Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12.02.2018
Ran by User (16-02-2018 19:40:50)
Running from C:\Users\User\Desktop
Windows 10 Home Version 1709 16299.248 (X64) (2017-12-07 02:13:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3195211630-173149088-1011612179-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3195211630-173149088-1011612179-503 - Limited - Disabled)
Guest (S-1-5-21-3195211630-173149088-1011612179-501 - Limited - Disabled)
User (S-1-5-21-3195211630-173149088-1011612179-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-3195211630-173149088-1011612179-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AIDA64 Extreme v5.90 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.90 - FinalWire Ltd.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.51.47047 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
CGS17_Setup_x64 (HKLM\...\{83646B67-A878-4E95-BB4B-AF4A6E61F28C}) (Version: 17.0 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension (HKLM\...\_{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.0.491 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{4AB916EE-ABA8-4079-9889-745798B6D809}) (Version: 17.0.491 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (HKLM\...\{FD4A43CE-ABAE-4161-83AC-314A3C804F42}) (Version: 17.0.491 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (HKLM\...\{2C91CB9D-323D-43E5-A433-229B71CFB773}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (HKLM\...\{9178F0A8-B6F6-4DA7-AD63-317CC4875F4B}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (HKLM\...\{BD036E95-A9CD-4DED-B744-95AB1DCAFF0C}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (HKLM\...\{5162E418-BB43-4C8F-ACD6-069645EF98C3}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - CZ (x64) (HKLM\...\{DCCD0EF6-DFCF-4D31-B71D-2AAC24C6AB16}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (HKLM\...\{2C0DDC74-5234-43DD-BB5A-0645B8FE5289}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (HKLM\...\{D10A5CFA-FE33-4F06-AE37-554604F00A52}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (HKLM\...\{5406029B-67AD-4F8E-9F2D-F1959CD9CD86}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (HKLM\...\{EF44BCCD-13F9-4974-862C-CCFAF43EE082}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (HKLM\...\{13179AB2-69FD-459B-800F-81865A501AD4}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (HKLM\...\{C922F325-DD52-4E22-B204-431A06E63E51}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (HKLM\...\{1A73168F-5983-46A6-AAAB-FD83BC231E02}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (HKLM\...\{C57EDB5A-AC8E-4E03-9F1A-DC013A2BB9B2}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (HKLM\...\{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (HKLM\...\{5672E0DC-7489-4EAC-8CFD-E01B3868FCB5}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (HKLM\...\{966996DC-D67C-40E3-8BD4-31FA0F093571}) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (HKLM\...\{D63404AC-C2F1-4B3D-96EA-9727AC9D994C}) (Version: 17.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.0.0.491 - Corel Corporation)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3195211630-173149088-1011612179-1001\...\Discord) (Version: 0.0.300 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{F7118EF5-320C-4340-99F4-25F970B428A3}) (Version: 1.1.125.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{6583B359-134F-480D-9B31-9B94EFFAFE40}) (Version: 5.0.609.0 - Futuremark)
GHOST (HKLM-x32\...\{AC968B0F-024A-4323-BD6B-C2A85D183F34}) (Version: 1.05.0000 - Název společnosti:)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.167 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{6B84E528-9705-4D36-9C97-97B8E23DAB75}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Malwarebytes verze 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM-x32\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3195211630-173149088-1011612179-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM-x32\...\{90160000-001F-0405-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM-x32\...\{90160000-001F-041B-0000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
Origin (HKLM-x32\...\Origin) (Version: 10.5.9.17903 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17387 - Microsoft Corporation)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games)
Seznam Software (HKU\S-1-5-21-3195211630-173149088-1011612179-1001\...\SeznamInstall) (Version: 2.1.30 - Seznam.cz)
Spotify (HKU\S-1-5-21-3195211630-173149088-1011612179-1001\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.4.2 - TeamSpeak Systems GmbH)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.5.0.0 - Zenimax Online Studios)
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
UsbFix Anti-Malware Premium (HKLM-x32\...\UsbFix) (Version: 10.0.1.5 - SOSVirus (SOSVirus.Net))
VTFEdit 1.2.5 (HKLM-x32\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-2) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-3) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-4) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-5) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-6) (Version: 1.0.39.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0) (Version: 1.0.54.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0-2) (Version: 1.0.54.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0-3) (Version: 1.0.54.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0-2) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0-3) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3195211630-173149088-1011612179-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-11-27] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] ()
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00B9B6C8-46CC-40C4-8602-2BD5808447CA} - System32\Tasks\S-1-5-21-3195211630-173149088-1011612179-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation)
Task: {092325F1-9B4E-4137-82BF-CA36952CC5AD} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_V3.exe
Task: {0EBC4583-94BC-460C-909C-84902926AE23} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {1EA71CED-FBE0-4A14-A24A-D413B9D59247} - System32\Tasks\AdobeAAMUpdater-1.0-PC-User => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {209259BB-BCCE-4FA2-BA07-AFCCFBF7538F} - System32\Tasks\{E3A7A763-2E37-4130-82BA-C03658B31862} => C:\Windows\system32\pcalua.exe -a E:\Battle.net\Battle.net.exe -d E:\Battle.net
Task: {2F4480BA-0B09-48CB-9306-41BB3D890248} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {33C50833-5D08-431C-BF62-491F93783EE1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3A11656B-F347-4914-B175-35FD0C43AFCB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {5470657B-9587-451F-A57A-B420B149C276} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {561C0CBA-6C8F-4377-9D7F-E4016E1A73C5} - System32\Tasks\AdobeGCInvoker-1.0-PC-User => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
Task: {5FD2876C-3393-42E6-93C6-A545D0F59F26} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd)
Task: {6DAA90B1-9480-42DB-AD3D-8A2079CFB355} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {71F7A6A8-36C2-4B64-8550-629CEEDA242E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-11-27] (Advanced Micro Devices, Inc.)
Task: {7C510792-7C42-4642-96CD-8B6968A04C30} - System32\Tasks\{FF830DDA-9335-4853-988C-D88E523A5BB6} => C:\Windows\system32\pcalua.exe -a D:\Lanceur.exe -d D:\
Task: {99D5DEC6-82DB-4A12-A862-4F6CB4F0994F} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {B787443D-42C9-4A87-9881-567DB27AAF06} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {C031DB97-C288-4209-B2E0-CB21FE57FA4C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd)
Task: {C17F1B2B-F5AB-4667-B1D8-5CE9135EFD6F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C833E2E9-EA2C-4318-ACDF-6C9D0244738C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)
Task: {D3F08A34-3560-468C-9180-D67C9D016867} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_161_pepper.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {D63CA1E3-0E31-4290-B4BD-D7B8D06BF792} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2018-01-14] ()
Task: {E8AB92A3-9EA0-4F6D-BAFD-7D41D1460125} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-01-20] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-04-10 16:46 - 2017-04-10 16:46 - 000076152 _____ () C:\Windows\system32\PnkBstrA.exe
2017-11-24 10:06 - 2017-11-13 15:46 - 000092368 _____ () C:\Users\User\AppData\Roaming\Seznam.cz\bin\27974libfoxloader-x64.dll
2016-06-10 01:41 - 2016-06-10 01:41 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2018-02-14 18:33 - 2018-02-10 05:39 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-02-14 18:33 - 2018-02-10 05:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-30 20:28 - 2018-01-30 20:34 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-30 20:28 - 2018-01-30 20:34 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-30 20:28 - 2018-01-30 20:34 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-30 20:28 - 2018-01-30 20:34 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll
2018-01-30 20:28 - 2018-01-30 20:34 - 000667136 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-09-20 12:41 - 2017-09-20 12:41 - 000015360 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2017-09-20 12:41 - 2017-09-20 12:41 - 002519040 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2017-05-14 14:45 - 2017-11-13 15:38 - 000506064 _____ () C:\Users\User\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2017-05-14 14:45 - 2017-02-08 12:39 - 000080576 _____ () C:\Users\User\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2010-02-08 13:48 - 2010-02-08 13:48 - 000192000 _____ () C:\Users\User\Documents\GIGABYTE\GHOST(8000X)\GHOSTOPEN.exe
2011-04-20 09:24 - 2011-04-20 09:24 - 000729088 _____ () C:\Users\User\Documents\GIGABYTE\GHOST(8000X)\Tilt.exe
2016-10-01 07:08 - 2016-10-01 07:08 - 031723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2018-02-02 14:08 - 2018-02-02 14:08 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-02-14 01:50 - 2018-02-13 05:25 - 004433752 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.167\libglesv2.dll
2018-02-14 01:50 - 2018-02-13 05:25 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.167\libegl.dll
2018-02-07 15:32 - 2018-02-07 15:33 - 001231536 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2017-12-15 21:45 - 2017-12-15 21:46 - 004307968 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-09-29 14:41 - 2017-09-29 14:41 - 000047616 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2018-02-14 18:33 - 2018-02-10 05:41 - 004173824 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2018-02-14 18:33 - 2018-02-10 05:41 - 003662336 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2017-05-14 14:45 - 2015-05-26 12:38 - 000862888 _____ () C:\Users\User\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2017-11-24 10:06 - 2017-11-13 15:49 - 000085200 _____ () C:\Users\User\AppData\Roaming\Seznam.cz\bin\27974libfoxloader.dll
2016-10-12 17:28 - 2016-10-12 17:28 - 040523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2016-10-12 01:08 - 2016-10-12 01:08 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-12 01:08 - 2016-10-12 01:08 - 000223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-10-12 01:08 - 2016-10-12 01:08 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-10-12 01:08 - 2016-10-12 01:08 - 000124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-12 20:11 - 2016-10-12 20:11 - 000098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-10-12 01:08 - 2016-10-12 01:08 - 000166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2014-06-12 10:40 - 2013-09-16 20:20 - 001242584 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [476]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3195211630-173149088-1011612179-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\Desktop\ae7tmeyfcjamdzrllatvxa.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "XboxStat"
HKU\S-1-5-21-3195211630-173149088-1011612179-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3195211630-173149088-1011612179-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3195211630-173149088-1011612179-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3195211630-173149088-1011612179-1001\...\StartupApproved\Run: => "Discord"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{52DFEF1E-4CA1-40D0-99AE-AE0E75B5BFEE}E:\rockstar games\gta v\gta5.exe] => (Allow) E:\rockstar games\gta v\gta5.exe
FirewallRules: [TCP Query User{8CD304F1-BA74-46D2-A899-6D48D0E8BD28}E:\rockstar games\gta v\gta5.exe] => (Allow) E:\rockstar games\gta v\gta5.exe
FirewallRules: [UDP Query User{2CFC7661-26A3-4D7D-BFCD-BF1F4686C48A}E:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) E:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{8DD72B4F-3B6B-4F9B-8E67-05478C288FE0}E:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) E:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{65987BF7-A743-402D-827B-8EB89295B3B3}] => (Allow) E:\Origin\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{F95EC8BC-CCC8-4E4B-9FE0-3E6AD80D821B}] => (Allow) E:\Origin\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{50949D69-4A65-4BCE-AB6B-487A1D03F06F}] => (Allow) E:\Origin\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{353F510F-C4B0-4DD1-93DB-85E4147F549B}] => (Allow) E:\Origin\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{1F190B8E-FCB6-4016-9ABA-B54F86946D88}] => (Allow) E:\Origin\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{7B70A6E1-BF24-4177-B46F-93E38FF69D78}] => (Allow) E:\Origin\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{F7923363-5F63-4AD4-B634-99F14C43AD71}] => (Allow) E:\Origin\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{B90D3CB5-8004-47DA-BE94-F102FD8C33AF}] => (Allow) E:\Origin\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [UDP Query User{7FE2D2B4-20C3-4B9B-8680-08752575728F}C:\quadcorem2\pack\core.bin] => (Allow) C:\quadcorem2\pack\core.bin
FirewallRules: [TCP Query User{7EF4F377-92EB-4F36-8B1F-96DAC0A2DAF1}C:\quadcorem2\pack\core.bin] => (Allow) C:\quadcorem2\pack\core.bin
FirewallRules: [{FC5E4D6D-1643-46A4-A22C-75B900CE5947}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{78A2309F-CEE7-484E-9FA4-EA9C579D26C4}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{E4658990-70C1-47C1-B820-79ECB6DD9092}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Capture Pro\Apowersoft Screen Capture Pro.exe
FirewallRules: [{98F6F794-5224-45AD-90A2-8BEA924F5008}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Capture Pro\Apowersoft Screen Capture Pro.exe
FirewallRules: [{1D9FD6DA-5E64-48CC-8327-A8D45F55D6E6}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{4F33EB29-6DAF-463E-A6F8-E01E61CC6746}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{4E8F41A6-28D2-4E47-A2B0-ECBF9880531B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{41019806-2785-4971-B138-CA9F0715B159}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [UDP Query User{082137C0-FC6E-4950-9DFB-747B406949D9}C:\program files (x86)\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{D8C08FC9-892A-4ADE-926F-77F36A76BF62}C:\program files (x86)\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{16CAACE2-2606-436B-8983-B69602D14266}E:\hry\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\hry\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{83E48667-258D-400E-AA6D-8D097398EE9F}E:\hry\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\hry\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{0D75A084-FC3B-420A-B1DE-A14607BE3593}] => (Allow) E:\Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{2048FC3C-97BE-4A0B-A7EF-98AE4323420F}] => (Allow) E:\Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [UDP Query User{7A086EF2-B2CD-4642-BFEA-4A0E0F9EC4EA}E:\steam\steamapps\common\sacred gold\gameserver.exe] => (Allow) E:\steam\steamapps\common\sacred gold\gameserver.exe
FirewallRules: [TCP Query User{8DFF5844-B28C-4218-AE8D-561A0E68DCA2}E:\steam\steamapps\common\sacred gold\gameserver.exe] => (Allow) E:\steam\steamapps\common\sacred gold\gameserver.exe
FirewallRules: [UDP Query User{D9C9C5C1-B059-4E37-941A-C1BE915526A8}E:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{1304303B-82B2-46AC-BE50-F817EAB42529}E:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{B1E1F6AB-0D3B-4D47-8829-13E2C22613A5}E:\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{03817442-A4B4-421A-B7B6-F3ED3B68FE9D}E:\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [{53FAE1C9-DBEC-4991-A871-0D2F465B08BC}] => (Allow) E:\Steam\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{3065A3DC-13F1-4D64-858D-E5F4F3FA7453}] => (Allow) E:\Steam\SteamApps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [UDP Query User{65D3C10D-95CB-44EA-8F33-74E9CA6C902B}E:\hry\total war - rome ii\rome2.exe] => (Allow) E:\hry\total war - rome ii\rome2.exe
FirewallRules: [TCP Query User{D552EC09-4BA1-4D24-A4BB-D5CCFCEA2AE2}E:\hry\total war - rome ii\rome2.exe] => (Allow) E:\hry\total war - rome ii\rome2.exe
FirewallRules: [{DEF77C77-00BC-493F-8711-4522C7252F9E}] => (Allow) E:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{19733655-ED22-4CFE-B02B-A64FB974DD7E}] => (Allow) E:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [UDP Query User{5B1320E6-A859-46E8-ADC7-01BB161AA5E7}E:\hry\crossout\launcher.exe] => (Allow) E:\hry\crossout\launcher.exe
FirewallRules: [TCP Query User{A3A1F2D9-D004-456E-BDEE-97BAC1E090F8}E:\hry\crossout\launcher.exe] => (Allow) E:\hry\crossout\launcher.exe
FirewallRules: [{C0D0BA2C-4095-45FD-99C4-E6CDCE36DD99}] => (Allow) E:\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{70F7A132-EDC7-4176-8F0A-083900A15549}] => (Allow) E:\Steam\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [UDP Query User{11B521A9-2503-466F-A1B9-E6BFD32200CD}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{CBA279C8-D39F-4227-B183-249A3350064C}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A3EBF624-C49D-4F50-ADE6-B7D1292EB080}] => (Allow) E:\Steam\SteamApps\common\Age of Mythology\aomx.exe
FirewallRules: [{7FA54EAE-FAB0-477E-BD9F-BA3B3C91C26D}] => (Allow) E:\Steam\SteamApps\common\Age of Mythology\aomx.exe
FirewallRules: [{5EA8E673-7CAC-43A4-A43E-E95E8B832438}] => (Allow) E:\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{8F65F642-363F-42E8-8635-25B726FA1EA5}] => (Allow) E:\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [UDP Query User{18533537-57CE-4667-99B2-EEF9BA95D308}E:\hry\farming simulator 17\dedicatedserver.exe] => (Allow) E:\hry\farming simulator 17\dedicatedserver.exe
FirewallRules: [TCP Query User{94C7A66D-C102-4D2E-985B-F6879FACBCFD}E:\hry\farming simulator 17\dedicatedserver.exe] => (Allow) E:\hry\farming simulator 17\dedicatedserver.exe
FirewallRules: [UDP Query User{AFA4CB76-AD91-4756-BA8C-1C9E87E49579}E:\hry\farming simulator 17\x64\farmingsimulator2017game.exe] => (Allow) E:\hry\farming simulator 17\x64\farmingsimulator2017game.exe
FirewallRules: [TCP Query User{7A4E26AC-A871-49EC-9D21-90D5704ED067}E:\hry\farming simulator 17\x64\farmingsimulator2017game.exe] => (Allow) E:\hry\farming simulator 17\x64\farmingsimulator2017game.exe
FirewallRules: [UDP Query User{570CDE13-F560-4588-8984-2BB3F0D1D803}E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe
FirewallRules: [TCP Query User{66B6D17D-9483-438E-ACA6-F0B63E4DE701}E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) E:\hry\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe
FirewallRules: [{C5E496B7-C36E-4F5A-8848-429BAA52653A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{9C08D0AE-4718-47DA-B2D0-999CF0CB5401}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{FB290578-288E-4A29-85A5-6464416E40D8}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{6AA19DAF-53E5-48A2-89F6-3F22EC2BB26A}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{99E38342-2407-4413-BAE5-C4612C359490}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D7B7C110-0471-4F61-B52B-43B51031DE6E}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{CA5DB6AD-6E76-4BF3-BBB3-BEB6646A3B89}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D3E5CB07-A766-480B-84D1-3D6BBAB72DA9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6145801E-FA8C-4A7F-BE75-824F6464EB58}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EC288180-A98C-4889-987E-C33D65533BD3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{62091171-051A-42BC-B235-5788E80B9815}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{55F63A8E-78BC-4275-B98C-EDAA8ACEC0BF}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{15233D21-38D0-4B17-8DF3-DEA042BFC897}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0ED92F6F-2657-4F6C-B545-5A0591D96DF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{C6AADD26-423B-4EB1-9E11-B0699EFD110B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{D199A3B7-1DAA-46DA-BD67-5A370BC57742}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [TCP Query User{7EC0F070-54B6-4EE2-BDBE-4CDA4C01EFA3}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{37EC94C2-BC96-4561-9367-AA10A5DDA809}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe
FirewallRules: [{99BDEDD7-4EB3-47FA-A8F8-6296E78F245B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{B3422C88-C18B-4E0E-964C-18DAAFA0B52A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{257006CF-B3DC-405F-B5AB-E198592C20A8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F93BD372-C225-4FB8-8CA1-546C839B387A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2AF272F0-FD29-4F64-A868-9E85C13D2793}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{DB704665-00C9-426C-A17F-A41DF30E6257}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{D51E604C-820D-4902-AFDC-95ED53A50B29}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{CD4FDA66-A424-437F-BE3F-5235EF0E63BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1184349B-D77E-4083-A157-C07DFF348AD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B7D1B5E8-4BE1-47F0-8C6B-963AD12C44CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{63A7660B-14A6-4B75-902D-D811A53C73E7}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{95B42111-D77A-482E-A2D0-A6B5AC8C0A45}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{F9BB5046-604D-4B97-8B57-D103B33D427A}C:\users\user\appdata\local\temp\wzs159e.tmp\scol_install\scolsetup.exe] => (Allow) C:\users\user\appdata\local\temp\wzs159e.tmp\scol_install\scolsetup.exe
FirewallRules: [UDP Query User{58F3767C-2B0C-4129-A05C-B73882ED30FA}C:\users\user\appdata\local\temp\wzs159e.tmp\scol_install\scolsetup.exe] => (Allow) C:\users\user\appdata\local\temp\wzs159e.tmp\scol_install\scolsetup.exe
FirewallRules: [{4C4AB6B2-AE49-48E7-B052-C2E32BEE924F}] => (Allow) E:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{6F55B239-72F2-4109-AA1F-6262EB13EF1E}] => (Allow) E:\SteamLibrary\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [TCP Query User{85EC246E-5181-47C6-A412-1813B2C7380B}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{4ACDFA59-B6DE-4404-A544-A9251860F651}C:\users\user\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\user\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{F48C18D6-9DFA-4425-9980-AC2E8252CC0B}C:\program files (x86)\scol\usmwin.exe] => (Allow) C:\program files (x86)\scol\usmwin.exe
FirewallRules: [UDP Query User{C6B6DF94-7FE7-41B1-AACA-309EDEACC2FB}C:\program files (x86)\scol\usmwin.exe] => (Allow) C:\program files (x86)\scol\usmwin.exe
FirewallRules: [{F0337E2B-23E9-4FBF-96E8-3A37E3A9DC09}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CB79565E-1561-4878-96E9-25AFE41C9A5A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{4BDEAD36-9332-4597-91E8-F6D3D61523AF}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{4277C8AF-709D-4014-9025-0486F69364FC}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{4E95944E-C602-472C-BD96-9666F4FC7637}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{402A4462-F416-4B71-8F75-F0F54576EC85}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{2C0C1699-073A-452D-AE70-C0985B9F25D7}E:\battle.net games\hearthstone\hearthstone.exe] => (Allow) E:\battle.net games\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{A2DBEEC8-6C90-4FF1-B203-2E1CD8B25BB2}E:\battle.net games\hearthstone\hearthstone.exe] => (Allow) E:\battle.net games\hearthstone\hearthstone.exe
FirewallRules: [{E788BFFF-B1C6-409D-8800-BCA9042D9576}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B40A5632-B432-48F5-9398-4EA04BF73C8D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3E2777B8-3EBA-47A2-A7FC-56D6BAF377A6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6BBB00B2-5295-46C8-9DA1-A2CB8DA9484D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6E60C7D5-A9CA-4E65-8892-D5BB7A47937C}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{A1266AB0-18F4-4E9D-93B5-E093B6BEF664}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{1CFB30F2-E7D6-460C-8B44-9351B208D507}] => (Allow) E:\Steam\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{2B76835E-E090-48F1-871F-EDF58E77D39A}] => (Allow) E:\Steam\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{E9712B8E-6875-4EEB-AE42-9539E907AA3D}] => (Allow) E:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{7E5C74D2-6B23-4586-B11B-1AB837CE341F}] => (Allow) E:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F55810D9-5AB0-421B-84BB-630EE872900F}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1BD57513-F5B1-4F27-89F0-2BBD1C1C52E9}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{35D485DA-CB65-4DAE-9BEA-82C2C694E4C1}E:\origin\origin games\battlefield 4\bf4.exe] => (Allow) E:\origin\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{C2D52F25-D42B-4C86-B6A9-4720D94BA5D5}E:\origin\origin games\battlefield 4\bf4.exe] => (Allow) E:\origin\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{C2104E19-5DCE-4322-A64B-E104D90C613B}E:\battle.net games\diablo iii\x64\diablo iii64.exe] => (Allow) E:\battle.net games\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{F31AF67F-C113-4495-BD87-EAC6B0D75D58}E:\battle.net games\diablo iii\x64\diablo iii64.exe] => (Allow) E:\battle.net games\diablo iii\x64\diablo iii64.exe
FirewallRules: [TCP Query User{5D1368BB-A0C5-4241-8FAB-90FEC360ED3E}C:\users\user\appdata\local\temp\i1492069866\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\user\appdata\local\temp\i1492069866\windows\resource\jre\bin\javaw.exe
FirewallRules: [UDP Query User{5CC2C158-60F1-4A14-BCFE-77F85817A69F}C:\users\user\appdata\local\temp\i1492069866\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\user\appdata\local\temp\i1492069866\windows\resource\jre\bin\javaw.exe
FirewallRules: [{129B6FAD-CAFD-4BAB-A7C7-15FF2B508118}] => (Allow) E:\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{D1994B55-238A-4E0D-A92D-D1E3955A0F35}] => (Allow) E:\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [TCP Query User{877448D1-4808-485E-B030-501B50E27A62}E:\battle.net games\overwatch\overwatch.exe] => (Allow) E:\battle.net games\overwatch\overwatch.exe
FirewallRules: [UDP Query User{D9AFB505-D3B0-4CF1-ACF6-DD6C67F8EFDC}E:\battle.net games\overwatch\overwatch.exe] => (Allow) E:\battle.net games\overwatch\overwatch.exe
FirewallRules: [TCP Query User{BB93806E-1201-4DE7-BCF8-4AD85284F627}E:\steam\steamapps\common\lms\launcher.exe.new.exe] => (Allow) E:\steam\steamapps\common\lms\launcher.exe.new.exe
FirewallRules: [UDP Query User{0586BC3F-F979-4E28-9491-B92CC214D45C}E:\steam\steamapps\common\lms\launcher.exe.new.exe] => (Allow) E:\steam\steamapps\common\lms\launcher.exe.new.exe
FirewallRules: [TCP Query User{5EFE2B97-2339-4B9D-932D-EE4F1EF74DA4}E:\steam\steamapps\common\lms\lms.exe] => (Allow) E:\steam\steamapps\common\lms\lms.exe
FirewallRules: [UDP Query User{714BAD71-73A4-468D-AB6D-A74183A35942}E:\steam\steamapps\common\lms\lms.exe] => (Allow) E:\steam\steamapps\common\lms\lms.exe
FirewallRules: [{B801453F-9F7F-44DA-AAC2-A60BC4626CC3}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1E4534A5-8BA3-475B-B769-5163195FB984}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{B35EEA9A-897D-4526-B875-0EA7A178203A}E:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) E:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{37D7AAD7-81F2-4B96-AA8E-60D65498E375}E:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) E:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{4CC1AFEA-6E31-48A1-AA28-267104B21FA8}C:\program files (x86)\scol\scolsetup.exe] => (Allow) C:\program files (x86)\scol\scolsetup.exe
FirewallRules: [UDP Query User{7F8C64CD-2B74-4EE6-B775-FBE774C02CEC}C:\program files (x86)\scol\scolsetup.exe] => (Allow) C:\program files (x86)\scol\scolsetup.exe
FirewallRules: [{CA6B90C0-ECC6-4EED-A4A9-F562ADAB61AB}] => (Allow) LPort=9143
FirewallRules: [{3DE0F6C3-E8FD-4228-B10A-D2A57C8A7EBA}] => (Allow) LPort=2333
FirewallRules: [TCP Query User{C66C5E6D-69DF-418E-880D-6C481A585A18}E:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{00704600-9B64-49CF-BC52-A65973FC3855}E:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{6CCE1E60-15D7-49E2-880C-B9F0FEB4A573}E:\hry\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\hry\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{018D5B78-FBC0-45F4-959B-242C55A17292}E:\hry\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\hry\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{350E0094-FDA1-46E7-9879-FED5FCD64516}] => (Allow) E:\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{9B608AFD-110D-43CA-9FC0-0E26EBA1EE7C}] => (Allow) E:\Steam\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{A21D52F2-0AC9-4B9E-8722-CA53BD06FC41}] => (Block) e:\Programy\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{D46066EE-F308-4BFD-96B4-890DA8106C48}] => (Block) e:\Programy\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe
FirewallRules: [{8102CC88-04B1-4401-8DD6-A431A39193EE}] => (Allow) E:\Programy\Microsoft office\Office16\lync.exe
FirewallRules: [{5AC4CACE-4769-4DDB-85B1-152871FA88CD}] => (Allow) E:\Programy\Microsoft office\Office16\lync.exe
FirewallRules: [{CC27F3A6-EC96-4A0C-95A9-7AE989A2215C}] => (Allow) E:\Programy\Microsoft office\Office16\UcMapi.exe
FirewallRules: [{40539296-0832-45C4-A993-FF019BCF038E}] => (Allow) E:\Programy\Microsoft office\Office16\UcMapi.exe
FirewallRules: [{08317917-19DB-484D-8DCE-B3CD98ABE12F}] => (Allow) E:\Programy\Microsoft office\Office16\outlook.exe
FirewallRules: [{7532E649-4CE3-47CC-A60D-9456FEBA2065}] => (Allow) E:\Steam\SteamApps\common\Rebuild Gangs of Deadsville\game\Rebuild3.exe
FirewallRules: [{072C6E1B-88A6-43E1-A910-57C4EE90E588}] => (Allow) E:\Steam\SteamApps\common\Rebuild Gangs of Deadsville\game\Rebuild3.exe
FirewallRules: [{3858EE79-12F9-47F8-A526-02909806B632}] => (Allow) E:\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{3A021EF2-145D-4DED-9386-8B89A9AB6492}] => (Allow) E:\Steam\SteamApps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{6BB2C860-B120-4D79-8D67-20B016C267D4}] => (Allow) E:\Steam\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{80F94602-7A2A-4D7E-AFFB-35A5468D912C}] => (Allow) E:\Steam\SteamApps\common\This War of Mine\Storyteller.exe
FirewallRules: [{5FAE91EC-217A-4211-866A-799035FA4B70}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/16/2018 02:23:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x2e50
Čas spuštění chybující aplikace: 0x01d3a72957f20066
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: 2172a420-9ef8-4231-bf20-5aa87d370616
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (02/16/2018 02:06:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x2340
Čas spuštění chybující aplikace: 0x01d3a726f89c2fa7
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: 82386852-de9e-4e5d-b405-872e437b40b4
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (02/16/2018 02:04:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x1dd4
Čas spuštění chybující aplikace: 0x01d3a726ae7486cc
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: a4ff6834-3921-459c-a5f2-88f255311b57
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (02/14/2018 09:42:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program dota2.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1a24

Čas spuštění: 01d3a5d459b5114f

Čas ukončení: 17

Cesta k aplikaci: E:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe

ID hlášení: 66b93c52-8021-40e9-a362-dc6f728dddd0

Úplný název balíčku s chybou: 

ID aplikace související s balíčkem s chybou:

Error: (02/14/2018 08:38:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x00000000
Posun chyby: 0x0000000000000000
ID chybujícího procesu: 0x980
Čas spuštění chybující aplikace: 0x01d3a5cb448bf6b4
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: da50f9e4-9b98-4921-b04a-ec66307c3258
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (02/14/2018 06:37:30 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: Sběr dat čítače výkonu od služby Outlook byl vypnut z důvodu jedné nebo více chyb generovaných knihovnou čítače výkonu pro tuto službu. Chyby, které vyvolaly tuto akci, byly zapsány do protokolu událostí aplikace. Opravte tyto chyby před novým zapnutím čítačů výkonu pro tuto službu.

Error: (02/14/2018 06:37:30 PM) (Source: Perflib) (EventID: 1021) (User: )
Description: Systém Windows nemůže otevřít 32bitovou knihovnu DLL rozšiřitelných čítačů Outlook v 64bitovém prostředí. Vyžádejte si od prodejce souboru 64bitovou verzi, popřípadě můžete 32bitovou knihovnu DLL rozšiřujících čítačů otevřít pomocí 32bitové verze nástroje Sledování výkonu. Jestliže chcete použít tento nástroj, otevřete složku systému Windows, otevřete složku Syswow64 a spusťte program Perfmon.exe.

Error: (02/14/2018 06:37:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.


System errors:
=============
Error: (02/16/2018 06:54:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby: 
Načtení tohoto ovladače je blokováno.

Error: (02/16/2018 06:54:22 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys

Error: (02/16/2018 06:54:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby: 
Načtení tohoto ovladače je blokováno.

Error: (02/16/2018 06:54:21 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys

Error: (02/16/2018 06:54:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby: 
Načtení tohoto ovladače je blokováno.

Error: (02/16/2018 06:54:21 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys

Error: (02/16/2018 06:54:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby: 
Načtení tohoto ovladače je blokováno.

Error: (02/16/2018 06:54:21 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys


Windows Defender:
===================================
Date: 2018-02-16 19:37:04.607
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Dynamer!ac&threatid=2147684005&enterprise=0
Název: Trojan:Win32/Dynamer!ac
ID: 2147684005
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\User\Downloads\FRSTLauncher.exe;webfile:_C:\Users\User\Downloads\FRSTLauncher.exe|http://viry.xf.cz/pro_usery/FRSTLauncher.exe|chrome.exe
Původ zjišťování: Internet
Typ zjišťování: FastPath
Zdroj zjišťování: Soubory ke stažení a přílohy
Uživatel: PC\User
Název procesu: Unknown
Verze podpisu: AV: 1.261.1280.0, AS: 1.261.1280.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14500.5, NIS: 2.1.14202.0

Date: 2018-02-16 18:44:21.043
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Worm:JS/Bondat!lnk&threatid=2147689883&enterprise=0
Název: Worm:JS/Bondat!lnk
ID: 2147689883
Závažnost: Vážné
Kategorie: Červ
Cesta: file:_G:\Rozloučení.lnk;file:_G:\System Volume Information.lnk
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: PC\User
Název procesu: C:\Windows\System32\wscript.exe
Verze podpisu: AV: 1.261.1280.0, AS: 1.261.1280.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14500.5, NIS: 2.1.14202.0

Date: 2018-02-16 18:44:18.853
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Worm:JS/Bondat!lnk&threatid=2147689883&enterprise=0
Název: Worm:JS/Bondat!lnk
ID: 2147689883
Závažnost: Vážné
Kategorie: Červ
Cesta: file:_G:\Rozloučení.lnk;file:_G:\System Volume Information.lnk
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: PC\User
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.261.1280.0, AS: 1.261.1280.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14500.5, NIS: 2.1.14202.0

Date: 2018-02-16 18:15:23.761
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Worm:JS/Bondat!lnk&threatid=2147689883&enterprise=0
Název: Worm:JS/Bondat!lnk
ID: 2147689883
Závažnost: Vážné
Kategorie: Červ
Cesta: file:_G:\Rozloučení.lnk;file:_G:\System Volume Information.lnk
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: PC\User
Název procesu: C:\Windows\System32\wscript.exe
Verze podpisu: AV: 1.261.1280.0, AS: 1.261.1280.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14500.5, NIS: 2.1.14202.0

Date: 2018-02-16 18:07:29.892
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Worm:JS/Bondat!lnk&threatid=2147689883&enterprise=0
Název: Worm:JS/Bondat!lnk
ID: 2147689883
Závažnost: Vážné
Kategorie: Červ
Cesta: file:_G:\Rozloučení.lnk;file:_G:\System Volume Information.lnk
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: PC\User
Název procesu: C:\Windows\System32\wscript.exe
Verze podpisu: AV: 1.261.1280.0, AS: 1.261.1280.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14500.5, NIS: 2.1.14202.0

CodeIntegrity:
===================================

Date: 2018-02-16 19:03:34.740
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 30%
Total physical RAM: 12231.99 MB
Available physical RAM: 8529.18 MB
Total Virtual: 21959.99 MB
Available Virtual: 17525.97 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.45 GB) (Free:44.46 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:275.89 GB) NTFS
Drive f: (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.08 GB) NTFS ==>[system with boot components (obtained from drive)]


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 18C8F0A5)
Partition 1: (Not Active) - (Size=993 KB) - (Type=42)
Partition 2: (Active) - (Size=350 MB) - (Type=42)
Partition 3: (Not Active) - (Size=118.4 GB) - (Type=42)
Partition 4: (Not Active) - (Size=462 MB) - (Type=42)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 811F7B8A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================