B0A328-6B5E-4112-8297-0D676E66E426}] => C:\games\dark souls 3\game\DarkSoulsIII.exe
FirewallRules: [{FF038E90-2A4B-44DB-9938-62DBF207917F}] => C:\games\dark souls 3\game\DarkSoulsIII.exe
FirewallRules: [TCP Query User{476144CD-832E-44E9-997E-5D9B5F3F2A62}C:\games\empyrion.galactic.survival.alpha.v3.2.1\empyrion.exe] => C:\games\empyrion.galactic.survival.alpha.v3.2.1\empyrion.exe
FirewallRules: [UDP Query User{49E21AF6-E29D-498C-A48B-12F512BDB2AE}C:\games\empyrion.galactic.survival.alpha.v3.2.1\empyrion.exe] => C:\games\empyrion.galactic.survival.alpha.v3.2.1\empyrion.exe
FirewallRules: [{039690B3-B111-4AFC-A307-777245C9D310}] => C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{646D3455-11E6-41DB-AB75-541D792FD9EE}] => C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{9C7DB52F-25F7-4DFD-B211-7302C497E5DD}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{DCD649F6-F253-43AA-A318-58C14E9F5436}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{C72EF5C0-DEEC-4C15-86C3-ED88C77CBCED}C:\programy\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe] => C:\programy\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{0283F45B-EBDB-46AD-A92D-48EAE788A6FB}C:\programy\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe] => C:\programy\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3.exe
FirewallRules: [TCP Query User{2251B481-F688-4436-A3E1-0060DDD52E16}C:\programy\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => C:\programy\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [UDP Query User{C4743778-7EC6-4CF9-885F-94A1FCA523E3}C:\programy\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe] => C:\programy\ubisoft\ubisoft game launcher\games\far cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{E4D49330-7552-49D1-9D04-A1A0C2A969A8}] => C:\Programy\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{D1F442DB-73F2-4D62-8267-B1B1DEA3593C}] => C:\Programy\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{0A05A678-E9E9-4619-BC70-0559EB030FB9}] => C:\Programy\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{96291245-7DB1-4161-863E-B9DD92DD7F4C}] => C:\Programy\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{3044A460-7D6A-4286-8BC5-69255FB6FA1A}] => C:\Programy\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{C3C17CD2-869B-40E0-8B35-BB36D99B80BD}] => C:\Programy\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [TCP Query User{73817142-5B90-42C2-B1D3-5556475D5987}C:\games\wolfenstein the new order\wolfneworder_x64.exe] => C:\games\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [UDP Query User{9F9E21A3-951B-4128-85B7-582031E327AA}C:\games\wolfenstein the new order\wolfneworder_x64.exe] => C:\games\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [TCP Query User{0000E4BB-67C6-4FB3-A8F1-EEEAB5890DAE}C:\games\gta 5 fivereborn\fivereborn.exe] => C:\games\gta 5 fivereborn\fivereborn.exe
FirewallRules: [UDP Query User{C0BFAB6C-256F-409F-8BB1-06A1CCB5E792}C:\games\gta 5 fivereborn\fivereborn.exe] => C:\games\gta 5 fivereborn\fivereborn.exe
FirewallRules: [TCP Query User{E366DA57-8144-4E15-A15F-A9345141C2A3}C:\games\gta 5 fivereborn server\new\bin\citizenmp.server.exe] => C:\games\gta 5 fivereborn server\new\bin\citizenmp.server.exe
FirewallRules: [UDP Query User{4AB743BA-5D24-4C17-A7DC-01E4995963F3}C:\games\gta 5 fivereborn server\new\bin\citizenmp.server.exe] => C:\games\gta 5 fivereborn server\new\bin\citizenmp.server.exe
FirewallRules: [TCP Query User{A96CB0DD-4D10-44FF-B0E5-B3D61748B9A7}C:\games\gta 5 fivereborn\new\bin\citizenmp.server.exe] => C:\games\gta 5 fivereborn\new\bin\citizenmp.server.exe
FirewallRules: [UDP Query User{77DF9E3A-6850-40FD-B0D6-6DD526E7D3C7}C:\games\gta 5 fivereborn\new\bin\citizenmp.server.exe] => C:\games\gta 5 fivereborn\new\bin\citizenmp.server.exe
FirewallRules: [{5CC1B671-5B37-4272-BC2A-308002BF34BF}] => C:\Programy\Tunngle\TnglCtrl.exe
FirewallRules: [{1F0A5F0F-C3A5-44BD-9C6B-CBD4DBEDCAA9}] => C:\Programy\Tunngle\TnglCtrl.exe
FirewallRules: [{B585A4EC-4C27-48E9-A0C1-9C8403A0DF81}] => C:\Programy\Tunngle\Tunngle.exe
FirewallRules: [{2710F19D-7F4C-4E25-9C8A-B14FF0ECD638}] => C:\Programy\Tunngle\Tunngle.exe
FirewallRules: [{E0113BF6-A2C9-48C4-AA80-1080A7370AEB}] => C:\Programy\Steam\steamapps\common\Simutrans\simpreloader.exe
FirewallRules: [{E2316336-1003-45DA-8096-18FA36B7D38F}] => C:\Programy\Steam\steamapps\common\Simutrans\simpreloader.exe
FirewallRules: [{BA2FEDBE-CF9A-4813-9D11-C58C1DD09766}] => C:\Programy\Steam\steamapps\common\Simutrans\simutrans.exe
FirewallRules: [{B6DD00AF-0BCA-4959-912C-A0AB7BE0A04D}] => C:\Programy\Steam\steamapps\common\Simutrans\simutrans.exe
FirewallRules: [TCP Query User{9DC0B60A-95F5-4DFC-AD1D-61A6EF407640}C:\games\openttd\openttd.exe] => C:\games\openttd\openttd.exe
FirewallRules: [UDP Query User{3F546D31-98E4-44C2-A008-0E4D85E05A02}C:\games\openttd\openttd.exe] => C:\games\openttd\openttd.exe
FirewallRules: [{9A78039C-E032-490A-AFC4-63627387DAA1}] => C:\Programy\Steam\steamapps\common\Toribash\toribash.exe
FirewallRules: [{9B228E80-FBA9-4BD5-991A-A58075228717}] => C:\Programy\Steam\steamapps\common\Toribash\toribash.exe
FirewallRules: [{82BF951B-C2CF-4B3F-94B9-E3B52D9D3FFB}] => C:\Programy\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{4C13EAA2-95BD-4657-91A2-BC0B7CD95429}] => C:\Programy\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{37F07DDA-B57A-445B-94F5-4E9941D4194E}] => C:\Programy\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{CB91F327-A4EF-4D44-9CA9-71F1E51A03D1}] => C:\Programy\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [TCP Query User{C718837C-8E44-43EF-B114-79B28A73AFC8}C:\games\empyrion.galactic.survival.alpha.v3.4.0\empyrion.exe] => C:\games\empyrion.galactic.survival.alpha.v3.4.0\empyrion.exe
FirewallRules: [UDP Query User{11B402D2-3347-4D90-AB1F-C2E6B93DC86F}C:\games\empyrion.galactic.survival.alpha.v3.4.0\empyrion.exe] => C:\games\empyrion.galactic.survival.alpha.v3.4.0\empyrion.exe
FirewallRules: [{8F3106A1-15D1-44B6-95FD-2CCEBC7CF9C9}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{ED71053C-75AC-4194-9558-0B54F85F5FEE}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4FFAFDA4-7E9A-4B00-800D-768CB7241667}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{59A8D80A-86B1-45F0-B29D-F2A67A74D55A}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{18206526-24AC-4A22-9FD2-EC61F4163F3B}] => C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{B9F7EB3D-7705-465C-9E6D-384BA20A4C27}] => C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{D026CDD3-0216-47CB-AF09-C1CBABC17CF4}] => C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{38B92C27-BF0B-483C-B5D2-B9F5614AECE0}] => C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{A20E77A9-D2DB-479C-ABFA-3CBE6965DAED}] => C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{ED81A58F-49CB-4261-8ED7-DE8AE0721DCE}] => C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{F4508548-B505-45C8-853C-B2880C5F8A94}] => C:\Programy\Steam\steamapps\common\War of the Roses\run_game.exe
FirewallRules: [{1E07855B-313A-48F4-8A06-9105016BBF13}] => C:\Programy\Steam\steamapps\common\War of the Roses\run_game.exe
FirewallRules: [{62608F76-C00B-45C0-9708-CFCD08C1E78C}] => C:\Programy\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{42959F7D-ADB4-480D-8281-C07A2827DF34}] => C:\Programy\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [TCP Query User{364E8267-AF92-4A9F-B939-DA8B94672553}C:\programy\steam\steamapps\common\planetside 2\planetside2_x64.exe] => C:\programy\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{E98CF357-8D78-4BBD-A113-D4E4664AA996}C:\programy\steam\steamapps\common\planetside 2\planetside2_x64.exe] => C:\programy\steam\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{FA601732-3DB3-4131-850F-E99A7DB97A48}] => C:\Programy\Steam\steamapps\common\Rollercoaster Tycoon 2\RCT2.EXE
FirewallRules: [{11CD2D09-3937-4D60-BE35-066916AF2BEA}] => C:\Programy\Steam\steamapps\common\Rollercoaster Tycoon 2\RCT2.EXE
FirewallRules: [{5B918622-10F7-4D03-B7AF-32CE2E40FA34}] => C:\Programy\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{16D6AAB3-1103-4EF0-B70A-B32DBC19AE0C}] => C:\Programy\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{5E9A3D97-F95D-42C7-8881-4358C7115D8A}] => C:\Programy\Steam\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{FFAF36F7-CE58-471B-85E8-458C66AB353C}] => C:\Programy\Steam\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{BED82C3D-0153-4A62-BEFD-5A1AF5C36ED4}] => C:\Programy\Steam\steamapps\common\Punch Club\Punch Club.exe
FirewallRules: [{0D1CA345-0D9E-4592-BEE9-4D08E5C27280}] => C:\Programy\Steam\steamapps\common\Punch Club\Punch Club.exe
FirewallRules: [{B33BB7EC-2F51-4D57-BCD5-C94970AA8D4B}] => C:\Programy\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{ED7FA94A-D6D5-451C-B855-2EBD9BA9932C}] => C:\Programy\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [TCP Query User{A8178DA6-5B4D-4CC9-BC7A-3BBB1B27B916}C:\games\dream.car.racing.3d.v12.2016.09.23.1\dcr3d.exe] => C:\games\dream.car.racing.3d.v12.2016.09.23.1\dcr3d.exe
FirewallRules: [UDP Query User{CF8C3AF7-3BCD-4032-98D9-264595EB41A0}C:\games\dream.car.racing.3d.v12.2016.09.23.1\dcr3d.exe] => C:\games\dream.car.racing.3d.v12.2016.09.23.1\dcr3d.exe
FirewallRules: [{07397BDA-DA1A-45C7-95B9-A0A200FED88B}] => C:\Programy\TeamViewer\TeamViewer.exe
FirewallRules: [{7BFF0A22-DE9E-4272-93C9-0A711A769F3D}] => C:\Programy\TeamViewer\TeamViewer.exe
FirewallRules: [{6D81B05A-CEAF-4903-B5B6-E2166C851855}] => C:\Programy\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{112B39FB-FAAC-4CCA-B3EC-B8DD292803EE}] => C:\Programy\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{71E6EB3A-019F-4B9C-9AAE-EB29F3639163}] => C:\Programy\Steam\steamapps\common\Commandos Behind Enemy Lines\Comandos.exe
FirewallRules: [{8868C25F-9403-4BF5-952C-12AD30AC97FE}] => C:\Programy\Steam\steamapps\common\Commandos Behind Enemy Lines\Comandos.exe
FirewallRules: [{E63E0AA1-B103-4F38-B727-3E909EB6DECB}] => C:\Programy\Steam\steamapps\common\Commandos Behind Enemy Lines\Legacy\Comandos.exe
FirewallRules: [{EB8F09CC-4FFF-41BD-A4CD-BD285C16A406}] => C:\Programy\Steam\steamapps\common\Commandos Behind Enemy Lines\Legacy\Comandos.exe
FirewallRules: [{EF81F00F-73A4-4A81-B09C-BBAC0B1199D6}] => C:\Programy\Steam\steamapps\common\Commandos Beyond the Call of Duty\coman_mp.exe
FirewallRules: [{F1156E42-A674-4F49-A04B-3CB6A18A5D45}] => C:\Programy\Steam\steamapps\common\Commandos Beyond the Call of Duty\coman_mp.exe
FirewallRules: [{2E6458BD-4EA9-488E-9F6C-62EA49CB1476}] => C:\Programy\Steam\steamapps\common\Commandos Beyond the Call of Duty\Legacy\coman_mp.exe
FirewallRules: [{32B2CCD9-1862-4995-91F7-6CAA1F19D916}] => C:\Programy\Steam\steamapps\common\Commandos Beyond the Call of Duty\Legacy\coman_mp.exe
FirewallRules: [TCP Query User{B009997D-093C-4B90-8A3E-994C824EBAB6}C:\games\children.of.a.dead.earth\cde.exe] => C:\games\children.of.a.dead.earth\cde.exe
FirewallRules: [UDP Query User{F69D6A3A-093D-4417-8EC8-454518AB7F3A}C:\games\children.of.a.dead.earth\cde.exe] => C:\games\children.of.a.dead.earth\cde.exe
FirewallRules: [{C00E2024-8A75-4D13-9AE5-B81D5B33C40D}] => C:\Programy\Steam\steamapps\common\Commandos 3 Destination Berlin\Legacy\Commandos3.exe
FirewallRules: [{A4046E4C-8CFB-4649-822E-0B20768DAA8B}] => C:\Programy\Steam\steamapps\common\Commandos 3 Destination Berlin\Legacy\Commandos3.exe
FirewallRules: [TCP Query User{A0F799B9-50F3-4250-9579-802D1ED4A733}C:\windows\syswow64\dplaysvr.exe] => C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{702368BE-DDBC-4DD3-862E-E90D32A2661D}C:\windows\syswow64\dplaysvr.exe] => C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{1DE2661F-0865-42F9-8C11-EC481B1EF040}C:\programy\steam\steamapps\common\commandos behind enemy lines\tcpserver.exe] => C:\programy\steam\steamapps\common\commandos behind enemy lines\tcpserver.exe
FirewallRules: [UDP Query User{964FDE41-9755-4BFD-8150-DE371752D45D}C:\programy\steam\steamapps\common\commandos behind enemy lines\tcpserver.exe] => C:\programy\steam\steamapps\common\commandos behind enemy lines\tcpserver.exe
FirewallRules: [{E251A475-FD5A-45E7-8D09-59D20BC260C7}] => C:\Programy\Steam\steamapps\common\Commandos 2 Men of Courage\Comm2.exe
FirewallRules: [{5DDAD603-84E5-4630-816E-0B919E013562}] => C:\Programy\Steam\steamapps\common\Commandos 2 Men of Courage\Comm2.exe
FirewallRules: [{B0841EB3-5E87-4EE4-A6EE-3EAA3DFFC6F2}] => C:\Programy\Steam\steamapps\common\Commandos 2 Men of Courage\Legacy\comm2.exe
FirewallRules: [{EC98777C-6F8B-4E46-BF14-4386F6FED0AA}] => C:\Programy\Steam\steamapps\common\Commandos 2 Men of Courage\Legacy\comm2.exe
FirewallRules: [{37723F30-36F8-4D61-98F0-6665E405F74C}] => C:\games\Europa Universalis IV\Europa Universalis IV\eu4.exe
FirewallRules: [{20C9D7F8-1134-4FF3-A1B9-964FBE65D05C}] => C:\games\Europa Universalis IV\Europa Universalis IV\eu4.exe
FirewallRules: [{988D80A6-29AB-4092-9DD3-226EC183429C}] => C:\games\Europa Universalis IV\Europa Universalis IV\eu4.exe
FirewallRules: [{0E9DC925-4775-4F0D-93FC-C957D5836BB0}] => C:\games\Europa Universalis IV\Europa Universalis IV\eu4.exe
FirewallRules: [{87D812CD-5D5D-4CEB-B601-F6A60D837666}] => C:\Programy\Steam\steamapps\common\MedievalEngineers\Bin64\MedievalEngineers.exe
FirewallRules: [{C8923687-E8CD-4161-B4F9-7A1C4587FFE5}] => C:\Programy\Steam\steamapps\common\MedievalEngineers\Bin64\MedievalEngineers.exe
FirewallRules: [{EAFCBD94-68CD-42AE-AB7A-6A25C78F81D2}] => C:\Programy\Steam\steamapps\common\Empyrion - Galactic Survival\EmpyrionLauncher.exe
FirewallRules: [{4F5211C1-DF86-43F9-B151-D200C2E7F285}] => C:\Programy\Steam\steamapps\common\Empyrion - Galactic Survival\EmpyrionLauncher.exe
FirewallRules: [TCP Query User{03A5FC2D-20D7-48E5-BBB1-965C4C2E9648}C:\programy\steam\steamapps\common\empyrion - galactic survival\empyrion.exe] => C:\programy\steam\steamapps\common\empyrion - galactic survival\empyrion.exe
FirewallRules: [UDP Query User{B4614C8D-6784-41F2-B669-839FE06732AD}C:\programy\steam\steamapps\common\empyrion - galactic survival\empyrion.exe] => C:\programy\steam\steamapps\common\empyrion - galactic survival\empyrion.exe
FirewallRules: [TCP Query User{14F2CCAA-4E89-4089-B10E-00E4AFC73BDC}C:\games\7.days.to.die.alpha.15.steam.edition.x64\7daystodie.exe] => C:\games\7.days.to.die.alpha.15.steam.edition.x64\7daystodie.exe
FirewallRules: [UDP Query User{7309280A-CB0D-4AA8-982B-22950AEF0B47}C:\games\7.days.to.die.alpha.15.steam.edition.x64\7daystodie.exe] => C:\games\7.days.to.die.alpha.15.steam.edition.x64\7daystodie.exe
FirewallRules: [TCP Query User{0022A816-A471-46A0-8518-22015F0F52C2}C:\program files\java\jre1.8.0_101\bin\java.exe] => C:\program files\java\jre1.8.0_101\bin\java.exe
FirewallRules: [UDP Query User{88117EAD-5F28-488B-9AC9-01D8164607FA}C:\program files\java\jre1.8.0_101\bin\java.exe] => C:\program files\java\jre1.8.0_101\bin\java.exe
FirewallRules: [{58449A70-6264-44B8-8B42-7FB27E982AC0}] => C:\Programy\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{612D4734-DDF4-4169-87DA-E12D2797F2FF}] => C:\Programy\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{132D5589-2C0B-4F74-89EC-63627A0953A3}] => C:\Programy\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{813BBCC7-C0B3-45C9-8F1B-E22DF803F9F5}] => C:\Programy\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{0560CE8F-009A-4181-9A15-87465D45E872}] => C:\Programy\Steam\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{D25C9D09-98C7-4549-B3B3-FC19E75F5742}] => C:\Programy\Steam\steamapps\common\Skyrim\skse_steam_boot.exe
FirewallRules: [{0E3AF813-0CCF-4BF3-BC7F-6911C9710CD6}] => C:\Programy\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{CF679E80-75DE-428C-963B-C6F1BF4FBFF2}] => C:\Programy\Steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [TCP Query User{EF90A79B-672D-48D7-B7BB-452F0693A7C4}C:\programy\steam\steamapps\common\project argo (prototype)\argo.exe] => C:\programy\steam\steamapps\common\project argo (prototype)\argo.exe
FirewallRules: [UDP Query User{81331841-2BF0-40D7-813B-451EE3B5354F}C:\programy\steam\steamapps\common\project argo (prototype)\argo.exe] => C:\programy\steam\steamapps\common\project argo (prototype)\argo.exe
FirewallRules: [TCP Query User{DC432050-345D-4D2B-A8F0-5F2882D0203D}C:\games\hidden and dangerous deluxe\bin\hde.exe] => C:\games\hidden and dangerous deluxe\bin\hde.exe
FirewallRules: [UDP Query User{C77923B7-F6FE-483C-B37D-4A8F46DB78B7}C:\games\hidden and dangerous deluxe\bin\hde.exe] => C:\games\hidden and dangerous deluxe\bin\hde.exe
FirewallRules: [TCP Query User{8999D9FD-8593-4C79-BF34-FD4DA52FF919}C:\windows\syswow64\dpnsvr.exe] => C:\windows\syswow64\dpnsvr.exe
FirewallRules: [UDP Query User{21BCD2B2-266A-427E-89D9-60915B1EEA53}C:\windows\syswow64\dpnsvr.exe] => C:\windows\syswow64\dpnsvr.exe
FirewallRules: [{58B81635-4D4F-40A9-8C49-F0D3181D5FD5}] => C:\Programy\Steam\steamapps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{59429DDF-BCCC-4723-8356-E555173E4834}] => C:\Programy\Steam\steamapps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{86D6B102-8BF4-4BFC-9D41-6A60F84EE935}] => C:\Programy\Steam\steamapps\common\ARMA Cold War Assault\ColdWarAssaultPreferences.exe
FirewallRules: [{B4A62A3B-1E36-4334-8F13-7921CAE35D57}] => C:\Programy\Steam\steamapps\common\ARMA Cold War Assault\ColdWarAssaultPreferences.exe
FirewallRules: [TCP Query User{6CF38CD4-1FCE-4515-94FD-F17B6E24CFD4}C:\programy\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => C:\programy\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{8A62ACAF-CB3D-461B-A67E-171EBFEE56A6}C:\programy\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => C:\programy\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{0E958A34-94EE-4F5C-9210-365C6DD2F7FC}] => C:\Programy\Steam\steamapps\common\Squad\squad_launcher.exe
FirewallRules: [{9C26A1B6-8EC1-4118-A7FC-C79F52FC75D8}] => C:\Programy\Steam\steamapps\common\Squad\squad_launcher.exe
FirewallRules: [TCP Query User{8F0F8565-8457-4C8B-930D-4B5065647BBC}C:\programy\steam\steamapps\common\squad\squad\binaries\win64\squad.exe] => C:\programy\steam\steamapps\common\squad\squad\binaries\win64\squad.exe
FirewallRules: [UDP Query User{A0C38132-F743-4486-99E8-DD8C9A0D26DC}C:\programy\steam\steamapps\common\squad\squad\binaries\win64\squad.exe] => C:\programy\steam\steamapps\common\squad\squad\binaries\win64\squad.exe
FirewallRules: [{86B95048-3964-4642-BA61-B2CEC6797178}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{2E5D0628-462C-493C-B06E-137B5DD5A197}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{D71DAFE0-7A3B-4479-B8F7-3C11064D6715}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{88F5B922-6A53-4C66-AE2F-DD9E1A073009}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{004CA860-453E-4FB6-A50C-C80A56F9D769}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3135B83B-75F7-483E-A166-450897FC5325}] => C:\Programy\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{4526A68A-3932-4B49-BDA9-121FA274784B}] => C:\Programy\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{08F98880-777D-43AE-8770-D5FEB85A313F}] => C:\Programy\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{3E449822-1B37-42C4-BBEB-C2A8FE692D83}] => C:\Programy\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{97DB805F-9858-42B9-824F-66A4C83DC5AE}] => C:\Programy\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{4BE27CC8-10C1-4A26-9274-31D3419D56B0}] => C:\Programy\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{1770BE37-2878-4F9B-837A-5B50F3CE6A8E}] => C:\Programy\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{B6514B2F-432A-42D2-AF27-AE980EEF76E1}] => C:\Programy\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{90AB72C7-CE5B-42B4-9EC6-D8554E1DAA56}] => C:\Programy\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{E969C1B9-E559-48D1-8583-289DA4057979}] => C:\Programy\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{FE856C2D-BFEB-48D6-9967-5C80470A4512}] => C:\Programy\Steam\steamapps\common\Men of War Red Tide\RedTide.exe
FirewallRules: [{654694EE-2699-4F39-815B-B9F4522F64C5}] => C:\Programy\Steam\steamapps\common\Men of War Red Tide\RedTide.exe
FirewallRules: [TCP Query User{E1CFF512-913C-4BAD-9E4E-3FBF6BCBC89D}C:\games\the.sandbox.evolution\thesandbox2.exe] => C:\games\the.sandbox.evolution\thesandbox2.exe
FirewallRules: [UDP Query User{AECA0543-6DAB-4A87-A116-8801FBD94A5F}C:\games\the.sandbox.evolution\thesandbox2.exe] => C:\games\the.sandbox.evolution\thesandbox2.exe
FirewallRules: [TCP Query User{545A1153-9434-442E-8530-71209B41F019}C:\programy\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => C:\programy\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [UDP Query User{CD4282BF-8CFE-4BF1-A9F5-4A883A1566BB}C:\programy\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => C:\programy\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [{51543D5A-2266-4CB0-9C0B-F26E51B7F029}] => C:\Programy\Steam\steamapps\common\Original War\Owar.exe
FirewallRules: [{2B5B4B7D-76B9-469D-ABCC-7287AA99D335}] => C:\Programy\Steam\steamapps\common\Original War\Owar.exe
FirewallRules: [{375595DE-1622-41F8-816D-ED4152D4F1C3}] => C:\Programy\Steam\steamapps\common\Broforce\Broforce_beta.exe
FirewallRules: [{A1DA883D-DE76-4BFE-9388-6ACAB1BA7B6E}] => C:\Programy\Steam\steamapps\common\Broforce\Broforce_beta.exe
FirewallRules: [{3984477A-C11D-4C54-A88C-20A363230962}] => C:\Programy\PC Remote Receiver\PCRemoteReceiver.exe
FirewallRules: [{9C07ACF9-2151-4072-87C4-2C9A9D132C7B}] => C:\Programy\PC Remote Receiver\MonectMediaCenter.exe
FirewallRules: [{F6EE71E7-6C3E-481F-BE52-D6AB044B4DEB}] => C:\Programy\Steam\steamapps\common\BlockNLoad\Win64\BlockNLoad.exe
FirewallRules: [{8B6E25EC-FC59-4C34-9CB9-024777AFB7CB}] => C:\Programy\Steam\steamapps\common\BlockNLoad\Win64\BlockNLoad.exe
FirewallRules: [TCP Query User{1DEEDC1E-ABAA-404D-B37F-739460C8D951}C:\games\hesketh studios\executive assault\executiveassault.exe] => C:\games\hesketh studios\executive assault\executiveassault.exe
FirewallRules: [UDP Query User{8677B9D7-50E5-417D-9A49-7D0973817683}C:\games\hesketh studios\executive assault\executiveassault.exe] => C:\games\hesketh studios\executive assault\executiveassault.exe
FirewallRules: [{BDE94C2F-769A-4C3C-8410-81C6C4040E1D}] => C:\Programy\Steam\steamapps\common\sacred_citadel\sacredcitadel.exe
FirewallRules: [{7D609495-59CC-49C2-85FD-ABA0DAE6DE23}] => C:\Programy\Steam\steamapps\common\sacred_citadel\sacredcitadel.exe
FirewallRules: [{F309C102-1159-41E6-9988-536A757028E1}] => C:\program files (x86)\common files\tencent\qqdownload\125\tencentdl.exe
FirewallRules: [{0BA31C7D-6F41-423B-A28A-D8C25BD237DD}] => C:\program files (x86)\common files\tencent\qqdownload\125\tencentdl.exe
FirewallRules: [TCP Query User{FA77500E-864E-47BD-B860-F80A2EDFB400}C:\games\kulic\kulic.exe] => C:\games\kulic\kulic.exe
FirewallRules: [UDP Query User{E240CC84-FA2F-4F97-BDEF-82D5003332BF}C:\games\kulic\kulic.exe] => C:\games\kulic\kulic.exe
FirewallRules: [{599FFA00-4D88-4D1F-9D65-70BB7481B727}] => C:\games\Shadow Tactics - Blades of the Shogun\Shadow Tactics.exe
FirewallRules: [{E9F9A240-2052-4982-B15D-5DD4353FBC76}] => C:\games\Shadow Tactics - Blades of the Shogun\Shadow Tactics.exe
FirewallRules: [{BB442BA9-E067-4321-B30D-71D21406207E}] => C:\Programy\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{D64011B1-1451-42C6-A78C-F7AD3C05E795}] => C:\Programy\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{239959F1-60BB-47EF-8F9E-48EA36620095}] => C:\Programy\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{1EB91924-5683-4423-A732-FAD93BCF46A4}] => C:\Programy\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{44F04F7A-BE69-4F77-B628-CB6C4BB77538}] => C:\Programy\Steam\steamapps\common\SatelliteReign\SatelliteReignWindows.exe
FirewallRules: [{609143F1-2060-4147-9B61-21D7F7DCA4B8}] => C:\Programy\Steam\steamapps\common\SatelliteReign\SatelliteReignWindows.exe
FirewallRules: [{C270257C-E70A-49EA-BC46-7AE028FB1559}] => C:\Programy\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B890C8D4-738D-485C-B3C8-881115AF8895}] => C:\Programy\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{34E12237-6206-49FD-960C-48713E12F046}] => C:\Programy\Steam\steamapps\common\TeleglitchDME\Teleglitch.exe
FirewallRules: [{806D71A3-45D1-424A-89FE-9E2D2F297F69}] => C:\Programy\Steam\steamapps\common\TeleglitchDME\Teleglitch.exe
FirewallRules: [{B1B28802-1B45-409D-9910-254DBCFAB37F}] => C:\Programy\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{7696CEBC-DBBB-4903-9061-6BD0E8561535}] => C:\Programy\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{C7276C06-1DE1-4A2A-B7C1-DE6E97565677}] => C:\Programy\Steam\steamapps\common\devildaggers\dd.exe
FirewallRules: [{0A0659CB-9C81-4258-A9E3-CC86FE132EED}] => C:\Programy\Steam\steamapps\common\devildaggers\dd.exe
FirewallRules: [{15C3A486-9030-443C-92FE-0766155228CE}] => C:\Programy\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{D29A69B9-7B95-47ED-B431-8FED72EF2047}] => C:\Programy\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{203C90E1-9A75-47C2-B79E-92C8BB00C667}] => C:\Programy\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [{5136CF47-C512-44D8-B160-7B1601CBA0E3}] => C:\Programy\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [TCP Query User{830464E3-09B9-4F54-827F-79A125430F49}C:\games\openrct2\openrct2.exe] => C:\games\openrct2\openrct2.exe
FirewallRules: [UDP Query User{5745F24F-5A7A-4096-A320-849A3BD3BA20}C:\games\openrct2\openrct2.exe] => C:\games\openrct2\openrct2.exe
FirewallRules: [TCP Query User{3EFCD9D2-358A-41C5-93DD-B606AAA65982}C:\games\star wars jedi knight jedi academy\gamedata\jamp.exe] => C:\games\star wars jedi knight jedi academy\gamedata\jamp.exe
FirewallRules: [UDP Query User{219AF3D7-E557-4EEF-95F7-C57286671431}C:\games\star wars jedi knight jedi academy\gamedata\jamp.exe] => C:\games\star wars jedi knight jedi academy\gamedata\jamp.exe
FirewallRules: [TCP Query User{C8AA760C-C8A5-4108-8D66-E0FAC497FEBB}C:\games\neurovoider.update.54\neurovoider.exe] => C:\games\neurovoider.update.54\neurovoider.exe
FirewallRules: [UDP Query User{55D48EC6-4451-4689-AAA1-8BCC47ECCB53}C:\games\neurovoider.update.54\neurovoider.exe] => C:\games\neurovoider.update.54\neurovoider.exe
FirewallRules: [TCP Query User{5040FC9F-74BB-4122-9970-F6B1F5083ABC}C:\games\roguelands.v1.4\roguelands.exe] => C:\games\roguelands.v1.4\roguelands.exe
FirewallRules: [UDP Query User{ACD905A6-B979-42A0-B763-E778FE60EB3A}C:\games\roguelands.v1.4\roguelands.exe] => C:\games\roguelands.v1.4\roguelands.exe
FirewallRules: [{B5E4F348-CB4C-4193-8E3D-BCD133FE1449}] => C:\Programy\Steam\steamapps\common\King Arthur's Gold\KAG.exe
FirewallRules: [{C620BC93-BC57-488E-967E-599F897DA1DB}] => C:\Programy\Steam\steamapps\common\King Arthur's Gold\KAG.exe
FirewallRules: [TCP Query User{77BC040B-AB52-469D-8B08-E2FECFD8A605}C:\games\fallout 4\fallout4.exe] => C:\games\fallout 4\fallout4.exe
FirewallRules: [UDP Query User{ECF19FA5-D091-4007-AF7E-A379AF56F01C}C:\games\fallout 4\fallout4.exe] => C:\games\fallout 4\fallout4.exe
FirewallRules: [{05DF8DA0-7AE2-4377-B8AF-99CCC7D14A29}] => C:\Programy\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{21E09942-2838-4223-A1DD-0AC9EFE024C7}] => C:\Programy\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{E4B316D0-99A2-40A4-A939-FDCBD6CF6AB6}] => C:\Programy\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{EF19A658-FA15-4B1D-9AAE-F01324C066AA}] => C:\Programy\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{FA67C258-BD5B-4BE8-A9F3-5A81899D42F9}] => C:\Programy\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{E5CCE031-8182-4A17-A025-E5F839087F52}] => C:\Programy\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{87AC6E8A-96C7-4507-8F61-218DAD7CD5D0}] => C:\Programy\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{1B7C1E3D-741B-4588-A1B6-85853C402D15}] => LPort=5353
FirewallRules: [{36376807-D590-4FEA-8609-41DFD7F53F43}] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{813BC538-07F2-4E2B-9DA1-EB200DAF24A2}] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{0E84F8FB-8561-4BD3-9D2B-B1FC675BFB18}] => C:\Programy\photoshop\Adobe Photoshop CS4 (64 Bit)\Photoshop.exe
FirewallRules: [{7B2E043E-529E-44D6-AEC9-D15576A689E2}] => C:\Programy\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{A7495F89-6B3F-404C-9D7F-65C6FB2E36F5}] => C:\Programy\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{A121F2F6-97D5-4291-BB41-D8EE1C657750}] => C:\Programy\Steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{C8B6E02B-5622-4F25-BD19-F0D7035D1E81}] => C:\Programy\Steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe
FirewallRules: [{C159880A-7EAB-400C-B35C-3B760D61A001}] => C:\Programy\Steam\steamapps\common\Holodrive\Holodrive.exe
FirewallRules: [{98B298C0-7749-4B92-A605-E2640428BE93}] => C:\Programy\Steam\steamapps\common\Holodrive\Holodrive.exe
FirewallRules: [TCP Query User{A8EFDCF3-19F1-40D7-A204-202DCF61697F}C:\games\gang.beasts.v0.5.0\gang beasts.exe] => C:\games\gang.beasts.v0.5.0\gang beasts.exe
FirewallRules: [UDP Query User{61EB602C-D6D3-4EBD-9779-70572A36968A}C:\games\gang.beasts.v0.5.0\gang beasts.exe] => C:\games\gang.beasts.v0.5.0\gang beasts.exe
FirewallRules: [{51388790-36FA-4E56-AAAD-BB87E94B6E1E}] => C:\Programy\Steam\steamapps\common\TigerKnight_EW\frontend\bin\frontend.exe
FirewallRules: [{6B247FDA-A549-4F71-B175-5DE5FCEB6364}] => C:\Programy\Steam\steamapps\common\TigerKnight_EW\frontend\bin\frontend.exe
FirewallRules: [{DF1E78FF-AD0C-40CA-B444-050D344BC92D}] => C:\Program Files (x86)\PC Remote Receiver\PCRemoteReceiver.exe
FirewallRules: [{BA8FA0A5-3B98-4D6A-9CD1-B1A14806D515}] => C:\Program Files (x86)\PC Remote Receiver\MonectMediaCenter.exe
FirewallRules: [TCP Query User{11075E56-02B0-4D46-A365-500601BC8435}C:\games\_litle games\igg-crazy.pixel.streaker.v1.1.0\crazypixelstreaker.exe] => C:\games\_litle games\igg-crazy.pixel.streaker.v1.1.0\crazypixelstreaker.exe
FirewallRules: [UDP Query User{92E1D1C2-6720-45C2-85AA-6509BE333F09}C:\games\_litle games\igg-crazy.pixel.streaker.v1.1.0\crazypixelstreaker.exe] => C:\games\_litle games\igg-crazy.pixel.streaker.v1.1.0\crazypixelstreaker.exe
FirewallRules: [TCP Query User{E53AA638-6BB0-4BF2-9122-4635B5AF4BB5}C:\program files\unity\editor\unity.exe] => C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{3322F1CB-57B2-4D65-8E55-0C1FF5B91AC1}C:\program files\unity\editor\unity.exe] => C:\program files\unity\editor\unity.exe
FirewallRules: [{323CF1AA-C694-4C5B-89D0-07A460922119}] => C:\Programy\Steam\steamapps\common\Chompy Chomp Chomp\ChompyChompChomp.exe
FirewallRules: [{DAB88250-AEA6-45FD-909A-174659786209}] => C:\Programy\Steam\steamapps\common\Chompy Chomp Chomp\ChompyChompChomp.exe

[vantyto]

addition 3/3:
==================== Restore Points =========================

04-01-2017 11:26:52 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name: Technologie Intel(R) Smart Sound OED
Description: Technologie Intel(R) Smart Sound OED
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel(R) Corporation
Service: IntcOED
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Intel(R) Display Audio
Description: Intel(R) Display Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel(R) Corporation
Service: IntcDAud
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Android ADB Interface
Description: Android ADB Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b2b0e}
Manufacturer: LeMobile
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/04/2017 11:27:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (01/04/2017 05:36:22 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/03/2017 09:00:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Programy\Microsoft Visual Studio 11.0\VC\redist\1033\vcredist_arm.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (01/03/2017 04:52:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamservice.exe, verze: 3.1.0.388, časové razítko: 0x58320f73
Název chybujícího modulu: ntdll.dll, verze: 10.0.14393.479, časové razítko: 0x5825887f
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000035793
ID chybujícího procesu: 0xf60
Čas spuštění chybující aplikace: 0x01d265d905bac91f
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 0c51bc34-74fd-4750-9c9e-ab9afdeebdf6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/03/2017 10:27:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLACKBOOK)
Description: Aplikaci Microsoft.Getstarted_4.2.29.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca se nepovedlo aktivovat, protože došlo k chybě: -2144927149. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/03/2017 09:58:18 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLACKBOOK)
Description: Aplikaci Microsoft.Getstarted_4.2.29.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca se nepovedlo aktivovat, protože došlo k chybě: -2144927149. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/03/2017 09:53:51 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLACKBOOK)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/03/2017 09:53:51 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLACKBOOK)
Description: Aplikaci Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/03/2017 09:53:46 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BLACKBOOK)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (01/03/2017 09:53:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 50.1.0.6186 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 898

Čas spuštění: 01d2659dfc4aaf4b

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

ID hlášení: 7c212bab-d191-11e6-8f51-3065ec8c4be6

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:


System errors:
=============
Error: (01/03/2017 10:50:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Avira Phantom VPN bylo dosaženo časového limitu (30000 ms).

Error: (01/03/2017 08:22:09 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (01/03/2017 04:54:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Malwarebytes Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/03/2017 04:52:35 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/03/2017 04:49:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (10:26:41, ‎03.‎01.‎2017) bylo neočekávané.

Error: (01/03/2017 10:57:04 AM) (Source: DCOM) (EventID: 10005) (User: BLACKBOOK)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (01/03/2017 10:47:04 AM) (Source: DCOM) (EventID: 10005) (User: BLACKBOOK)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (01/03/2017 10:37:42 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/03/2017 10:37:41 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/03/2017 10:37:41 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


CodeIntegrity:
===================================
Date: 2016-12-30 15:32:28.800
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-30 15:32:28.797
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-30 15:32:28.792
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-30 15:23:52.264
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-30 15:23:52.261
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-30 15:23:52.256
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-30 15:23:12.115
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-30 15:23:12.113
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-30 15:23:12.106
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-30 15:13:22.137
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 64%
Total physical RAM: 8055.66 MB
Available physical RAM: 2858.2 MB
Total Virtual: 11383.66 MB
Available Virtual: 4199.55 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:930.91 GB) (Free:20.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A338C579)

Partition: GPT.

==================== End of Addition.txt ============================

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Programy\PC Remote Receiver\PCRemoteReceiver.exe /RestartByRestartManager:B51B951A-BE64-4e1c-B71C-758DD40E4704
HKU\S-1-5-21-3880423963-3014309569-130014225-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01042017104245141\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
SearchScopes: HKU\S-1-5-21-3880423963-3014309569-130014225-1001 -> DefaultScope {11F82C0C-C38B-4901-AFB7-E3BA99B5815C} URL =
SearchScopes: HKU\S-1-5-21-3880423963-3014309569-130014225-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
C:\WINDOWS\System32\Tasks\{874BEA4D-EFAC-4C69-B02F-1E49D763C514}
C:\Users\luvan\AppData\Local\Temp\7za.exe
C:\Users\luvan\AppData\Local\Temp\DaS_21.exe
C:\Users\luvan\AppData\Local\Temp\dllnt_dump.dll
C:\Users\luvan\AppData\Local\Temp\hijackthis.exe
C:\Users\luvan\AppData\Local\Temp\NirCmd.exe
C:\Users\luvan\AppData\Local\Temp\PEVZ.EXE
C:\Users\luvan\AppData\Local\Temp\remove.exe
C:\Users\luvan\AppData\Local\Temp\sed.exe
C:\Users\luvan\AppData\Local\Temp\shortcut.exe
C:\Users\luvan\AppData\Local\Temp\swreg.exe
C:\Users\luvan\AppData\Local\Temp\swxcacls.exe
C:\Users\luvan\AppData\Local\Temp\wget.exe
C:\Users\luvan\AppData\Local\Temp\zoek-delete.exe
DirectX Packages (HKU\S-1-5-21-3880423963-3014309569-130014225-1001\...\DirectX Packages) (Version: - ) <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe


EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
Máš Malwarebytes ve verzi antiviru?


Drive c: (Acer) (Fixed) (Total:930.91 GB) (Free:20.55 GB) NTFS
Totální nedostatek volného místa na disku!! Něco odinstaluj , smaž. Máš mít nejméně 15-20% volného místa na syst. disku , pro zajištění bezproblémového chodu windows!!

[vantyto]

operace s FRSTem provedena, log viz níže:

ohledně aviry.....tu jsem stáhl až po vyskytnutí problému zda něco nenajde (nenašla), je možné že avira obsahuje neco takového......čas občasu v pravém dolním rohu obarzovy vyskočí avira "reklamní blok" což muže být technicky vzato mallware ...free verze no + se sní nainstalovali ruzne zbytečnosti ala "avira speedup" atd. ty už letí dopryč.

a s nedostatkem místa si jsem také vedom....v posledních dnech jsem operoval s velkými soubory (cca 50GB) (až po vyskytnutí problému, ten nebyl zpusoben tím), čistka proběhne co nevidet


FIXLOG:
Fix result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017
Ran by luvan (04-01-2017 18:48:52) Run:1
Running from C:\Users\Public\Downloads\programy\hijack
Loaded Profiles: luvan & (Available Profiles: luvan & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Programy\PC Remote Receiver\PCRemoteReceiver.exe /RestartByRestartManager:B51B951A-BE64-4e1c-B71C-758DD40E4704
HKU\S-1-5-21-3880423963-3014309569-130014225-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01042017104245141\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
SearchScopes: HKU\S-1-5-21-3880423963-3014309569-130014225-1001 -> DefaultScope {11F82C0C-C38B-4901-AFB7-E3BA99B5815C} URL =
SearchScopes: HKU\S-1-5-21-3880423963-3014309569-130014225-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
C:\WINDOWS\System32\Tasks\{874BEA4D-EFAC-4C69-B02F-1E49D763C514}
C:\Users\luvan\AppData\Local\Temp\7za.exe
C:\Users\luvan\AppData\Local\Temp\DaS_21.exe
C:\Users\luvan\AppData\Local\Temp\dllnt_dump.dll
C:\Users\luvan\AppData\Local\Temp\hijackthis.exe
C:\Users\luvan\AppData\Local\Temp\NirCmd.exe
C:\Users\luvan\AppData\Local\Temp\PEVZ.EXE
C:\Users\luvan\AppData\Local\Temp\remove.exe
C:\Users\luvan\AppData\Local\Temp\sed.exe
C:\Users\luvan\AppData\Local\Temp\shortcut.exe
C:\Users\luvan\AppData\Local\Temp\swreg.exe
C:\Users\luvan\AppData\Local\Temp\swxcacls.exe
C:\Users\luvan\AppData\Local\Temp\wget.exe
C:\Users\luvan\AppData\Local\Temp\zoek-delete.exe
DirectX Packages (HKU\S-1-5-21-3880423963-3014309569-130014225-1001\...\DirectX Packages) (Version: - ) <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe


EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #0 => value removed successfully
HKU\S-1-5-21-3880423963-3014309569-130014225-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-01042017104245141\Software\Microsoft\Windows\CurrentVersion\RunOnce\\WAB Migrate => value removed successfully
HKU\S-1-5-21-3880423963-3014309569-130014225-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-3880423963-3014309569-130014225-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => key removed successfully
C:\WINDOWS\System32\Tasks\{874BEA4D-EFAC-4C69-B02F-1E49D763C514} => moved successfully
C:\Users\luvan\AppData\Local\Temp\7za.exe => moved successfully
C:\Users\luvan\AppData\Local\Temp\DaS_21.exe => moved successfully
C:\Users\luvan\AppData\Local\Temp\dllnt_dump.dll => moved successfully
C:\Users\luvan\AppData\Local\Temp\hijackthis.exe => moved successfully
C:\Users\luvan\AppData\Local\Temp\NirCmd.exe => moved successfully
C:\Users\luvan\AppData\Local\Temp\PEVZ.EXE => moved successfully
C:\Users\luvan\AppData\Local\Temp\remove.exe => moved successfully
C:\Users\luvan\AppData\Local\Temp\sed.exe => moved successfully
C:\Users\luvan\AppData\Local\Temp\shortcut.exe => moved successfully
C:\Users\luvan\AppData\Local\Temp\swreg.exe => moved successfully
C:\Users\luvan\AppData\Local\Temp\swxcacls.exe => moved successfully
C:\Users\luvan\AppData\Local\Temp\wget.exe => moved successfully
C:\Users\luvan\AppData\Local\Temp\zoek-delete.exe => moved successfully
DirectX Packages (HKU\S-1-5-21-3880423963-3014309569-130014225-1001\...\DirectX Packages) (Version: - ) <==== ATTENTION => Error: No automatic fix found for this entry.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 60151571 B
Java, Flash, Steam htmlcache => 274229801 B
Windows/system/drivers => 4973892 B
Edge => 87935688 B
Chrome => 0 B
Firefox => 381536855 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 7680 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 146908 B
NetworkService => 788254 B
luvan => 254716417 B
Administrator => 16690 B

RecycleBin => 65173806 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:49:59 ====

[jaro3]

Avira je z těch zobrazených asi nejlepší. Nevím že malwarebytes se ti v logu zobrazuje jako antivir..součástí Aviry rozhodně není..

Co problémy?

[vantyto]

Avira je z těch zobrazených asi nejlepší. Nevím že malwarebytes se ti v logu zobrazuje jako antivir..součástí Aviry rozhodně není..

moje chyba, špatne sem si přečetl to s malwarebytes, přečetl jsem zda neni mallwaer v aviře , takže ano, ale 14dní trial verzi, ale jedná se pouze o tu jak jsem mel stáhnout (viz 2. zpráva https://www.besttechie.com/downloads/malwarebytes/)

jinak, problém stále přetrvává, ted projíždím počítač Sophoem, a uvidím zda neco najde, dám vedet výsledky.


edit: Sophos naše malware "Mal/VMProtBad-A" , odstranil, ale problm přetrvává

[jaro3]

Doporučuji zastavit kontrolu v reálném čase u Malwarebytes Antimalwaru , pokud to tam najdeš.

Jo , dej pak výsledky.